grooos gros probleme avec un virus - Sécurité - Virus
TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !
 

Ajouter une réponse



Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : grooos gros probleme avec un virus
 
nouf93120
Profil : IDNaute
Plus d'informations
n°325389
28-07-2008 à 20:57:28

bonjour,

j'ai un virus je ne sait pas comment il est arriver sur mon pc j'ai réussit a le supprimer mais je pense qu'il reste quelque traces et en plus de ça il m'a bloquer le ctrl+alt+supp et aussi quand je clic dans bureau sur clic droit===>propriétés ça me met "le panneau de configuration affichage a été désactivé par votre administrateur système" alors que je suis dans le compte administrateur et internet explorer a été bloquer je ne sait comment j'arrive juste a utiliser firefox comme navigateur et le plus gros des problème c'est le démarrer il m'a supprimer "tout les programmes, poste de travail, rechercher et tout le tralala...." et dans poste de travail qui est toujours sur le bureau le disque local C:\ n'est plus là


---------------
http://naoufel93120.skyrock.com/
100% skyblog de rap
Liens sponsorisés


Inscrivez-vous ou connectez-vous pour masquer ceci.

Egwene
Profil : Helper
Plus d'informations
n°325399
28-07-2008 à 21:27:08

:hello: Bonjour,

Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.

  • ferme toutes les applications et fenêtres
  • double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous

Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)

  • s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
  • tu devras cliquer 2 fois sur le OK des boîtes de dialogue

Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée

  • quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :

main.txt <- ouvert en premier plan et en plein écran
extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
S'il s'agit d'une utilisation supplémentaire de DSS :

  • tu n'auras pas de boîte de dialogue (pas de OK)
  • quand le traitement est terminé, un fichier texte s'affiche :

main.txt <- ouvert en premier plan et en plein écran

  • copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
  • copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
  • n'oublie pas de réactiver les protections si elles ont été stoppées.




Ce que fait DSS :

  • crée un point de restauration dans Windows XP et Vista
  • nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
  • vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.


;)


---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
nouf93120
Profil : IDNaute
Plus d'informations
n°325405
28-07-2008 à 21:43:23

main.txt

Citation :

Deckard's System Scanner v20071014.68
Run by Administrateur on 2008-07-28 21:35:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Unable to create WMI object; Opération réussie.


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrateur.exe) --------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:37: VIRUS ALERT!, on 28/07/2008
Platform: Windows XP SP3, v.5512 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20772)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Taskix\Taskix32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\lphcef3j0e7aa.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrateur\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.p [...] Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: QXK Olive - {AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A} - C:\WINDOWS\nfavxwdbsxb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: fdkowvbp - {BF53502D-3BEF-4273-9925-89D7526A5F87} - C:\WINDOWS\fdkowvbp.dll
O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\VistaDriveStatus\vsdrv.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [lphcef3j0e7aa] C:\WINDOWS\system32\lphcef3j0e7aa.exe
O4 - HKLM\..\Run: [SMrhcaf3j0e7aa] C:\Program Files\rhcaf3j0e7aa\rhcaf3j0e7aa.exe
O4 - HKCU\..\Run: [LClock] "C:\Program Files\LClock\LClock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} (Java Plug-in 1.6.0_04) -
O21 - SSODL: eqvwamkl - {66D912F9-3D50-4401-8090-A70C8AF8211A} - C:\WINDOWS\eqvwamkl.dll
O21 - SSODL: wnslvxtf - {0D536C64-5BE2-407F-B985-409A70678EDD} - C:\WINDOWS\wnslvxtf.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

--
End of file - 5587 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
[COLOR=red].reg - unable to read key[/COLOR]
[COLOR=red].reg - unable to read key[/COLOR]
[COLOR=red].reg - unable to read key[/COLOR]
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
R3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>

S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 BlueSoleil Hid Service - c:\program files\ivt corporation\bluesoleil\btntservice.exe
R2 Bonjour Service (Service Bonjour) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-03 10:58:38 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-28 and 2008-07-28 -----------------------------

