PC sous Vista qui rame et qui fige régulièrement !

Bonjour,

J'ai un PC assez performant et récent qui marchait très bien depuis le mois d
Septembre 2008. Depuis environ 8 jours, il n'arrête pas de se figer aléatoirement (notamment avec Live Messenger, et parfois d'autres...) : aucune autre solution que de redémarrer le PC avec le bouton physique (CTRL+ALT+SUP ne marche plus à ce moment là)....

Je me demande si je n'ai pas chopé un virus ou alors je ne sais pas ce qui cloche, mais ça n'était jamais arrivé avant.

Qui pourrait m'aider à y voir un peu plus clair, à faire le ménage, etc... j'ai bien vu que HiJackThis était le point de départ, mais je ne m'y connais pas trop.

Merci par avance à qui me donnera un coup de main et m'aidera à résoudre ce qui me mine depuis une grosse semaine. Help !!!

A bientot j'espere

Salut sebjan


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Merci beaucoup de ta réponse !!!

Alors voila le premier rapport (log.txt) :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Sebastien at 2009-02-20 11:21:59
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 340 GB (73%) free of 467 GB
Total RAM: 3069 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:01, on 20/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\mHotkey.exe
C:\Windows\CDCtr.exe
C:\Windows\ModHidKey.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Packard Bell\TVenhance\TVEService.exe
C:\Windows\ehome\ehtray.exe
C:\Media\Palm\Hotsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sebastien\Desktop\RSIT.exe
C:\Outils\Trend Micro\HijackThis\Sebastien.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&p(...)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&p(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&p(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LchMHotkey] LchMHKey.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HotSync] "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [TVEService] "C:\Program Files\Packard Bell\TVenhance\TVEService.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [East-Tec Eraser 2008] "C:\Outils\East-Tec Eraser 2008\etsecureerase.exe" "/R:C:\Users\Sebastien\AppData\Roaming\EAST Technologies\East-Tec Eraser"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: is-PP866.lnk = C:\Outils\Virus Removal Tool\is-PP866\startup.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Media\Palm\Hotsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i58(...)
O16 - DPF: {BA2CB6B1-03EE-4068-87CC-F5E4DD772A9B} (CCAOControl Object) - https://extranet.isyfoot.fr/CitrixLogonPoint/isyFoot/EPAClient/CitrixCAO.cab
O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader4.cab?20090216063935
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Modem\AdAware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Packard Bell\TVenhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Packard Bell\TVenhance\Kernel\TV\TVESched.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10161 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-01 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-04 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-04 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-20 4493312]
"LchMHotkey"=C:\Windows\LchMHKey.exe [2007-01-22 36864]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-07-06 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-07-06 8466432]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-07-06 81920]
"OmniPass"=C:\Program Files\Softex\OmniPass\scureapp.exe [2007-10-02 2560000]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"HotSync"=C:\Program Files\PalmSource\Desktop\HotSync.exe -AllUsers []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-04 136600]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdc.exe [2007-01-24 563080]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
"TVEService"=C:\Program Files\Packard Bell\TVenhance\TVEService.exe [2007-11-21 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"East-Tec Eraser 2008"=C:\Outils\East-Tec Eraser 2008\etsecureerase.exe [2007-11-21 866408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HotSync Manager.lnk - C:\Media\Palm\Hotsync.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Sebastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
is-PP866.lnk - C:\Outils\Virus Removal Tool\is-PP866\startup.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Modem\BitTorrent\bittorrent.exe"="C:\Modem\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28c6694a-bc28-11dd-868a-0060b3b143a5}]
shell\AutoRun\command - L:\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89f2161e-2f72-11dd-8866-806e6f6e6963}]
shell\AutoRun\command - F:\Autorun.exe


======List of files/folders created in the last 1 months======

2009-02-20 11:19:58 ----D---- C:\rsit
2009-02-20 01:26:08 ----D---- C:\ProgramData\is-PP866
2009-02-19 23:19:05 ----A---- C:\Windows\ntbtlog.txt
2009-02-15 20:38:14 ----D---- C:\Program Files\Microsoft
2009-02-15 20:29:43 ----SHD---- C:\Config.Msi
2009-02-15 19:42:35 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 19:42:34 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-15 16:36:11 ----SHD---- C:\found.000
2009-02-11 20:41:11 ----A---- C:\Windows\system32\mshtml.dll
2009-02-11 20:41:10 ----A---- C:\Windows\system32\ieframe.dll
2009-02-11 20:41:09 ----A---- C:\Windows\system32\urlmon.dll
2009-02-11 20:41:08 ----A---- C:\Windows\system32\wininet.dll
2009-02-11 20:41:08 ----A---- C:\Windows\system32\mstime.dll
2009-02-11 20:41:08 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-11 20:41:08 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-11 20:41:08 ----A---- C:\Windows\system32\iertutil.dll
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll

