les .exe ne peuvent plus etre lancés [RESOLU]

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

le souci c'est qu'il ne peut pas se lancer !

c'est pour ca

En mode sans échec ?

j'ai deja essayé mais ca ne fonctionne pas non plus. Mais y a du nouveau : les programmes s'ouvrent quand on fait "ouvrir avec-> choisir le programme->et on chosit le meme programme ds l'explorer".
Donc je vais pouvoir poster un log d'hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:55, on 17.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\heinrich u. marie\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {D27987B8-7244-4DE0-AE10-39B826B492F1} - C:\WINDOWS\system32\bronto.dll (file missing)
O2 - BHO: AcroIEHelper - {F3CFA533-7680-4943-A863-B8216390E847} - C:\WINDOWS\system32\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Printer] C:\WINDOWS\system32\printer.exe
O4 - HKLM\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Programme\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\system32\spoolvs.exe
O4 - HKCU\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKCU\..\Run: [inetsrv] C:\WINDOWS\inetsrv.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Programme\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: MaxTV.lnk = C:\Programme\DMV\MaxTV\MaxTV.exe
O4 - Startup: findfast.exe
O4 - Startup: infos.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: autos.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer = 217.237.149.161,217.237.151.225
O17 - HKLM\System\CCS\Services\Tcpip\..\{55A26A56-C4D0-4FE5-8046-5F9CACE078D6}: NameServer = 217.237.149.142 217.237.150.205
O18 - Protocol: bw+0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\..\svchost.exe
O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programme\Windows Live\installer\WLSetupSvc.exe

--
End of file - 18915 bytes

Tu as essayé la réparation avec CD de Windows ?
edit :

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage.

Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

Appuie sur une touche pour redémarrer le PC.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.

c'est bon pour le log

J'ai édité.

le souci c'est qu'on ne peut pas se mettre en mode sans echec

est ce qu'on peut le test sans le mode sans echec ?

Nop  

On va essayer autre chose :

Désactive tes protections résidentes (antivirus...) ![/#f]

Télécharge [#ff0000]combofix.exe

(par sUBs) sur ton Bureau.

Double clique combofix.exe.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

on n'arrive pas à l'ouvrir...ca fait toujours "ouvrir avec"

il faudrait rentrer dans le mode sans echec

j'ai essayer par msconfig...il ne veut pas l'ouvrir non plus

Tu as essayé de lancer combofix par la commande Exécuter ?

c'est quoi la commande à taper ?
combofix.exe?

Vi.

ca ne fonctionne pas : "windows ne trouve pas..."

on verra ca demain si tu veux bien : mon ami est parti au lit !

merci beaucoup

ps: je reste connecté pour ma part

Place combofix dans C:.
Dans Exécuter, tape C:\combofix.exe

ok je lui ferai essayer demain
merci

Sinon une idée du virus qui cause tou ca ? Il n'a pas l'air destructif mais bien chiant en tout cas

On verra demain  

en fait nous avons quand meme pu atteindre le mode sans echec, voila donc le log SDFIX:

SDFix: Version 1.118

Run by heinrich u. marie on 2007-12-18 at 19:15

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOKUME~1\HEINRI~1.MAR\Desktop\SDFix

Safe Mode:
Checking Services:

Name:
msupdate

Path:
c:\windows\system32\..\svchost.exe

msupdate - Deleted

Killing PID 896 'shell.exe'


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\ACROIE~1.XML - Deleted
C:\WINDOWS\system32\G6A88.tmp.exe - Deleted
C:\WINDOWS\system32\G7788.tmp.exe - Deleted
C:\WINDOWS\system32\G64F9.tmp.exe - Deleted
C:\WINDOWS\system32\G895B.tmp.exe - Deleted
C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\autorun.exe - Deleted
C:\Dokumente und Einstellungen\heinrich u. marie\Startmen\Programme\Autostart\findfast.exe - Deleted
C:\Dokumente und Einstellungen\heinrich u. marie\Anwendungsdaten\Install.dat - Deleted
C:\autorun.inf - Deleted
C:\WINDOWS\shell.exe - Deleted
C:\WINDOWS\svchost.exe - Deleted
C:\WINDOWS\system\System.exe - Deleted
C:\WINDOWS\system32\printer.exe - Deleted
C:\WINDOWS\system32\Setup\setup.exe - Deleted
C:\WINDOWS\system32\spoolvs.exe - Deleted
C:\WINDOWS\system32\system32.exe - Deleted
C:\WINDOWS\Temp\temp.exe - Deleted
C:\WINDOWS\windows.exe - Deleted