2008-07-28 19:33:37 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-07-28 18:24:21 0 d-------- C:\Documents and Settings\fz\Application Data\rhcaf3j0e7aa
2008-07-28 18:23:32 0 d-------- C:\Documents and Settings\fz\Application Data\TmpRecentIcons
2008-07-28 17:59:22 0 d-------- C:\Documents and Settings\Administrateur\Application Data\rhcaf3j0e7aa
2008-07-28 17:58:33 0 d-------- C:\Program Files\PCHealthCenter
2008-07-28 17:58:24 0 d-------- C:\Documents and Settings\Administrateur\Application Data\TmpRecentIcons
2008-07-28 17:58:10 303104 --a------ C:\WINDOWS\wnslvxtf.dll
2008-07-28 17:58:10 348160 --a------ C:\WINDOWS\nfavxwdbsxb.dll
2008-07-28 17:58:10 94208 --a------ C:\WINDOWS\grswptdl.exe
2008-07-28 17:58:10 204800 --a------ C:\WINDOWS\fdkowvbp.dll
2008-07-28 17:58:10 274432 --a------ C:\WINDOWS\eqvwamkl.dll
2008-07-28 17:58:10 163840 --a------ C:\WINDOWS\eovp.exe
2008-07-28 17:58:07 60928 --a------ C:\WINDOWS\system32\blphcef3j0e7aa.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-07-28 17:57:42 110080 --a------ C:\WINDOWS\system32\lphcef3j0e7aa.exe
2008-07-26 09:25:21 0 d-------- C:\Documents and Settings\fz\Application Data\Grisoft
2008-07-25 19:24:15 0 d-------- C:\Program Files\Fichiers communs\eSellerate
2008-07-25 19:24:13 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-25 15:21:55 0 d-------- C:\Program Files\Pool Station
2008-07-24 14:16:11 0 d-------- C:\Program Files\Movie Maker
2008-07-24 10:30:46 0 d-------- C:\Program Files\mp3DirectCut
2008-07-21 23:42:56 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-07-21 23:42:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-21 23:42:49 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-21 16:20:02 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Publish Providers
2008-07-21 16:20:02 0 d-------- C:\Documents and Settings\Administrateur\Application Data\NetMedia Providers
2008-07-21 16:00:06 0 d-------- C:\Program Files\AtomixMP3
2008-07-21 12:07:28 0 dr-h----- C:\Documents and Settings\Administrateur\Recent
2008-07-20 23:25:11 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft
2008-07-20 23:23:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-07-20 00:01:17 0 d-------- C:\Program Files\DivX
2008-07-20 00:01:12 684 --a------ C:\WINDOWS\mozver.dat
2008-07-17 21:55:52 0 d-------- C:\Program Files\stylet
2008-07-17 21:44:46 0 d-------- C:\Program Files\MSNImageText
2008-07-17 20:37:06 0 d-------- C:\Documents and Settings\fz\Application Data\Apple Computer
2008-07-17 19:24:04 0 d-------- C:\Documents and Settings\fz\Contacts
2008-07-17 19:22:59 0 d-------- C:\Documents and Settings\fz\Application Data\Macromedia
2008-07-17 19:22:59 0 d-------- C:\Documents and Settings\fz\Application Data\Adobe
2008-07-17 19:15:05 0 d-------- C:\Documents and Settings\fz\Application Data\Identities
2008-07-17 19:13:35 0 dr------- C:\Documents and Settings\fz\Menu Démarrer
2008-07-17 19:13:35 0 d--h----- C:\Documents and Settings\fz\Local Settings
2008-07-17 19:13:35 0 dr------- C:\Documents and Settings\fz\Favoris
2008-07-17 19:13:35 0 d--hs---- C:\Documents and Settings\fz\Cookies
2008-07-17 19:13:35 0 d-------- C:\Documents and Settings\fz\Bureau
2008-07-17 19:13:35 0 dr-h----- C:\Documents and Settings\fz\Application Data
2008-07-17 19:13:35 0 d---s---- C:\Documents and Settings\fz\Application Data\Microsoft
2008-07-17 19:13:34 0 d--h----- C:\Documents and Settings\fz\Voisinage réseau
2008-07-17 19:13:34 0 d--h----- C:\Documents and Settings\fz\Voisinage d'impression
2008-07-17 19:13:34 0 dr-h----- C:\Documents and Settings\fz\SendTo
2008-07-17 19:13:34 0 dr-h----- C:\Documents and Settings\fz\Recent
2008-07-17 19:13:34 0 d--h----- C:\Documents and Settings\fz\Modèles
2008-07-17 19:13:34 0 dr------- C:\Documents and Settings\fz\Mes documents
2008-07-17 19:13:33 1048576 --ah----- C:\Documents and Settings\fz\NTUSER.DAT
2008-07-17 14:25:51 22 --a------ C:\WINDOWS\system32\win54a34_va.dll
2008-07-17 14:24:54 1634304 -----n--- C:\WINDOWS\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-17 14:24:53 126976 --a------ C:\WINDOWS\system32\lfkodak.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS FlashPix library>