======List of files/folders modified in the last 1 months======

2009-02-20 11:22:00 ----D---- C:\Windows\Temp
2009-02-20 01:52:11 ----D---- C:\Outils
2009-02-20 01:33:57 ----AD---- C:\Windows\system32\drivers
2009-02-20 01:26:08 ----HD---- C:\ProgramData
2009-02-20 01:06:56 ----AD---- C:\ProgramData\TEMP
2009-02-20 01:06:44 ----SHD---- C:\System Volume Information
2009-02-20 00:52:03 ----A---- C:\Windows\NeroDigital.ini
2009-02-20 00:29:46 ----D---- C:\Windows\inf
2009-02-20 00:29:46 ----AD---- C:\Windows\System32
2009-02-20 00:29:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-19 23:19:05 ----D---- C:\Windows
2009-02-19 23:07:11 ----D---- C:\Users\Sebastien\AppData\Roaming\DNA
2009-02-19 01:27:14 ----D---- C:\Program Files\DNA
2009-02-17 00:04:42 ----SD---- C:\Windows\Downloaded Program Files
2009-02-16 15:13:01 ----D---- C:\Windows\Microsoft.NET
2009-02-16 15:12:49 ----RSD---- C:\Windows\assembly
2009-02-16 15:05:04 ----D---- C:\Windows\ehome
2009-02-16 09:52:33 ----D---- C:\Windows\winsxs
2009-02-15 22:35:24 ----D---- C:\Windows\prefetch
2009-02-15 20:47:36 ----D---- C:\Program Files\Messenger Plus! Live
2009-02-15 20:44:31 ----D---- C:\Windows\system32\catroot2
2009-02-15 20:38:29 ----SHD---- C:\Windows\Installer
2009-02-15 20:38:14 ----RD---- C:\Program Files
2009-02-15 20:38:04 ----D---- C:\Program Files\Common Files\microsoft shared
2009-02-15 20:37:46 ----D---- C:\Program Files\Windows Live
2009-02-15 19:41:08 ----D---- C:\Windows\system32\catroot
2009-02-15 19:22:55 ----D---- C:\Windows\system32\wbem
2009-02-15 19:21:11 ----D---- C:\Windows\system32\config
2009-02-15 19:20:55 ----D---- C:\Windows\Tasks
2009-02-15 19:20:55 ----D---- C:\Windows\system32\spool
2009-02-15 19:20:51 ----D---- C:\ProgramData\HP Product Assistant
2009-02-15 19:20:50 ----D---- C:\Windows\registration
2009-02-15 16:41:01 ----D---- C:\Windows\Minidump
2009-02-13 20:52:51 ----D---- C:\Mes Documents
2009-02-12 03:01:21 ----D---- C:\ProgramData\Microsoft Help
2009-02-12 03:00:46 ----D---- C:\Program Files\Windows Mail
2009-02-05 22:11:35 ----A---- C:\Windows\system32\aswBoot.exe
2009-02-05 00:56:02 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-31 12:22:34 ----D---- C:\Program Files\WinRAR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 is-PP866drv;is-PP866drv; C:\Windows\system32\DRIVERS\95187250.sys [2008-07-08 148496]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-01-16 1116800]
R3 ATSWPDRV;(****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-10-02 144776]
R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-22 1788056]
R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-06 7568832]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\Windows\system32\DRIVERS\WlanUIG.sys [2005-06-17 379456]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2004-04-14 44064]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PalmUSBD;PalmUSBD; C:\Windows\system32\drivers\PalmUSBD.sys [2007-12-04 16640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 utqwmzmy;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utqwmzmy.sys []
S3 winusb;Service WinUSB; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-21 31616]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000); C:\Windows\system32\drivers\flmckusb.sys [2006-07-27 69810]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Modem\AdAware\aawservice.exe [2008-08-16 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 omniserv;Softex OmniPass Service; C:\Program Files\Softex\OmniPass\OmniServ.exe [2007-10-02 40960]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-11-21 262247]
R2 SrvCDEject;SrvCDEject; C:\Program Files\Packard Bell\SrvCDEject.exe [2007-09-07 600064]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Program Files\Packard Bell\TVenhance\Kernel\TV\TVECapSvc.exe [2007-11-21 290909]
R2 TVESched;TVEnhance Task Scheduler (TTS)); C:\Program Files\Packard Bell\TVenhance\Kernel\TV\TVESched.exe [2007-11-21 114779]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-21 33800]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-17 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-07-10 532264]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

Et le second (info.txt) :


info.txt logfile of random's system information tool 1.05 2009-02-20 11:20:03

======Uninstall list======

-->C:\Media\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{9802AB7D-9BB2-4FC9-A9B6-681696F1E2DA}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
Apple Mobile Device Support-->MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ArbeFavIcons-->C:\Modem\ArbeFavIcons\uninstall.exe
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATNavigation-->MsiExec.exe /I{C0586BF2-A157-43F9-B359-AC0063AF902B}
AuthenTec Windows Fingerprint Software-->MsiExec.exe /I{D0E050FB-A999-4595-A60C-0001CED37EDF}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Beijing 2008-->"C:\Program Files\InstallShield Installation Information\{2076B142-10FA-4536-B488-3FDCBB1013D3}\setup.exe" -runfromtemp -l0x040c -removeonly
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
Buildalot 2 Town Of The Year-->"C:\Jeux\Buildalot 2\ReflexiveArcade\unins000.exe"
Celtx (1.0)-->C:\Program Files\Celtx\uninstall\helper.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Client Web MetaFrame Presentation Server pour Win32-->C:\Windows\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Cyberlink TvEnhance-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *TVEnhance*
CyberScrub-->C:\Outils\CYBERS~1\UNWISE.EXE C:\Outils\CYBERS~1\INSTALL.LOG
Delivery-->"C:\Users\Sebastien\AppData\Roaming\Delivery\uninst.exe"
DivX Codec-->C:\Media\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Media\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Media\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Media\DivX\DivXWebPlayerUninstall.exe /PLUGIN
East-Tec Eraser 2008 Version 8.8-->"C:\Outils\East-Tec Eraser 2008\unins000.exe"
eMule-->"C:\Modem\eMule\Uninstall.exe"
FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
Firefox-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FirefoxFR*
FTP Expert 3-->C:\Windows\iun6002.exe "C:\Modem\Visicom Media\FTP Expert 3\irunin.ini"
Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /I{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
HijackThis 2.0.2-->"C:\Outils\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
Indiana Jones and the Emperors Tomb-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DBF3265-57F1-4D8A-87EA-332B2A669BDE}\Setup.exe" -l0x40c
Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
Inst5657-->MsiExec.exe /I{FEDE400D-3381-4087-ACCB-689DD8A56123}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Keyboard Hotkey V1.04-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Piano_Hotkey*
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x40c
LucasArts' Monkey 4-->C:\Windows\uninst.exe -f"C:\Jeux\Monkey 4\Install\DeIsL1.isu" -c"C:\Jeux\Monkey 4\Install\LecSetup.dll"
Matroska Playback Pack-->C:\Media\Matroska Playback Pack\uninstall.exe
MCE Software Encoder 1.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
Mes Vacances en Photo-->"C:\Media\Mes Vacances en Photo\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Microsoft® Office Trial 2007-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFF2k7_FR*
Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{CB8CA439-DA83-419C-A4CF-5A0A50025144}
MKVtoolnix 2.2.0-->C:\Media\MKVtoolnix\uninst.exe
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Movie Collection 5.4.9.0-->"C:\Media\Movie Collection\unins000.exe"
Mozilla Firefox (2.0.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NAVIGON Fresh 1.4.6-->C:\Program Files\NAVIGON\NAVIGON Fresh\uninst.exe
Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OmniPass 5.00.83-->C:\Program Files\InstallShield Installation Information\{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}\setup.exe -runfromtemp -l0x040c -removeonly
Omnipass 5-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OMNIPASS*
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
Packard Bell Piano Keyboard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6DEBC7EA-AB26-4980-9DE0-DFD882E41A63}\Setup.exe" -l0x40c
Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Palm Desktop by ACCESS-->MsiExec.exe /X{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2*
QuickTime Alternative 2.6.0-->"C:\Media\QuickTime Alternative\unins000.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek HD Audio V6.0.1.5436-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Sam & Max - Culture Shock 1.0-->C:\Jeux\Sam and Max\Sam and Max - Episode 101\Uninstall Sam & Max - Culture Shock.exe
Sam & Max Season 1-->MsiExec.exe /I{F20AE04A-3FDC-4A14-A90B-85DEE2812030}
Sam and Max - Abe Lincoln Must Die 1.0-->C:\Jeux\Sam and Max\Sam and Max - Episode 104\Uninstall Sam and Max - Abe Lincoln Must Die.exe
Sam and Max - Reality 2.0 1.0-->C:\Jeux\Sam and Max\Sam and Max - Episode 105\Uninstall Sam and Max - Reality 2.0.exe
Sam and Max - Season One - Sam and Max Episode 106 - Bright Side of the Moon-->C:\Jeux\Sam and Max\Sam and Max - Episode 105\Uninstall Episode 106 - Bright Side of the Moon.exe
Sam and Max - Season Two - Sam and Max Episode 201 - Ice Station Santa-->C:\Jeux\Sam and Max\Sam and Max - Episode 201\Uninstall Episode 201 - Ice Station Santa.exe
Sam and Max - Season Two - Sam and Max Episode 202 - Moai Better Blues-->C:\Jeux\Sam and Max\Sam and Max - Episode 102\Uninstall Episode 202 - Moai Better Blues.exe
Sam and Max - Season Two - Sam and Max Episode 203 - Night of the Raving Dead-->C:\Jeux\Sam and Max\Sam and Max - Episode 203\Uninstall Episode 203 - Night of the Raving Dead.exe
Sam and Max - Season Two - Sam and Max Episode 204 - Chariots of the Dogs-->C:\Jeux\Sam and Max\Sam and Max - Episode 4\Uninstall Episode 204 - Chariots of the Dogs.exe
Sam and Max - Season Two - Sam and Max Episode 205 - What's New, Beelzebub?-->C:\Jeux\Sam and Max\Sam and Max - Episode 5\Uninstall Episode 205 - What's New, Beelzebub.exe
Sam and Max - Situation Comedy 1.0-->C:\Jeux\Sam and Max\Sam and Max - Episode 102\Uninstall Sam and Max - Situation Comedy.exe
Sam and Max - The Mole, The Mob and the Meatball 1.0-->C:\Jeux\Sam and Max\Sam and Max - Episode 3\Uninstall Sam and Max - The Mole, The Mob and the Meatball.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
Skype 3.6.2.248-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sothink FLV Player-->"C:\Program Files\Common Files\SourceTec\Sothink FLV Player\unins000.exe"
The Da Vinci Code-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{851367C1-2F9F-4087-B3E8-8DECFE328370}\setup.exe" -l0x40c -removeonly
The Secrets of Da Vinci-->C:\Jeux\The Secrets of Da Vinci\Uninstall.exe
TV Enhance-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\Setup.exe" -uninstall
TVTUNER-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *TVTUNER*
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Video NVIDIA v162.22-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA*
VideoLAN VLC media player 0.8.6f-->C:\Media\VideoLAN\VLC\uninstall.exe
WinAVI Video Converter 8.0-->"C:\Media\WinAVI Video Converter\unins000.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
X10 Hardware(TM)-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