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-18 19:30:02
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programme\\RealVNC\\VNC4\\winvnc4.exe"="C:\\Programme\\RealVNC\\VNC4\\winvnc4.exe:*:Enabled:VNC Server Free Edition for Win32"
"C:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Programme\\Real\\RealPlayer\\REALPLAY.EXE"="C:\\Programme\\Real\\RealPlayer\\REALPLAY.EXE:*:Enabled:RealPlayer"
"C:\\Programme\\Hamachi\\hamachi.exe"="C:\\Programme\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\Browser.exe"="C:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\Browser.exe:*:Enabled:T-Online Browser 6.0"
"C:\\Programme\\Mozilla Firefox\\firefox.exe"="C:\\Programme\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\printer.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\printer.exe"="C:\\WINDOWS\\system32\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spoolvs.exe"="C:\\WINDOWS\\system32\\spoolvs.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\shell.exe"="C:\\WINDOWS\\shell.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Startmen\\Programme\\Autostart\\findfast.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Startmen\\Programme\\Autostart\\findfast.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\All Users\\Startmen\\Programme\\Autostart\\autorun.exe"="C:\\Dokumente und Einstellungen\\All Users\\Startmen\\Programme\\Autostart\\autorun.exe:*:Enabled:@xpsp2res.dll,-22019"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\spyguard.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\spyguard.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\mcrupdate.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\mcrupdate.exe:*:Enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\printer.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\printer.exe"="C:\\WINDOWS\\system32\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spoolvs.exe"="C:\\WINDOWS\\system32\\spoolvs.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\shell.exe"="C:\\WINDOWS\\shell.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Startmen\\Programme\\Autostart\\findfast.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Startmen\\Programme\\Autostart\\findfast.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\All Users\\Startmen\\Programme\\Autostart\\autorun.exe"="C:\\Dokumente und Einstellungen\\All Users\\Startmen\\Programme\\Autostart\\autorun.exe:*:Enabled:@xpsp2res.dll,-22019"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\spyguard.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\spyguard.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\mcrupdate.exe"="C:\\Dokumente und Einstellungen\\heinrich u. marie\\Anwendungsdaten\\mcrupdate.exe:*:Enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

File Backups: - C:\DOKUME~1\HEINRI~1.MAR\Desktop\SDFix\backups\backups.zip

Files with Hidden Attributes:

Sun 16 Dec 2007 89,088 ..SH. --- "C:\DCFB479A.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\qoobox\qoobox.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\ComboFix\ComboFix.exe"
Sun 16 Dec 2007 31,232 A.SH. --- "C:\Avenger\winstall.exe"
Sun 16 Dec 2007 89,088 ..SH. --- "C:\WINDOWS\system32\shovth.exe"
Sun 16 Dec 2007 89,088 ..SH. --- "C:\WINDOWS\system32\winsn.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\repair\repair.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Help.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\msagent\msagent.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Cursors\Cursors.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Media\Media.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\twain_32\twain_32.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\AppPatch\AppPatch.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Debug\Debug.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ime\ime.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\PeerNet\PeerNet.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\ehome\ehome.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\occache\occache.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\DESIGN\DESIGN.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\MaxTV\MaxTV.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Registration\Registration.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\srchasst\srchasst.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Minidump\Minidump.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Prefetch\Prefetch.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\SoftwareDistribution.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Dokumente und Einstellungen\All Users\All Users.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Dokumente und Einstellungen\heinrich u. marie\heinrich u. marie.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows NT\Windows NT.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Languages\Languages.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows Media Player\Windows Media Player.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Online Services\Online Services.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\Internet Explorer.exe"
Tue 3 Aug 2004 60,416 A.SH. --- "C:\Programme\Outlook Express\msimn.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Outlook Express\Outlook Express.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\NetMeeting\NetMeeting.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Movie Maker\Movie Maker.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\Phototool.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\Microsoft Picture It! PhotoPub.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\QuickTime\QuickTime.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ELSACfgMgr\ELSACfgMgr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\FileZilla\FileZilla.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\Mozilla Firefox.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\OpenOffice.org 2.2.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\SLD Codec Pack\SLD Codec Pack.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Messenger Plus! Live.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Html\Html.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\SuperCopier2\SuperCopier2.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\plugins\plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Irfanview\Irfanview.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\components\components.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\chrome\chrome.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\WinRAR\WinRAR.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Hamachi\hamachi.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\updates\updates.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\desinstalleur\desinstalleur.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\Mozilla Thunderbird.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\CDBurnerXP Pro 3\CDBurnerXP Pro 3.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Winamp\winamp.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\qoobox\BackEnv\BackEnv.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\config\config.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\drivers\drivers.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ras\ras.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\wbem.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\npp\npp.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\ias\ias.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\icsxml\icsxml.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\oobe.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\1031\1031.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\1033\1033.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\usmt\usmt.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\CatRoot2.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Restore\Restore.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\URTTemp\URTTemp.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Com\Com.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\QuickTime\QuickTime.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\msagent\intl\intl.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\msagent\chars\chars.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Driver Cache\i386\i386.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\templates\templates.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\logs\logs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\security\Database\Database.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Temp\_avast4_\_avast4_.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Debug\UserMode\UserMode.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Debug\WPD\WPD.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Themes.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Provisioning\Schemas\Schemas.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Manifests\Manifests.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_de_78e7f208\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_de_78e7f208.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_de-DE_b5f95279\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_de-DE_b5f95279.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\erdnt\subs\subs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\srchasst\chars\chars.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\EventCache\EventCache.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\Download.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\WebSetup\WebSetup.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{077ACEC7-979C-40AB-9835-435BA1511E0D}\{077ACEC7-979C-40AB-9835-435BA1511E0D}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\{A47B3654-48EE-48A5-B629-97D70175E58F}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\{30C7234B-6482-4A55-A11D-ECD9030313F2}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\{981FB688-E76B-4246-987B-92083185B90A}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\{DD90D410-1823-43EB-9A16-A2331BF08799}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{60204BB3-7078-4F70-8F69-68297621941C}\{60204BB3-7078-4F70-8F69-68297621941C}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\Framework.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Dokumente und Einstellungen\All Users\Desktop\Desktop.exe"
Thu 4 May 2006 4,348 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\DRMv1.bak"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Dokumente und Einstellungen\heinrich u. marie\Desktop\Desktop.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Dokumente und Einstellungen\heinrich u. marie\Eigene Dateien\Eigene Dateien.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Wise Installation Wizard\Wise Installation Wizard.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\ScanSoft Shared\ScanSoft Shared.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows NT\Pinball\pinball.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows NT\Zubehr\Zubehr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\MSN Gaming Zone\Windows\Windows.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows Media Player\Skins\Skins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\Connection Wizard\Connection Wizard.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\SIGNUP\SIGNUP.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\PLUGINS\PLUGINS.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\update\update.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Movie Maker\Shared\Shared.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\Dlls\Dlls.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\Help\Help.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\Samples\Samples.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\Test Images\Test Images.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\User Manual\User Manual.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ScanSoft\PaperPort\PaperPort.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Brother\Brmfcmon\BrMfcMon.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Brother\BrNetScn\BrNetScn.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Panicware\Pop-Up Stopper Free Edition\Pop-Up Stopper Free Edition.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\1031\1031.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\My Web Pages\My Web Pages.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\PiFiles.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\wkslnchr\wkslnchr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Real\RealPlayer\RealPlayer.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\QuickTime\Plugins\Plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Lavasoft\Ad-Aware SE Personal\Ad-Aware SE Personal.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Logitech\SetPoint\SetPoint.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\plugins\plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\components\components.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\chrome\chrome.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\res\res.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\greprefs\greprefs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\uninstall\uninstall.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\searchplugins\searchplugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\updates\updates.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows Live\installer\installer.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows Live\Messenger\Messenger.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\VideoLAN\VLC\vlc.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\myHouse pour Windows\project\project.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\program\program.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\help\help.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\licenses\licenses.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\readmes\readmes.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\SLD Codec Pack\Player\Player.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\SLD Codec Pack\Links\Links.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\SLD Codec Pack\gspot\GSpot.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Lavalys\EVEREST Home Edition\EVEREST Home Edition.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\DSL-Manager\DSL-Manager.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Alwil Software\Avast4\Avast4.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Languages\Languages.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.5.0_08\jre1.5.0_08.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.5.0_10\jre1.5.0_10.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_01\jre1.6.0_01.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0\jre1.6.0.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_02\jre1.6.0_02.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_03\jre1.6.0_03.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\SuperCopier2\Languages\Languages.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\RealVNC\VNC4\VNC4.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Adobe\TypeSpt\TypeSpt.