2008-07-17 14:24:53 393216 --a------ C:\WINDOWS\system32\lffpx7.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS FlashPix library>
2008-07-17 14:24:52 65536 --a------ C:\WINDOWS\system32\lfsct14N.dll <Not Verified; LEAD Technologies, Inc.; LEADTOOLS(r) EVAL DLL for Win32>
2008-07-17 14:24:49 188477 --a------ C:\WINDOWS\system32\NCSEcw.dll <Not Verified; Earth Resource Mapping; Earth Resource Mapping NCSEcw>
2008-07-17 14:24:49 53310 --a------ C:\WINDOWS\system32\NCScnet.dll <Not Verified; Earth Resource Mapping; Earth Resource Mapping NCScnet>
2008-07-17 14:24:49 974848 --a------ C:\WINDOWS\system32\LtDlgRes14n.dll
2008-07-17 14:24:48 81982 --a------ C:\WINDOWS\system32\NCSUtil.dll <Not Verified; Earth Resource Mapping; Earth Resource Mapping NCSUtil>
2008-07-17 14:24:48 41022 --a------ C:\WINDOWS\system32\NCSEcwC.dll <Not Verified; Earth Resource Mapping; Earth Resource Mapping NCSEcwC>
2008-07-17 14:14:43 0 d-------- C:\Program Files\Visicom Media
2008-07-17 13:27:05 0 d-------- C:\Program Files\Graphex3
2008-07-17 13:26:42 304128 --a------ C:\WINDOWS\unin040c.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield Deinstaller>
2008-07-17 13:25:40 0 d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-07-17 13:14:50 0 d-------- C:\Program Files\VCW VicMan's Photo Editor
2008-07-14 21:14:49 0 d-------- C:\Program Files\PhotoFiltre
2008-07-13 14:05:57 0 d-------- C:\Program Files\Joustra
2008-07-12 23:23:58 0 d-------- C:\Program Files\Common Files
2008-07-12 13:13:27 0 d-------- C:\WINDOWS\RegisteredPackages
2008-07-12 01:47:40 0 d-------- C:\Documents and Settings\Administrateur\Start Menu
2008-07-12 01:22:48 415232 --a------ C:\WINDOWS\system32\CF17170.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-07-12 01:22:04 415232 --a------ C:\WINDOWS\system32\CF17023.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-07-12 01:22:04 169 --a------ C:\Start_.cmd
2008-07-11 19:03:48 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Ace
2008-07-11 19:02:50 0 d-------- C:\WINDOWS\system32\DirectX
2008-07-11 19:02:09 0 d-------- C:\Program Files\THQ
2008-07-11 19:01:42 0 d-------- C:\Documents and Settings\Administrateur\Application Data\InstallShield
2008-07-11 13:59:58 0 d-------- C:\Program Files\Avira
2008-07-11 13:12:24 0 d-------- C:\Program Files\Trend Micro
2008-07-11 12:38:01 0 d-------- C:\Program Files\Panicware
2008-07-11 11:38:34 0 d-------- C:\WINDOWS\pss
2008-07-11 00:21:23 3320 --a------ C:\WINDOWS\desctemp.dat
2008-07-11 00:09:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-07-11 00:04:29 0 d-------- C:\Program Files\IVT Corporation
2008-07-10 18:24:00 0 d-------- C:\Download
2008-07-10 18:22:35 0 d-------- C:\Downloads
2008-07-10 18:22:35 0 d-------- C:\Documents and Settings\Administrateur\Application Data\GetRightToGo
2008-07-10 18:06:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-10 12:52:05 0 d-------- C:\Program Files\Alwil Software
2008-07-10 12:40:51 0 d-------- C:\Program Files\Fichiers communs\Labtec
2008-07-10 12:40:09 0 d-------- C:\Program Files\Fichiers communs\LogiShrd
2008-07-09 20:47:45 0 d-------- C:\Program Files\Yahoo!
2008-07-09 16:26:08 15872 -----n--- C:\WINDOWS\system32\winskfr.dll <Not Verified; Microsoft Corporation; Contrôle Microsoft Winsock>
2008-07-09 16:26:08 119568 -----n--- C:\WINDOWS\system32\vb6fr.dll <Not Verified; Microsoft Corporation; Environnement Visual Basic>
2008-07-07 23:46:36 0 d-------- C:\Program Files\Veoh Networks
2008-07-07 23:46:21 0 d-------- C:\WINDOWS\Downloaded Installations
2008-07-07 20:01:10 0 d-------- C:\Documents and Settings\Administrateur\Application Data\IDM
2008-07-07 20:01:10 0 d-------- C:\Documents and Settings\Administrateur\Application Data\DMCache
2008-07-07 19:34:43 0 d-------- C:\Documents and Settings\Administrateur\Application Data\ABBYY
2008-07-07 19:33:16 0 d-------- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
2008-07-07 19:28:16 0 d-------- C:\temp
2008-07-07 18:05:47 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-07-07 18:05:16 0 d-------- C:\Program Files\Microsoft SQL Server
2008-07-07 18:04:57 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Sony
2008-07-07 18:04:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony
2008-07-07 17:57:52 0 d-------- C:\Program Files\Sony