======Security center information======

AV: avast! antivirus 4.8.1282 [VPS 081118-0]
AS: Windows Defender
AS: avast! antivirus 4.8.1282 [VPS 081118-0]

System event log

Computer Name: PCdeSebastien
Event Code: 1
Message: Le système est sorti de la veille.

Heure de veille : 2009-02-20T00:56:28.326Z
Heure de réveil : 2009-02-20T10:10:53.265Z

Source du réveil : Inconnu
Record Number: 43455
Source Name: Microsoft-Windows-Power-Troubleshooter
Time Written: 20090220101100.051600-000
Event Type: Information
User: AUTORITE NT\SERVICE LOCAL

Computer Name: PCdeSebastien
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 43456
Source Name: Service Control Manager
Time Written: 20090220101106.000000-000
Event Type: Information
User:

Computer Name: PCdeSebastien
Event Code: 7036
Message: Le service Acquisition d'image Windows (WIA) est entré dans l'état : en cours d'exécution.
Record Number: 43457
Source Name: Service Control Manager
Time Written: 20090220101116.000000-000
Event Type: Information
User:

Computer Name: PCdeSebastien
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 43458
Source Name: Service Control Manager
Time Written: 20090220101132.000000-000
Event Type: Information
User:

Computer Name: PCdeSebastien
Event Code: 1001
Message: L’analyse Windows Defender a terminé.
ID de l’analyse : {5A8BA729-075B-4608-91A5-68A6F5D7D745}
Type de l’analyse : Logiciel anti-espion
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Heure de l’analyse : 9:21:37
Record Number: 43459
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090220101557.000000-000
Event Type: Information
User:

Application event log

Computer Name: PCdeSebastien
Event Code: 1002
Message: Le programme iexplore.exe version 7.0.6001.18000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1ed0 Heure de début : 01c992f423a49550 Heure de fin : 31
Record Number: 16751
Source Name: Application Hang
Time Written: 20090220004309.000000-000
Event Type: Erreur
User:

Computer Name: PCdeSebastien
Event Code: 102
Message: WinMail (6828) WindowsMail0: Le moteur de la base de données (6.00.6001.0000) a démarré une nouvelle instance (0).
Record Number: 16752
Source Name: ESENT
Time Written: 20090220005516.000000-000
Event Type: Information
User:

Computer Name: PCdeSebastien
Event Code: 103
Message: WinMail (6828) WindowsMail0: Le moteur de la base de données a arrêté l'instance (0).
Record Number: 16753
Source Name: ESENT
Time Written: 20090220005622.000000-000
Event Type: Information
User:

Computer Name: PCdeSebastien
Event Code: 102
Message: WinMail (5496) WindowsMail0: Le moteur de la base de données (6.00.6001.0000) a démarré une nouvelle instance (0).
Record Number: 16754
Source Name: ESENT
Time Written: 20090220101131.000000-000
Event Type: Information
User:

Computer Name: PCdeSebastien
Event Code: 103
Message: WinMail (5496) WindowsMail0: Le moteur de la base de données a arrêté l'instance (0).
Record Number: 16755
Source Name: ESENT
Time Written: 20090220102025.000000-000
Event Type: Information
User:

Security event log

Computer Name: PCdeSebastien
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 19080
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090220102000.234600-000
Event Type: Échec de l'audit
User:

Computer Name: PCdeSebastien
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 19081
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090220102000.250200-000
Event Type: Échec de l'audit
User:

Computer Name: PCdeSebastien
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 19082
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090220102000.265800-000
Event Type: Échec de l'audit
User:

Computer Name: PCdeSebastien
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 19083
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090220102000.297000-000
Event Type: Échec de l'audit
User:

Computer Name: PCdeSebastien
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 19084
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090220102000.312600-000
Event Type: Échec de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Softex\OmniPass;C:\Modem\Samsung\Samsung PC Studio 3
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"NUMBER_OF_PROCESSORS"=4
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE

-----------------EOF-----------------

Salut sebjan


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Merci beaucoup ! Apparemment le probleme ne vient pas de là.
Voici le rapport :


Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1780
Windows 6.0.6001 Service Pack 1

20/02/2009 15:48:02
mbam-log-2009-02-20 (15-48-02).txt

Type de recherche: Examen complet (C:\|D:\|M:\|N:\|)
Eléments examinés: 301814
Temps écoulé: 46 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Je complète d'un élément : une des manifestations les plus courantes de mon ordi, c'est que quand je le laisse allumé sans rien faire dessus pendant une heure ou plus, quand je retourne dessus il est figé (la souris bouge, mais rien de répond) et je suis obligé de l'éteindre physiquement.
Enigme....