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Adobe\Color\Color.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Irfanview\Toolbars\Toolbars.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Irfanview\Plugins\Plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Irfanview\Languages\Languages.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Irfanview\Html\Html.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\components\myspell\myspell.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\defaults\messenger\messenger.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\defaults\profile\profile.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\defaults\pref\pref.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\defaults\autoconfig\autoconfig.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\defaults\shortcuts\shortcuts.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\defaults\isp\isp.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\InstallShield\UpdateService\UpdateService.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\Source Engine\Source Engine.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\MSClientDataMgr\MSClientDataMgr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\INK\INK.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\Portal\Portal.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\PROOF\PROOF.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\DW\DW.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\MSORUN\MSORUN.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\EURO\EURO.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\THEMES11.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\OFFICE11\OFFICE11.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\Smart Tag\Smart Tag.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\GRPHFLT\GRPHFLT.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\Web Folders\Web Folders.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Thomson\Thomson Lyra Digital\Thomson Lyra Digital.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\uninstall\uninstall.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\chrome\chrome.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\components\components.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\greprefs\greprefs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\isp\isp.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Thunderbird\res\res.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\CDBurnerXP Pro 3\Avi\Avi.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\CDBurnerXP Pro 3\Tools\Tools.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\CDBurnerXP Pro 3\Resources\Resources.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\CDBurnerXP Pro 3\Error Report Files\Error Report Files.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Winamp\Plugins\Plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Winamp\System\System.exe"
Sun 16 Dec 2007 89,088 A.SH. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP629\A0053800.exe"
Sun 16 Dec 2007 89,088 A.SH. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP629\A0053802.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP629\A0053807.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP629\A0053808.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP629\A0053810.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053901.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053902.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053903.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053904.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053905.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053906.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053907.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053908.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053909.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053910.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053911.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053912.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053917.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053918.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053919.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053920.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053921.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053922.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053923.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053924.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053925.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053926.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053927.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053928.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053929.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053930.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053931.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053932.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053933.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053934.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053935.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053936.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053937.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053938.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053939.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053940.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053941.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053942.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053943.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053944.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053945.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053946.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053947.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053948.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053949.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053950.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053951.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053952.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053953.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053954.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053955.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053956.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053957.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053958.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053961.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053962.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053963.exe"
Sun 16 Dec 2007 89,088 A..H. --- "C:\System Volume Information\_restore{FB062BF5-2420-42CE-8DA0-8B52A542DE94}\RP630\A0053964.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\config\systemprofile\systemprofile.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\drivers\etc\etc.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\xml\xml.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\Logs\Logs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\Performance\Performance.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\AutoRecover\AutoRecover.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\wbem\Repository\Repository.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\mui\0007\0007.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\mui\0409\0409.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\mui\0407\0407.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\images\images.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\setup\setup.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\actsetup\actsetup.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\error\error.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\regerror\regerror.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\icserror\icserror.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\oobe\isperror\isperror.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\DRVSTORE\wlphonecv_8800C151E3BB9442F62327FF05F053BF5567B318\wlphonecv_8800C151E3BB9442F62327FF05F053BF5567B318.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\DRVSTORE\wlphonecv_B88DA7978559975500983DADC0107CF3AA89C14C\wlphonecv_B88DA7978559975500983DADC0107CF3AA89C14C.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Macromed\Flash\Flash.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\DirectX\Dinput\Dinput.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\MsDtc\Trace\Trace.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\Kaspersky Online Scanner.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\system32\LogFiles\HTTPERR\HTTPERR.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\mmTour\mmTour.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\htmlTour\htmlTour.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Help\Tours\WindowsMediaPlayer\WindowsMediaPlayer.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\twain_32\BrMfSc03\MF5440CU\MF5440CU.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Resources\Themes\Luna\Luna.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_x-ww_527a1c68\x86_policy.6.0.Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_x-ww_527a1c68.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\binaries\binaries.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\Config\Config.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\DataColl\DataColl.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\Logs\Logs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\OfflineCache\OfflineCache.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\PackageStore\PackageStore.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\Database\Database.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\Indices\Indices.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\helpctr\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\UploadLB\Binaries\Binaries.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\pchealth\UploadLB\Config\Config.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\erdnt\subs\F3M\F3M.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\srchasst\mui\0407\0407.exe"
Wed 28 Nov 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9abd05361f9a8989001560352e910162\BIT4.tmp"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\c268348752498f57ff1128ae6a23c4f1\c268348752498f57ff1128ae6a23c4f1.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\3ff783aae3056fe335ae6e68b0b9c7a1\3ff783aae3056fe335ae6e68b0b9c7a1.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\c18c7dd0e5fe6475af12f22f9cb9ef41\c18c7dd0e5fe6475af12f22f9cb9ef41.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\83acfdbb2a85d094f9ba8c0d3c8b82a3\83acfdbb2a85d094f9ba8c0d3c8b82a3.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\9bf414b924872dc1333e6c5163cb3e11\9bf414b924872dc1333e6c5163cb3e11.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\7282c1853c47e0cc7424b44848f67092\7282c1853c47e0cc7424b44848f67092.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\917de8e53e0f6be5bfe4f9ed4db96202\917de8e53e0f6be5bfe4f9ed4db96202.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\Download\d891d899e6ede66027ee5557be0659d8\d891d899e6ede66027ee5557be0659d8.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\Logs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\9482F4B4-E343-43B6-B170-9A65BC822C77.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\7971F918-A847-4430-9279-4A52D1EFE18D.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\Default.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\7971f918-a847-4430-9279-4a52d1efe18d.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{077ACEC7-979C-40AB-9835-435BA1511E0D}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}$BACKUP$\System\System.exe"
Tue 3 Aug 2004 73,728 A.SH. --- "C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{60204BB3-7078-4F70-8F69-68297621941C}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\System.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\v1.1.4322.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\v1.0.3705.exe"