2008-07-07 17:57:12 0 d-------- C:\Program Files\Sony Setup
2008-07-06 12:53:40 634 --a------ C:\WINDOWS\eReg.dat
2008-07-05 23:35:32 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-07-05 23:32:27 717296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-05 23:32:26 0 d-------- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools
2008-07-04 15:29:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-04 15:29:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-04 00:10:37 17 --a------ C:\WINDOWS\popcinfo.dat
2008-07-04 00:06:52 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Zylom
2008-07-03 23:30:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-07-03 16:41:29 176 --a------ C:\Program Files\jdk-6u4-windows-i586-p.exe
2008-07-03 10:58:25 0 d-------- C:\Program Files\Apple Software Update
2008-07-03 10:25:32 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2008-07-03 10:24:53 0 d-------- C:\Program Files\iPod
2008-07-03 10:24:22 0 d-------- C:\Program Files\iTunes
2008-07-03 10:24:06 0 d-------- C:\Program Files\Bonjour
2008-07-03 10:22:23 0 d-------- C:\Program Files\QuickTime
2008-07-03 10:21:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-03 10:11:07 0 d-------- C:\Program Files\Fichiers communs\Apple
2008-07-03 10:11:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-03 01:33:58 0 d-------- C:\WINDOWS\system32\appmgmt
2008-07-02 23:05:16 0 d-------- C:\WINDOWS\system32\Adobe
2008-07-02 15:32:40 0 d-------- C:\WINDOWS\Sun
2008-07-02 15:30:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-07-01 23:05:20 0 d-------- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org2
2008-07-01 22:34:05 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-07-01 13:48:49 0 d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-07-01 12:57:30 0 dr-h----- C:\MSOCache
2008-07-01 00:30:15 0 d-------- C:\Program Files\MessengerDiscovery
2008-06-30 23:50:03 0 d--hs---- C:\WINDOWS\Installer
2008-06-30 23:50:02 0 d-------- C:\Program Files
2008-06-30 23:50:02 0 d-------- C:\Program Files\Fichiers communs
2008-06-30 23:50:02 0 d-------- C:\Program Files\Fichiers communs\ODBC
2008-06-30 23:49:48 34304 --a------ C:\WINDOWS\system32\batt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-30 23:49:48 35840 --a------ C:\WINDOWS\NOTEPAD.EXE
2008-06-30 23:49:39 0 d--h----- C:\Documents and Settings\Default User\Voisinage réseau
2008-06-30 23:49:39 0 d--h----- C:\Documents and Settings\Default User\Voisinage d'impression
2008-06-30 23:49:39 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-30 23:49:39 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-06-30 23:49:39 0 d--h----- C:\Documents and Settings\Default User\Modèles
2008-06-30 23:49:39 0 d-------- C:\Documents and Settings\Default User\Mes documents
2008-06-30 23:49:39 0 dr------- C:\Documents and Settings\Default User\Menu Démarrer
2008-06-30 23:49:39 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-30 23:49:39 0 d-------- C:\Documents and Settings\Default User\Favoris
2008-06-30 23:49:39 0 d--hs---- C:\Documents and Settings\Default User\Cookies
2008-06-30 23:49:39 0 d-------- C:\Documents and Settings\Default User\Bureau
2008-06-30 23:49:39 0 d--h----- C:\Documents and Settings\All Users\Modèles
2008-06-30 23:49:39 0 dr------- C:\Documents and Settings\All Users\Menu Démarrer
2008-06-30 23:49:39 0 d-------- C:\Documents and Settings\All Users\Favoris
2008-06-30 23:49:39 0 dr------- C:\Documents and Settings\All Users\Documents
2008-06-30 23:49:39 0 d-------- C:\Documents and Settings\All Users\Bureau
2008-06-30 23:49:23 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-30 23:49:23 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-30 23:49:17 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-30 23:49:17 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-30 23:49:17 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-30 23:49:17 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-30 23:48:52 0 d-------- C:\Documents and Settings
2008-06-30 23:48:51 0 d--hs---- C:\System Volume Information
2008-06-30 23:45:45 0 d-------- C:\WINDOWS
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\WinSxS
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Web