Salut sebjan


Connais-tu ce programme :
C:\Outils\Virus Removal Tool\is-PP866\startup.exe


@++

Hello,
Alors je dirais....non...
Je crois que c etait un truc "Kapersky" que j'avais chargé un jour, mais je ne sais pas trop.
En tout cas je ne m'en sers pas.

Merci de ton aide et de ta rapidité !!!

Salut sebjan


Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3

Ton PC va redémarrer pour finir la suppression

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.


@++

Voili voilo



========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service is-PP866drv .
Unable to stop service utqwmzmy .
========== FILES ==========
C:\Outils\Virus Removal Tool\is-PP866\startup.exe moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\skin\sounds moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\skin\layout moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\skin\images\tasks moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\skin\images moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\skin\en moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\skin moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\report moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\quarantine moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\LOG moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\drivers moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\data moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\bases moved successfully.
C:\Outils\Virus Removal Tool\is-PP866\backup moved successfully.
C:\Outils\Virus Removal Tool\is-PP866 moved successfully.
Folder move failed. C:\Outils\Virus Removal Tool scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\is-PP866 scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:\Users\SEBAST~1\AppData\Local\Temp\~DF1D3B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\SEBAST~1\AppData\Local\Temp\~DFB3B.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02212009_003821

Salut sebjan


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

Voila le rapport
Au passage, je te souhaite une bonne nuit !!!




ComboFix 09-02-19.01 - Sebastien 2009-02-21 1:25:36.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.3069.2012 [GMT 1:00]
Lancé depuis: c:\users\Sebastien\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1282 [VPS 081118-0] *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

M:\Autorun.inf
N:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-21 au 2009-02-21 ))))))))))))))))))))))))))))))))))))
.

2009-02-21 00:38 . 2009-02-21 00:38 <REP> d-------- C:\_OTMoveIt
2009-02-20 19:20 . 2009-02-20 19:40 <REP> d-------- C:\Lop SD
2009-02-20 18:48 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-02-20 18:48 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-02-20 18:48 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-02-20 18:48 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-02-20 18:48 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-02-20 18:48 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-02-20 18:48 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-02-20 18:48 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-02-20 18:43 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-02-20 18:43 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-02-20 18:43 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-02-20 18:43 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-02-20 18:43 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-02-20 16:59 . 2009-02-20 18:25 <REP> d-------- c:\program files\EsetOnlineScanner
2009-02-20 13:56 . 2009-02-20 13:56 <REP> d-------- c:\users\Sebastien\AppData\Roaming\Malwarebytes
2009-02-20 13:56 . 2009-02-20 13:56 <REP> d-------- c:\users\All Users\Malwarebytes
2009-02-20 13:56 . 2009-02-20 13:56 <REP> d-------- c:\programdata\Malwarebytes
2009-02-20 13:56 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-20 13:56 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-20 11:19 . 2009-02-20 11:20 <REP> d-------- C:\rsit
2009-02-20 01:26 . 2009-02-20 01:26 <REP> d-------- c:\users\All Users\is-PP866
2009-02-20 01:26 . 2009-02-20 01:26 <REP> d-------- c:\programdata\is-PP866
2009-02-20 01:26 . 2009-02-21 01:27 423,954,464 --ahs---- c:\windows\System32\drivers\fidbox.dat
2009-02-20 01:26 . 2009-02-21 00:58 4,919,768 --ahs---- c:\windows\System32\drivers\fidbox.idx
2009-02-20 01:26 . 2008-07-08 13:54 148,496 --a------ c:\windows\System32\drivers\95187250.sys
2009-02-15 20:38 . 2009-02-15 20:38 <REP> d-------- c:\program files\Microsoft
2009-02-15 19:42 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 19:42 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 19:42 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 19:42 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 19:42 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-15 16:36 . 2009-02-15 16:36 <REP> d--hs---- C:\found.000
2009-02-11 20:41 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 20:41 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\System32\sirenacm.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-20 18:12 --------- d-----w c:\programdata\NVIDIA
2009-02-20 14:52 --------- d-----w c:\programdata\Zylom
2009-02-20 00:06 --------- d---a-w c:\programdata\TEMP
2009-02-19 22:07 --------- d-----w c:\users\Sebastien\AppData\Roaming\DNA
2009-02-19 00:27 --------- d-----w c:\program files\DNA
2009-02-15 19:47 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-15 19:37 --------- d-----w c:\program files\Windows Live
2009-02-15 18:20 --------- d-----w c:\programdata\HP Product Assistant
2009-02-12 02:01 --------- d-----w c:\programdata\Microsoft Help
2009-02-12 02:00 --------- d-----w c:\program files\Windows Mail
2009-02-05 21:06 51,792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-02-04 23:56 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-04 22:16 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2007-11-28 19:41 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-11-28 19:41 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-11-28 19:41 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2007-11-28 19:41 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2007-11-28 19:41 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2008-06-16 23:08 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-06-16 23:08 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-06-16 23:08 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-10-02 2560000]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-04 136600]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdc.exe" [2007-01-24 563080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"TVEService"="c:\program files\Packard Bell\TVenhance\TVEService.exe" [2007-11-21 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-20 c:\windows\RtHDVCpl.exe]
"LchMHotkey"="LchMHKey.exe" [2007-01-22 c:\windows\LchMHKey.exe]