Sun 10 Jun 2007 0 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\Cache\Indiv02.tmp"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Dokumente und Einstellungen\heinrich u. marie\Desktop\SDFix\SDFix.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\Speech.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\TextConv.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Triedit\Triedit.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\DAO\DAO.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSInfo\MSInfo.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Stationery\Stationery.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DW.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\SpeechEngines\Microsoft\Microsoft.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\System\msadc\msadc.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\System\ado\ado.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\System\Ole DB\Ole DB.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\MSSoap\Binaries\Binaries.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Real\Update\Update.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Real\Plugins\Plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Real\Common\Common.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Real\Codecs\Codecs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Real\Visualizations\Visualizations.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Nullsoft\ActiveX\ActiveX.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Adobe\Color\Color.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\InstallShield\IScript\IScript.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHAL.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Gemeinsame Dateien\Logitech\WebColct\WebColct.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\DMV\MaxTV\cache\cache.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\MUI\0409\0409.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Internet Explorer\MUI\0407\0407.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Movie Maker\Shared\Profiles\Profiles.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Movie Maker\MUI\0407\0407.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Phototool\Frame\Mat\Mat.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ScanSoft\PaperPort\ocr\ocr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ScanSoft\PaperPort\twainsrc\twainsrc.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ScanSoft\PaperPort\linksupp\linksupp.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ScanSoft\PaperPort\WebEreg\WebEreg.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\ScanSoft\PaperPort\SmartUI\SmartUI.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Brother\BrDriver\MfcXP\MfcXP.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Panicware\Pop-Up Stopper Free Edition\PopUp Sounds\PopUp Sounds.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Panicware\Pop-Up Stopper Free Edition\XA\XA.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\Content\Back\Back.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\Content\BtnBack\BtnBack.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\Content\BtnFront\BtnFront.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\Content\Front\Front.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\DswMedia\anim\anim.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\Brushes\Brushes.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\emphasis\emphasis.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\previews\previews.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\texteff\texteff.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\textures\textures.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\txtbends\txtbends.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PiFiles\Warps\Warps.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Picture It! PhotoPub\PIP\PIP2001\PIP2001.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Real\RealPlayer\Setup\setup.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Real\RealPlayer\Msg\Msg.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Lavasoft\Ad-Aware SE Personal\Skins\Skins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Lavasoft\Ad-Aware SE Personal\Lang\Lang.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Logitech\SetPoint\Images\Images.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Logitech\SetPoint\Macros\Macros.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Logitech\SetPoint\Sounds\Sounds.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Logitech\SetPoint\Quicktour\Quicktour.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Logitech\Desktop Messenger\8876480\8876480.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\res\html\html.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\res\fonts\fonts.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\res\dtd\dtd.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\res\entityTables\entityTables.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\defaults\pref\pref.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\defaults\autoconfig\autoconfig.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\defaults\profile\profile.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\defaults\shortcuts\shortcuts.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\{972ce4c6-7e08-4474-a285-3208198ce6fd}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org\talkback@mozilla.org.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Windows Live\Messenger\Device Manager\Device Manager.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\VideoLAN\VLC\plugins\plugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\VideoLAN\VLC\osdmenu\osdmenu.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\VideoLAN\VLC\skins\skins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\VideoLAN\VLC\http\http.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\presets\basic\basic.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\presets\autotext\autotext.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\presets\config\config.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\presets\database\database.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\presets\gallery\gallery.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\program\resource\resource.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\program\classes\classes.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\program\components\components.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\program\greprefs\greprefs.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\program\assembly\assembly.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\share\config\config.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\share\readme\readme.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\share\autocorr\autocorr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\share\gallery\gallery.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\help\fr\fr.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\OpenOffice.org 2.2\help\de\de.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Lavalys\EVEREST Home Edition\Language\Language.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis-Software.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\T-Online_Software_6\Banking\Banking.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\T-Online_Software_6\eMail\eMail.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\Info-Cockpit.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\T-Online\T-Online_Software_6\Fotoservice\Fotoservice.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Alwil Software\Avast4\DATA\DATA.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Alwil Software\Avast4\Setup\Setup.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Alwil Software\Avast4\images\images.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Alwil Software\Avast4\FRENCH\FRENCH.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\Screenshot Sender 4\Screenshot Sender 4.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\SendTo\SendTo.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\Stickynotes\Stickynotes.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\Now Playing\Now Playing.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\ReadThis\ReadThis.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\YouTube Launcher\YouTube Launcher.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\UNeed Script\UNeed Script.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\WLM Preview Box\WLM Preview Box.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Messenger Plus! Live\Scripts\Plus Mapper\Plus Mapper.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Azureus\plugins\azplugins\azplugins.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Azureus\plugins\azupdater\azupdater.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.5.0_08\bin\bin.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.5.0_08\lib\lib.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.5.0_10\bin\bin.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.5.0_10\lib\lib.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_01\bin\bin.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_01\lib\lib.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0\bin\bin.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0\lib\lib.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_02\bin\bin.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_02\lib\lib.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_03\bin\bin.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Java\jre1.6.0_03\lib\lib.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Adobe\Reader 8.0\Reader\Reader.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Adobe\Reader 8.0\Resource\Resource.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Adobe\Reader 8.0\Esl\Esl.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Adobe\Adobe Help Viewer\1.0\1.0.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\chrome\icons\default\default.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\InstallShield\Professional\RunTime\RunTime.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\Web Components\11\11.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\PROOF\1031\1031.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\PROOF\1033\1033.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\DW\1031\1031.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\DW\1036\1036.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\VBA\VBA6\VBA6.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\AFTRNOON\AFTRNOON.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\ARCTIC\ARCTIC.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\AXIS\AXIS.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\BLENDS\BLENDS.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\BLUECALM\BLUECALM.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\BREEZE\BREEZE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\CANYON\CANYON.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\CAPSULES\CAPSULES.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\CASCADE\CASCADE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\COMPASS\COMPASS.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\CONCRETE\CONCRETE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\DEEPBLUE\DEEPBLUE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\EDGE\EDGE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\EVRGREEN\EVRGREEN.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\EXPEDITN\EXPEDITN.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\ICE\ICE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\IRIS\IRIS.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\JOURNAL\JOURNAL.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\NETWORK\NETWORK.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\PAPYRUS\PAPYRUS.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\PIXEL\PIXEL.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\PROFILE\PROFILE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\REFINED\REFINED.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\RIPPLE\RIPPLE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\SATIN\SATIN.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\SKY\SKY.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\SLATE\SLATE.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\SONORA\SONORA.exe"
Sun 16 Dec 2007 89,088 ...H. --- "C:\Programme\Microsoft Shared\THEMES11\SPRING\SPRING.exe"
Sun 16 Dec 2007 89,088