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\twain_32
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\wins
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\wbem
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\usmt
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\spool
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\Setup
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\ras
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\npp
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\mui
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\IME
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\ias
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\fr-fr
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\fr
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\export
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\drivers
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\config
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\3076
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\2052
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1054
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1042
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1041
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1037
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1036
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1033
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1031
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1028
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system32\1025
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\system
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\security
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Resources
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\repair
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Provisioning
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\PeerNet
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Network Diagnostic
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\mui
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\msapps
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Media
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\L2Schemas
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\java
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\inf
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\ime
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Help
2008-06-30 23:45:45 0 dr--s---- C:\WINDOWS\Fonts
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Driver Cache
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Debug
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Cursors
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\Config
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\AppPatch
2008-06-30 23:45:45 0 d-------- C:\WINDOWS\addins
2008-06-30 23:04:48 0 d-------- C:\Program Files\CDex_170b2
2008-06-30 23:02:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-30 22:58:45 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Notepad++
2008-06-30 22:58:30 0 d-------- C:\Documents and Settings\Administrateur\Application Data\vlc
2008-06-30 22:53:11 0 d-------- C:\Program Files\VideoLAN
2008-06-30 22:50:50 0 d-------- C:\Program Files\Messenger Plus! Live
2008-06-30 22:45:30 0 d-------- C:\Program Files\Labtec
2008-06-30 22:45:19 0 d-------- C:\Program Files\Labtec1
2008-06-30 22:16:35 0 d-------- C:\Documents and Settings\Administrateur\Contacts
2008-06-30 22:10:08 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-06-30 22:09:26 0 d-------- C:\Program Files\Realtek AC97
2008-06-30 22:09:24 315392 --a------ C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update driver Tool>
2008-06-30 22:09:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-30 22:09:16 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-06-30 22:06:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-06-30 22:04:55 0 d-------- C:\Program Files\VistaDriveStatus
2008-06-30 22:04:54 0 d-------- C:\Program Files\7-Zip
2008-06-30 22:04:33 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-30 22:04:30 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Mozilla