c:\users\Sebastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
is-PP866.lnk - c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\startup.exe [2009-02-20 01:26:02 65536]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HotSync Manager.lnk - c:\media\Palm\Hotsync.exe [2008-01-03 1392640]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{77AD26D5-7C92-4019-8BA3-AA8EDB5477C7}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F063E9CA-7CFF-4446-AA47-7BAA5AE4F44D}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{12BF6E5E-D828-4679-81DD-0C72515EA187}"= c:\program files\Packard Bell\TVenhance\TVEnhance.exe:CyberLink TVEnhance
"{0B7B4DDA-B8B8-44B6-8BB8-5952797C07CE}"= c:\program files\Packard Bell\TVenhance\TVEService.exe:CyberLink TVEnhance Resident Program
"TCP Query User{4C042A33-A926-4420-8632-D563330AFEF7}c:\\modem\\emule\\emule.exe"= UDP:c:\modem\emule\emule.exe:eMule
"UDP Query User{210D35C7-AC9C-4DDD-9BD4-25134FBA5522}c:\\modem\\emule\\emule.exe"= TCP:c:\modem\emule\emule.exe:eMule
"{ACE6BEE7-285B-47CD-AFFB-1565309075AA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{987635F7-A8C6-4613-A398-EC5684DEB448}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{8DF9B043-1CB9-4FA5-9A14-6870095C26F0}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{00D1929C-A72B-475F-9F62-A3CB42F91567}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{0AC4966A-248A-4969-9FE7-FA1193C61D79}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{13F8C08D-1B4A-4FC7-91DA-08D501D146D6}"= UDP:c:\media\iTunes\iTunes.exe:iTunes
"{4855DE63-656F-4D11-85FE-2652041EC1CE}"= TCP:c:\media\iTunes\iTunes.exe:iTunes
"{043F122F-F0EB-47C5-AACB-AE86C84DB782}"= UDP:c:\jeux\Sega JO PEKIN 2008\Beijing.exe:Beijing 2008™
"{592243D6-6BE3-4163-B163-708E9D89C7E4}"= TCP:c:\jeux\Sega JO PEKIN 2008\Beijing.exe:Beijing 2008™
"{5804C84E-7E66-458D-A969-0F94AF2AFA90}"= UDP:c:\jeux\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{3D61E9E2-D81B-4449-8E8A-49FB15553708}"= TCP:c:\jeux\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{24B78BD1-F87B-41AC-A898-FD1593F93773}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{FE7B50BD-32F2-4841-B465-6198B549CCB9}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{1FEBD5A3-ACCA-47F4-98B8-F06EEBCEC839}"= UDP:c:\modem\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{7C74F798-C694-4FDF-A1A6-9E2779EC3B84}"= TCP:c:\modem\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"TCP Query User{4C6F088A-9945-4996-A748-0A3CDACC2E3D}c:\\program files\\real\\realplayer\\recordingmanager.exe"= UDP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"UDP Query User{55775FC7-9B7D-4073-A464-93634851F04B}c:\\program files\\real\\realplayer\\recordingmanager.exe"= TCP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"{3860248C-73CC-40C3-8049-D0D79D7E59F8}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{97F25F43-A47D-4976-9D1A-DD791AF52E44}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{0C8D21B7-2524-4D6D-9BC1-ADBC22621851}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{4D50A86C-B8CA-4154-9B27-24AA7ED1A7BF}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{2BD43F83-E757-4189-BACF-0A59EEC8D826}"= UDP:5721:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{633EA252-BE5E-40C9-88DB-986C2D1A7478}"= UDP:1034:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{27062EA4-0109-49B2-BCAE-850717C6C47A}"= UDP:5678:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{C9893C8B-0F2D-4C53-AB51-F7EFC52A62A5}"= UDP:999:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{1A30B867-A0D9-4D38-9381-88FEC48F0B90}"= UDP:26675:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{3D61920A-4D3F-4B31-85CA-EE03D446B0A5}"= UDP:990:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"TCP Query User{D48124B5-32FB-4EBD-8DD2-7C1DA7E2B35C}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{1ABE5C14-5DEB-4743-BB73-F1918FB0AC84}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Modem\\BitTorrent\\bittorrent.exe"= c:\modem\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-06-01 114768]
R1 is-PP866drv;is-PP866drv;c:\windows\System32\drivers\95187250.sys [2009-02-20 148496]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-06-01 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-06-01 51792]
R2 SrvCDEject;SrvCDEject;c:\program files\Packard Bell\SrvCDEject.exe [2008-04-17 600064]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\Packard Bell\TVenhance\Kernel\TV\TVECapSvc.exe [2008-04-17 290909]
R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\Packard Bell\TVenhance\Kernel\TV\TVESched.exe [2008-04-17 114779]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [2008-04-18 1116800]
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\System32\drivers\WlanUIG.sys [2008-06-01 379456]
R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [2008-04-17 13976]
S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000);c:\windows\System32\drivers\FLMckUSB.sys [2008-04-18 69810]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\shell\AutoRun\command - L:\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28c6694a-bc28-11dd-868a-0060b3b143a5}]
\shell\AutoRun\command - L:\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89f2161e-2f72-11dd-8866-806e6f6e6963}]
\shell\AutoRun\command - F:\Autorun.exe
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-HotSync - c:\program files\PalmSource\Desktop\HotSync.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.yahoo.com/
mStart Page = hxxp://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&p(...)
uInternet Settings,ProxyOverride = *.local
DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
FF - ProfilePath -

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.accept.default", "application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-21 01:27:55
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-02-21 1:30:04
ComboFix-quarantined-files.txt 2009-02-21 00:29:57

Avant-CF: 365 493 927 936 octets libres
Après-CF: 365,565,349,888 octets libres

214 --- E O F --- 2009-02-20 17:59:06

Salut sebjan


- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :



- Enregistre ce fichier sur le bureau (Impératif)

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :



* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ ComboFix.txt


@++

Ouh la c'est long comme rapport :)))
Bon courage !!!



ComboFix 09-02-19.01 - Sebastien 2009-02-21 11:59:45.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.3069.2235 [GMT 1:00]
Lancé depuis: c:\users\Sebastien\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Sebastien\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1282 [VPS 081118-0] *On-access scanning enabled* (Updated)