voici le log hijakthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:35, on 2007-12-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\shovth.exe
C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\autos.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\Programme\OpenOffice.org 2.2\program\soffice.exe
C:\Programme\OpenOffice.org 2.2\program\soffice.BIN
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\RealVNC\VNC4\winvnc4.exe
C:\Dokumente und Einstellungen\heinrich u. marie\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\proper.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {D27987B8-7244-4DE0-AE10-39B826B492F1} - C:\WINDOWS\system32\bronto.dll (file missing)
O2 - BHO: AcroIEHelper - {F3CFA533-7680-4943-A863-B8216390E847} - C:\WINDOWS\system32\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKLM\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Programme\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [inetsrv] C:\WINDOWS\inetsrv.exe
O4 - HKCU\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Programme\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: MaxTV.lnk = C:\Programme\DMV\MaxTV\MaxTV.exe
O4 - Startup: infos.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: autos.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer = 217.237.149.161,217.237.151.225
O17 - HKLM\System\CCS\Services\Tcpip\..\{55A26A56-C4D0-4FE5-8046-5F9CACE078D6}: NameServer = 217.237.149.142 217.237.150.205
O18 - Protocol: bw+0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\..\svchost.exe
O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programme\Windows Live\installer\WLSetupSvc.exe

--
End of file - 19460 bytes

Re,

On continue.