FILE ::
c:\windows\System32\drivers\95187250.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\_otmoveit
c:\_otmoveit\MovedFiles\02212009_003821.log
c:\_otmoveit\MovedFiles\02212009_003821.res
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\advdis.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\arj.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\arjpack.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avlib.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avp.dt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\Avp_io32.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avp_iont.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avp1.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avp3info.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avpgs.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avpgui.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avpmgr.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avs.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avspm.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avzkrnl.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avzproxy.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\avzscan.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\base64.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\base64p.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\basegui.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\avp_x.set
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\backup.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\bt.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\engine.dt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\keylogger.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\klavemu.kdl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\klavemu.kfb
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\krnldrv.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\megabase.avc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\neural.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\neurald.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\neurale.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\neuralm.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\ports.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\prt.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\repair.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\rootkit.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\scripts.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signf001.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signf002.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signf003.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signf004.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signf005.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signfavp.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\signfusr.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\sr.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\srdb.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\startup.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\syscheck.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\sysipu.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\tsw.avz
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bases\verdicts.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\bl.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\btdisk.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\btimages.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\buffer.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\cab.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\crpthlpr.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\data\BTImages.dat
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\data\sfdb.dat
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\deflate.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\dmap.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\drivers\95187250.cat
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\drivers\95187250.inf
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\drivers\95187250.sys
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\drivers\drvins32.exe
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\dtreg.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\explode.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\filemap.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\fsdrvplg.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\fssync.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\getsi.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\hashcont.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\hashmd5.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\hccmp.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\ichk2.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\inflate.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\inifile.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\is-PP866.cfg
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\is-PP866.com
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\is-PP866.exe
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\iwgen.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\kldirobj.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\klipc.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\l_llio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\lha.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\LOG\avptool_syscheck.zip
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\mailmsg.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\mdmap.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\memmodsc.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\memscan.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\Microsoft.VC80.CRT.manifest
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\minizip.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\minst.exe
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\mkavio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\msoe.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\msvcm80.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\msvcp80.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\msvcr80.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\nfio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\ntfsstrm.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\ods.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\params.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\passdmap.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\pdm.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\pdm2rt.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\prkernel.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\prloader.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\procmon.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\prremote.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\prseqio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\prutil.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\pxstub.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\qb.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\rar.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\reggrd.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\regmap.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report\0003_Scan_Objects_eventlog.rpt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report\0005_AVZ_CollectSysInfo_eventlog.rpt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report\detected.idx
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report\detected.rpt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report\eventlog.rpt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\report\report.rpt
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\resip.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\scmhlpr.dll
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\sfdb.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\avz.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\avzkrnl.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\credits.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\hints.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\iso3166-1.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\main.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\oas.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\prot.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\report.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\scan.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\service.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\en\settings.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\enums.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\activity.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\application.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\Arrow.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\background.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\badmail.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\banner.gif
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\Banner.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\battery.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\bootsect.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\collapse.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\danger24.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\danger32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\dialer.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\disk.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\display.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\error.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\expand.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\floppy.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\Goodmail.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\gripper.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\help.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\help16.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\i16.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\i24.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\i32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\ids.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\ie.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\info.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\integrity.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\internet.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\internet16.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\intranet.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kav_en.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kav_ru.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kav2006.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kav2006rus.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_bs.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_caps.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_ctrl.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_enter.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_lshift.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_normal.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_rshift.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_slash.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_space.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kbdbtn_tab.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\key.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\kl.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\local.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\lockbutton.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\locked.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\logo.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\mail.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\mail_bad.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\main_off16.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\main_off32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\main_on16.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\main_on32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\memory.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\msg_bad.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\msg_deleted.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\msg_good.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\msg_new.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\msg_question.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\navstate.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\navstate2.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\network.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\nonrecursive.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\notepad.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\Notify.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\office.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\ok.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\ok24.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\ok32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\password.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\pause.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\popup_allowed.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\popup_blocked.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\Privacy.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\rdisk.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\regedit.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\regicons.ico
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\run.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\settings.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\startupobj.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\stealth.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\stop.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\t_hdr.bmp
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\t_row.bmp
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\taskbar.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\antihacker32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\antihackerX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\antispam32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\antispamX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\antispy32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\antispyX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\datafiles.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\datafiles32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\file32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\fileX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\mail32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\mailX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\pdm32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\pdmX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\prot32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\protection.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\scan32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\scanX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\support.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\support32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\updater32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\updaterX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\web32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\tasks\webX.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\title.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\trusted.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\unkobj.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\unlocked.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\visa.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\warning.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\warning24.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\warning32.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\images\wizard.png
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\avz.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\main.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\oas.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\prot.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\report.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\scan.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\service.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\layout\settings.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\prot.loc
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\skin.ini
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\skin\sounds\Infected.wav
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\startup.exe
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\stdcomp.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\stenum2.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\stored.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\superio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\tempfile.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\thpimpl.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\timer.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\tm.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\unarj.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\uniarc.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\unlzx.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\unreduce.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\unshrink.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\unstored.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\vmarea.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\wdiskio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\winreg.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\xorio.ppl
c:\_otmoveit\MovedFiles\02212009_003821\Outils\Virus Removal Tool\is-PP866\zcompare.ppl
c:\programdata\is-PP866
c:\programdata\is-PP866\~PRCustomProps#122.dat
c:\programdata\is-PP866\~PRObjects#122.dat
c:\users\All Users\is-PP866\~PRCustomProps#122.dat
c:\users\All Users\is-PP866\~PRObjects#122.dat
c:\windows\System32\drivers\95187250.sys

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IS-PP866DRV
-------\Service_is-PP866drv


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-21 au 2009-02-21 ))))))))))))))))))))))))))))))))))))
.

2009-02-20 19:20 . 2009-02-20 19:40 <REP> d-------- C:\Lop SD
2009-02-20 18:48 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-02-20 18:48 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-02-20 18:48 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-02-20 18:48 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-02-20 18:48 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-02-20 18:48 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-02-20 18:48 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-02-20 18:48 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-02-20 18:43 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-02-20 18:43 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-02-20 18:43 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-02-20 18:43 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-02-20 18:43 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-02-20 16:59 . 2009-02-20 18:25 <REP> d-------- c:\program files\EsetOnlineScanner
2009-02-20 13:56 . 2009-02-20 13:56 <REP> d-------- c:\users\Sebastien\AppData\Roaming\Malwarebytes
2009-02-20 13:56 . 2009-02-20 13:56 <REP> d-------- c:\users\All Users\Malwarebytes
2009-02-20 13:56 . 2009-02-20 13:56 <REP> d-------- c:\programdata\Malwarebytes
2009-02-20 13:56 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-20 13:56 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-20 11:19 . 2009-02-20 11:20 <REP> d-------- C:\rsit
2009-02-20 01:26 . 2009-02-21 12:03 437,846,048 --ahs---- c:\windows\System32\drivers\fidbox.dat
2009-02-20 01:26 . 2009-02-21 12:03 5,133,128 --ahs---- c:\windows\System32\drivers\fidbox.idx
2009-02-15 20:38 . 2009-02-15 20:38 <REP> d-------- c:\program files\Microsoft
2009-02-15 19:42 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 19:42 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 19:42 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 19:42 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 19:42 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-15 16:36 . 2009-02-15 16:36 <REP> d--hs---- C:\found.000
2009-02-11 20:41 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 20:41 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\System32\sirenacm.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-20 18:12 --------- d-----w c:\programdata\NVIDIA
2009-02-20 14:52 --------- d-----w c:\programdata\Zylom
2009-02-20 00:06 --------- d---a-w c:\programdata\TEMP
2009-02-19 22:07 --------- d-----w c:\users\Sebastien\AppData\Roaming\DNA
2009-02-19 00:27 --------- d-----w c:\program files\DNA
2009-02-15 19:47 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-15 19:37 --------- d-----w c:\program files\Windows Live
2009-02-15 18:20 --------- d-----w c:\programdata\HP Product Assistant
2009-02-12 02:01 --------- d-----w c:\programdata\Microsoft Help
2009-02-12 02:00 --------- d-----w c:\program files\Windows Mail
2009-02-05 21:06 51,792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-02-04 23:56 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-04 22:16 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2007-11-28 19:41 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-11-28 19:41 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-11-28 19:41 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2007-11-28 19:41 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2007-11-28 19:41 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2008-06-16 23:08 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-06-16 23:08 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-06-16 23:08 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-02-21_ 1.28.24,06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
- 2009-02-21 00:01:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-21 11:06:06 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-02-21 00:01:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-02-21 11:06:06 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-21 00:02:56 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-02-21 11:16:33 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2009-02-21 11:16:33 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2009-02-21 00:02:51 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-02-21 11:18:41 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2009-02-21 11:18:41 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2009-02-21 00:03:14 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-21 11:09:59 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-21 00:03:14 65,536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-21 11:09:59 65,536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-21 00:03:14 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-21 11:09:59 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-21 00:07:12 117,790 ----a-w c:\windows\System32\perfc009.dat
+ 2009-02-21 11:13:37 117,790 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-21 00:07:12 144,214 ----a-w c:\windows\System32\perfc00C.dat
+ 2009-02-21 11:13:37 144,214 ----a-w c:\windows\System32\perfc00C.dat
- 2009-02-21 00:07:12 628,288 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-21 11:13:37 628,288 ----a-w c:\windows\System32\perfh009.dat
- 2009-02-21 00:07:12 716,060 ----a-w c:\windows\System32\perfh00C.dat
+ 2009-02-21 11:13:37 716,060 ----a-w c:\windows\System32\perfh00C.dat
- 2009-02-21 00:03:17 6,368 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3327374385-1407952491-1078166200-1000_UserData.bin
+ 2009-02-21 00:37:44 6,368 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3327374385-1407952491-1078166200-1000_UserData.bin
- 2009-02-21 00:03:17 61,680 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-21 00:37:44 61,782 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-21 00:03:13 42,348 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-21 00:37:41 42,364 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-02-20 10:11:00 313,446 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-02-21 10:12:47 314,252 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-10-02 2560000]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-04 136600]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdc.exe" [2007-01-24 563080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"TVEService"="c:\program files\Packard Bell\TVenhance\TVEService.exe" [2007-11-21 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-20 c:\windows\RtHDVCpl.exe]
"LchMHotkey"="LchMHKey.exe" [2007-01-22 c:\windows\LchMHKey.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HotSync Manager.lnk - c:\media\Palm\Hotsync.exe [2008-01-03 1392640]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{77AD26D5-7C92-4019-8BA3-AA8EDB5477C7}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F063E9CA-7CFF-4446-AA47-7BAA5AE4F44D}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{12BF6E5E-D828-4679-81DD-0C72515EA187}"= c:\program files\Packard Bell\TVenhance\TVEnhance.exe:CyberLink TVEnhance
"{0B7B4DDA-B8B8-44B6-8BB8-5952797C07CE}"= c:\program files\Packard Bell\TVenhance\TVEService.exe:CyberLink TVEnhance Resident Program
"TCP Query User{4C042A33-A926-4420-8632-D563330AFEF7}c:\\modem\\emule\\emule.exe"= UDP:c:\modem\emule\emule.exe:eMule
"UDP Query User{210D35C7-AC9C-4DDD-9BD4-25134FBA5522}c:\\modem\\emule\\emule.exe"= TCP:c:\modem\emule\emule.exe:eMule
"{ACE6BEE7-285B-47CD-AFFB-1565309075AA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{987635F7-A8C6-4613-A398-EC5684DEB448}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{8DF9B043-1CB9-4FA5-9A14-6870095C26F0}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{00D1929C-A72B-475F-9F62-A3CB42F91567}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{0AC4966A-248A-4969-9FE7-FA1193C61D79}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{13F8C08D-1B4A-4FC7-91DA-08D501D146D6}"= UDP:c:\media\iTunes\iTunes.exe:iTunes
"{4855DE63-656F-4D11-85FE-2652041EC1CE}"= TCP:c:\media\iTunes\iTunes.exe:iTunes
"{043F122F-F0EB-47C5-AACB-AE86C84DB782}"= UDP:c:\jeux\Sega JO PEKIN 2008\Beijing.exe:Beijing 2008™
"{592243D6-6BE3-4163-B163-708E9D89C7E4}"= TCP:c:\jeux\Sega JO PEKIN 2008\Beijing.exe:Beijing 2008™
"{5804C84E-7E66-458D-A969-0F94AF2AFA90}"= UDP:c:\jeux\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{3D61E9E2-D81B-4449-8E8A-49FB15553708}"= TCP:c:\jeux\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{24B78BD1-F87B-41AC-A898-FD1593F93773}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{FE7B50BD-32F2-4841-B465-6198B549CCB9}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{1FEBD5A3-ACCA-47F4-98B8-F06EEBCEC839}"= UDP:c:\modem\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{7C74F798-C694-4FDF-A1A6-9E2779EC3B84}"= TCP:c:\modem\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"TCP Query User{4C6F088A-9945-4996-A748-0A3CDACC2E3D}c:\\program files\\real\\realplayer\\recordingmanager.exe"= UDP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"UDP Query User{55775FC7-9B7D-4073-A464-93634851F04B}c:\\program files\\real\\realplayer\\recordingmanager.exe"= TCP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"{3860248C-73CC-40C3-8049-D0D79D7E59F8}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{97F25F43-A47D-4976-9D1A-DD791AF52E44}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{0C8D21B7-2524-4D6D-9BC1-ADBC22621851}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{4D50A86C-B8CA-4154-9B27-24AA7ED1A7BF}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{2BD43F83-E757-4189-BACF-0A59EEC8D826}"= UDP:5721:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}:@%systemroot%\WindowsMobile\wmdc.exe,-4002
"{633EA252-BE5E-40C9-88DB-986C2D1A7478}"= UDP:1034:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{27062EA4-0109-49B2-BCAE-850717C6C47A}"= UDP:5678:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{C9893C8B-0F2D-4C53-AB51-F7EFC52A62A5}"= UDP:999:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{1A30B867-A0D9-4D38-9381-88FEC48F0B90}"= UDP:26675:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"{3D61920A-4D3F-4B31-85CA-EE03D446B0A5}"= UDP:990:LocalSubnet:LocalSubnet|IF={43E4CD71-4352-4740-83D8-0433C35BFDA3}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001
"TCP Query User{D48124B5-32FB-4EBD-8DD2-7C1DA7E2B35C}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{1ABE5C14-5DEB-4743-BB73-F1918FB0AC84}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Modem\\BitTorrent\\bittorrent.exe"= c:\modem\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-06-01 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-06-01 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-06-01 51792]
R2 SrvCDEject;SrvCDEject;c:\program files\Packard Bell\SrvCDEject.exe [2008-04-17 600064]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\Packard Bell\TVenhance\Kernel\TV\TVECapSvc.exe [2008-04-17 290909]
R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\Packard Bell\TVenhance\Kernel\TV\TVESched.exe [2008-04-17 114779]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [2008-04-18 1116800]
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\System32\drivers\WlanUIG.sys [2008-06-01 379456]
R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [2008-04-17 13976]
S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000);c:\windows\System32\drivers\FLMckUSB.sys [2008-04-18 69810]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\shell\AutoRun\command - L:\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28c6694a-bc28-11dd-868a-0060b3b143a5}]
\shell\AutoRun\command - L:\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89f2161e-2f72-11dd-8866-806e6f6e6963}]
\shell\AutoRun\command - F:\Autorun.exe
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.yahoo.com/
mStart Page = hxxp://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&p(...)
uInternet Settings,ProxyOverride = *.local
DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} - hxxps://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
FF - ProfilePath -

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.accept.default", "application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-21 12:18:57
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\users\SEBAST~1\AppData\Local\Temp\catchme.dll 53248 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(3408)
c:\program files\Softex\OmniPass\SCUREDLL.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\program files\Softex\OmniPass\OmniServ.exe
c:\windows\System32\audiodg.exe
c:\modem\AdAware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\System32\IoctlSvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\progra~1\COMMON~1\X10\Common\X10nets.exe
c:\windows\System32\WUDFHost.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\mHotkey.exe
c:\windows\CDCtr.exe
c:\windows\ModHIDKey.exe
c:\windows\System32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\System32\rundll32.exe
c:\program files\Softex\OmniPass\opvapp.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2009-02-21 12:21:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-21 11:21:13
ComboFix2.txt 2009-02-21 00:30:05

Avant-CF: 364 861 956 096 octets libres
Après-CF: 365,046,390,784 octets libres

592 --- E O F --- 2009-02-20 17:59:06

Salut sebjan


Désactive le contrôle des comptes utilisateurs UAC (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.