Télécharge Smitfraudfix (de S!ri).
Enregistre-le sur ton bureau.
Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.

**Si le lien ne fonctionne pas, clique ici**

je viens de faire une desinfection ccleaner et ad adware. Y a pas de choses qui sont parties. Est ce que tu veux un autre log ?

en tout cas voici le log smitfraudfix
SmitFraudFix v2.271

Scan done at 20:34:49.87, 2007-12-18
Run from C:\Programme\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode

Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\shovth.exe
C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\autos.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\Programme\OpenOffice.org 2.2\program\soffice.exe
C:\Programme\OpenOffice.org 2.2\program\soffice.BIN
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\RealVNC\VNC4\winvnc4.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\reg.exe

hosts


C:\


C:\WINDOWS

C:\WINDOWS\svchost.exe FOUND !

C:\WINDOWS\system


C:\WINDOWS\Web


C:\WINDOWS\system32

C:\WINDOWS\system32\proper.exe FOUND !
C:\WINDOWS\system32\winter.exe FOUND !

C:\WINDOWS\system32\LogFiles


C:\Dokumente und Einstellungen\heinrich u. marie


C:\Dokumente und Einstellungen\heinrich u. marie\Application Data


Start Menu

C:\DOKUME~1\HEINRI~1.MAR\STARTM~1\PROGRA~1\AUTOST~1\infos.exe FOUND !
C:\DOKUME~1\ALLUSE~1\STARTM~1\PROGRA~1\AUTOST~1\autos.exe FOUND !

C:\DOKUME~1\HEINRI~1.MAR\FAVORI~1


Desktop


C:\Programme


Corrupted keys


Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"


IEDFix
!!!Attention, following keys are not inevitably infected!!!


Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\wowfx.dll"


Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


Rustock



DNS

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 217.237.149.142
DNS Server Search Order: 217.237.150.205

Description: Broadcom NetXtreme Gigabit Ethernet - Paketplaner-Miniport
DNS Server Search Order: 217.237.149.161
DNS Server Search Order: 217.237.151.225

HKLM\SYSTEM\CCS\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer=217.237.149.161,217.237.151.225
HKLM\SYSTEM\CCS\Services\Tcpip\..\{55A26A56-C4D0-4FE5-8046-5F9CACE078D6}: NameServer=217.237.149.142 217.237.150.205
HKLM\SYSTEM\CS1\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer=217.237.149.161,217.237.151.225
HKLM\SYSTEM\CS1\Services\Tcpip\..\{55A26A56-C4D0-4FE5-8046-5F9CACE078D6}: NameServer=217.237.149.142 217.237.150.205
HKLM\SYSTEM\CS2\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer=217.237.149.161,217.237.151.225


Scanning for wininet.dll infection


End

Tu as bien posté le contenu du rapport ? un fichier texte.

bein oui pourquoi ?

Lé bizarre le rapport.

Redémarre en mode sans échec

Lance SmitfraudFix.exe et choisis cette fois l'Option 2 et réponds oui à la ou les questions.
Sauvegarde le rapport sur ton Bureau.

Redémarre normalement.

Poste les rapports Hijackthis et SmitfraudFix.

SmitFraudFix v2.271

Scan done at 22:51:53.46, 2007-12-18
Run from D:\Eigene Dateien D\Downloaden Datein\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts



»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\svchost.exe Deleted
C:\WINDOWS\system32\proper.exe Deleted
C:\WINDOWS\system32\winter.exe Deleted
C:\DOKUME~1\HEINRI~1.MAR\STARTM~1\PROGRA~1\AUTOST~1\infos.exe Deleted
C:\DOKUME~1\ALLUSE~1\STARTM~1\PROGRA~1\AUTOST~1\autos.exe Deleted

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer=217.237.149.161,217.237.151.225
HKLM\SYSTEM\CS1\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer=217.237.149.161,217.237.151.225
HKLM\SYSTEM\CS2\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer=217.237.149.161,217.237.151.225