On va vérifier si rien de caché :

Fais un scan en ligne ici :
http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)

Désactive ton Antivirus avant le scan en ligne
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm

Sur la page du scan en bas à droite clique sur Démarrer Online-scanner et dans la nouvelle fenêtre qui s'affiche clique sur J'accepte

Accepte les Contrôle ActivX

Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)

Poste le contenue du rapport

Aide pour l'utilisation du scan en ligne :
http://forum.pcastuces.com/kaspersky_online_scanner___tutoriel-f31s10.htm

P.S. : Si tu as un problème pour l'installation du Contrôle ActivX lis ceci :
http://www.inoculer.com/activex.php3

NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.


@++

Ouh la la....c'est de plus en plus long les rapports !
Je te souhaite bon courage pour t'y retrouver.
Apparemment il a trouvé 2 virus et 4 objets infectés...
Très bonne nuit à toi !

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, February 22, 2009 12:55:05 AM
Système d'exploitation : Home Edition, Service Pack 1 (Build 6001)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 21/02/2009
Enregistrements dans la base antivirus Kaspersky : 1649275
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: faux

Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
O:\

Statistiques de l'analyse:
Total d'objets analysés: 1238390
Nombre de virus trouvés: 2
Nombre d'objets infectés: 4 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 03:33:33

Nom de l'objet infecté / Nom du virus / Dernière action
C:\boot\BCD L'objet est verrouillé ignoré
C:\boot\BCD.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy15.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\017cf0c4e04e6181a22b4d95abdcb4a8_ee7d0fdc-1a01-4803-a3b4-e55fac3d1f6c L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010029.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010046.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010047.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy15.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\017cf0c4e04e6181a22b4d95abdcb4a8_ee7d0fdc-1a01-4803-a3b4-e55fac3d1f6c L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010029.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010046.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010047.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy15.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\017cf0c4e04e6181a22b4d95abdcb4a8_ee7d0fdc-1a01-4803-a3b4-e55fac3d1f6c L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010029.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010046.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010047.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy15.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\017cf0c4e04e6181a22b4d95abdcb4a8_ee7d0fdc-1a01-4803-a3b4-e55fac3d1f6c L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010012.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010029.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010046.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010047.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy15.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\Cache\Indiv01.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\DRM\drmstore.hds L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\CurEPGEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\EPGSignal L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\iEPGChInfo L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\RecEpisode L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Schedule L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Cyberlink\TVEnhance\TinyDB\Series L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\017cf0c4e04e6181a22b4d95abdcb4a8_ee7d0fdc-1a01-4803-a3b4-e55fac3d1f6c L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\D

Salut sebjan


Ça pas été bien long, ton rapport n'est pas complet et je voie pas les infections.

Utilise cjoint.com pour poster en lien ton rapport :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Si ton rapport plus grand que 500Ko ici : http://www.sendspace.com/


@++

Hello,
Désolé, j'avais pas vu que tout n'avait pas été copié.
Le rapport fait 1,12 Mo.
Donc j'ai utilisé sendspace : normalement, tu peux aller le charger ici :

http://www.sendspace.com/file/a9nuhg

Merci encore !
Bon dimanche

Salut sebjan


Supprime ce qui est en gras et vide la corbeille :
C:\Jeux\Kyodai Mahjongg <== ce dossier
C:\Jeux\Zuma_Deluxe+Working_Crack.rar <== ce fichier

Le téléchargement illégal est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..) Le danger des cracks !

-----

On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

http://pc-system.fr/TC/ToolsCleaner2.exe


- Faire un clique droit sur ToolsCleaner2.exe sur le bureau, et choisi exécuter en tant qu'administrateur
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


-----


Important de mettre à jour Windows et tes logiciels :
Mettre Windows(catégories critique, Services Pack et Services Release) à jour :
http://www.windowsupdate.com/


Désinstalle via Programmes et fonctionnalités ces programmes :


Ad-Aware <== inutile et dépassé
Adobe Reader 8.1.3 - Français
Java(TM) 6 Update 11
Java(TM) 6 Update 6
Java(TM) 6 Update 7


Si tu rencontres un problème pour la désinstallation :

- Utilise Ccleaner >> Outils >> Programmes de désinstallations


Pour la réinstallation :

- Adobe Reader 9
http://get.adobe.com/fr/reader/
- Java Update 12
http://java.com/fr/


Faire un ménage des fichiers inutiles et de la base de registre :
http://www.malekal.com/tutorial_CCleaner.html

Donne des nouvelles si tu as des soucis et on passe à la résolution du sujet par la suite.


@++

Voila le rapport en question.
Je fais tout le reste dans la foulée et te tiens au courant !
Merci !





[ Rapport ToolsCleaner version 2.3.1 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\Combofix: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\Rsit: trouvé !
C:\Modem\eMule\Incoming\HijackThis.exe: trouvé !
C:\Outils\fsbl.exe: trouvé !
C:\Outils\EliBaglA.exe: trouvé !
C:\Outils\KillBox.exe: trouvé !
C:\Outils\Trend Micro\HijackThis: trouvé !
C:\Outils\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Outils\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Qoobox\Quarantine\C\_OtMoveIt: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\Sebastien\Desktop\HijackThis.lnk: trouvé !
C:\Users\Sebastien\Desktop\LopSD.exe: trouvé !
C:\Users\Sebastien\Desktop\ComboFix.exe: trouvé !
C:\Users\Sebastien\Desktop\HJTInstall.exe: trouvé !
C:\Users\Sebastien\Desktop\OTMoveIt3.exe: trouvé !
C:\Users\Sebastien\Desktop\Rsit.exe: trouvé !
C:\Users\Sebastien\Desktop\Antivirus\ComboFix.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Modem\eMule\Incoming\HijackThis.exe: supprimé !
C:\Outils\fsbl.exe: supprimé !
C:\Outils\EliBaglA.exe: supprimé !
C:\Outils\KillBox.exe: supprimé !
C:\Outils\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: supprimé !
C:\Users\Sebastien\Desktop\HijackThis.lnk: supprimé !
C:\Users\Sebastien\Desktop\LopSD.exe: supprimé !
C:\Users\Sebastien\Desktop\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Users\Sebastien\Desktop\HJTInstall.exe: supprimé !
C:\Users\Sebastien\Desktop\Antivirus\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\Outils\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Users\Sebastien\Desktop\OTMoveIt3.exe: supprimé !
C:\Users\Sebastien\Desktop\Rsit.exe: supprimé !
C:\Combofix: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\Rsit: supprimé !
C:\Outils\Trend Micro\HijackThis: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: supprimé !