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14, on 2007-12-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\shovth.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Programme\OpenOffice.org 2.2\program\soffice.exe
C:\Programme\OpenOffice.org 2.2\program\soffice.BIN
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\kernel.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\Dokumente und Einstellungen\heinrich u. marie\Desktop\HijackThis.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\WINDOWS\system32\reg.exe

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEHelper - {F3CFA533-7680-4943-A863-B8216390E847} - C:\WINDOWS\system32\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sis32] C:\WINDOWS\system32\winsos.exe
O4 - HKLM\..\Run: [winroot] C:\WINDOWS\system32\winsn.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Programme\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [inetsrv] C:\WINDOWS\inetsrv.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Programme\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: MaxTV.lnk = C:\Programme\DMV\MaxTV\MaxTV.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer = 217.237.149.161,217.237.151.225
O18 - Protocol: bw+0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programme\Windows Live\installer\WLSetupSvc.exe

--
End of file - 18356 bytes

Pas d'amélioration ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

ca va beaucoup mieux, mais il reste des points noirs :
-un fichier s'ouvre souvent sur son pc, lui demandant de sauvegarder ses fichiers... (c'est en allemand donc pas facilement traductible !)
-certains exe ne s'ouvrent pas
-pas d'acces au gestionnaire des taches
-pas d'acces au panneau de configuration

je t'envoie le rapport d'antivir

Ok  

je suis passé aussi à antivir, c'est vrai qu'il est un peu plus difficile d'approche, mais si il est réelement meilleur (ca fait un moment que j'en entends parler mais pas facile de changer ! )

je suis harcelé par les alertes d'antivir sur son pc : trojan TR/crypt.XDR.Gen
je peux supprimer mais ca revient...j'aurai p'tre du me mettre en mode sans echec ?

Fais le scan entièrement  

ok ca va mieux la, enfin facon de parler : 20% du scan et deja 290 fichiers infectés détectés

Sinon petite question : quand on utilise msn il demande de renseigner l'AV utilisé pour analyser les fichiers transférés. Quel est le programme que l'on doit mettre ici : avcenter ? ou un autre

merci

Laisse MSN de côté jusqu'à la fin des opérations  

oui mais la c'est pour moi  

Quoi ?

bein du coup moi aussi j'ai changé d'AV. Donc je voudrais savoir ce qu'il faut mettre sur msn pour mon pc.
Je le ferai à la fin sur celui de mon ami

merci

Bah tu mets ton antivirus.

oui mais quand je rentre dans le dossier il me propose tous les executables dispo dans antivir, et je ne sais pas trop lequel prendre. Mais c'est pas grave je vais me debrouiller   merci quand meme

Bah fais le rapport ?

j'arrive pas à le poster, il est trop gros 53Mo) : je t'envoie juste la fin

End of the scan: 2007-12-19 16:24
Used time: 1:14:14 min

The scan has been done completely.

5005 Scanning directories
312646 Files were scanned
10268 viruses and/or unwanted programs were found
17 Files were classified as suspicious:
10258 files were deleted
0 files were repaired
12 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
302378 Files not concerned
1924 Archives were scanned
6 Warnings
0 Notes

Reposte un rapport Hijackthis  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:06, on 2007-12-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\Programme\OpenOffice.org 2.2\program\soffice.exe
C:\Programme\OpenOffice.org 2.2\program\soffice.BIN
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\kernel.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\RealVNC\VNC4\winvnc4.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\Mozilla Thunderbird\thunderbird.exe
C:\Dokumente und Einstellungen\heinrich u. marie\Desktop\HijackThis.exe

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEHelper - {F3CFA533-7680-4943-A863-B8216390E847} - C:\WINDOWS\system32\AcroIEHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Programme\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [inetsrv] C:\WINDOWS\inetsrv.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Programme\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: MaxTV.lnk = C:\Programme\DMV\MaxTV\MaxTV.exe
O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40457E35-921B-419C-BBDA-D3CA579A6134}: NameServer = 217.237.149.161,217.237.151.225
O17 - HKLM\System\CCS\Services\Tcpip\..\{55A26A56-C4D0-4FE5-8046-5F9CACE078D6}: NameServer = 217.237.149.142 217.237.150.205
O18 - Protocol: bw+0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {966707D2-DE4F-468C-8299-3801A3456020} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\..\svchost.exe
O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programme\Windows Live\installer\WLSetupSvc.exe

--
End of file - 18583 bytes

Tu peux essayer Combofix ?