2008-06-30 22:04:18 0 d-------- C:\Program Files\Java
2008-06-30 22:04:17 0 d-------- C:\Program Files\Fichiers communs\Java
2008-06-30 22:04:08 0 d-------- C:\Program Files\ma-config.com
2008-06-30 22:04:08 0 d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-06-30 22:04:04 0 d-------- C:\Program Files\Taskix
2008-06-30 22:04:04 0 d-------- C:\Program Files\LClock
2008-06-30 22:04:04 0 d-------- C:\Program Files\CCleaner
2008-06-30 22:04:04 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Sun
2008-06-30 22:04:01 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-30 22:03:37 0 d-------- C:\Program Files\Windows Live
2008-06-30 22:03:33 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Macromedia
2008-06-30 22:03:32 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Adobe
2008-06-30 22:03:15 0 d-------- C:\Documents and Settings\Administrateur\Application Data\WinRAR
2008-06-30 22:01:46 208896 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-30 22:01:46 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-30 22:01:46 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-06-30 22:01:46 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-30 22:01:46 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-30 22:01:38 0 d-------- C:\Documents and Settings\Administrateur\Application Data\Identities
2008-06-30 22:01:25 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-06-30 22:01:25 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-06-30 22:01:25 0 dr-h----- C:\Documents and Settings\Administrateur\SendTo
2008-06-30 22:01:25 7077888 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT
2008-06-30 22:01:25 0 d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-06-30 22:01:25 0 dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-06-30 22:01:25 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-06-30 22:01:25 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings
2008-06-30 22:01:25 0 dr------- C:\Documents and Settings\Administrateur\Favoris
2008-06-30 22:01:25 0 d--hs---- C:\Documents and Settings\Administrateur\Cookies
2008-06-30 22:01:25 0 d-------- C:\Documents and Settings\Administrateur\Bureau
2008-06-30 22:01:25 0 dr-h----- C:\Documents and Settings\Administrateur\Application Data
2008-06-30 22:01:10 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-30 22:01:04 208896 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-30 22:01:04 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-30 22:01:04 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-06-30 22:01:04 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-30 22:01:04 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-30 21:59:54 208896 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-30 21:58:31 0 d-------- C:\WINDOWS\PCHEALTH
2008-06-30 21:57:52 0 -rahs---- C:\MSDOS.SYS
2008-06-30 21:57:52 0 -rahs---- C:\IO.SYS
2008-06-30 21:57:52 0 --a------ C:\CONFIG.SYS
2008-06-30 21:57:52 0 --a------ C:\AUTOEXEC.BAT
2008-06-30 21:57:36 0 d-------- C:\WINDOWS\system32\dllcache
2008-06-30 21:57:09 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-30 21:56:32 0 d---s---- C:\WINDOWS\Tasks
2008-06-30 21:56:31 0 d-------- C:\Program Files\Fichiers communs\MSSoap
2008-06-30 21:56:24 341504 --a------ C:\WINDOWS\system32\mstask.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:56:11 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-30 21:55:56 0 d-------- C:\WINDOWS\Registration
2008-06-30 21:55:05 0 d-------- C:\Program Files\Notepad++
2008-06-30 21:54:58 0 d-------- C:\Program Files\WTInstaller
2008-06-30 21:54:50 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-30 21:54:47 0 d-------- C:\Program Files\Windows Trust
2008-06-30 21:54:27 0 d-------- C:\WINDOWS\Magnétophone
2008-06-30 21:54:26 0 d-------- C:\WINDOWS\LangDLLs
2008-06-30 21:54:26 103424 --a------ C:\WINDOWS\DamnNFO.exe <Not Verified; DAMN; DAMN NFO Viewer>
2008-06-30 21:54:26 0 d-------- C:\Program Files\Paint.NET
2008-06-30 21:54:19 405504 --a------ C:\WINDOWS\system32\iColorFolder.exe <Not Verified; ; iColorFolder>
2008-06-30 21:54:18 0 d-------- C:\WINDOWS\system32\skins
2008-06-30 21:54:18 283294 --a------ C:\WINDOWS\system32\iColorFolder.dll <Not Verified; ; iColorFolder>
2008-06-30 21:54:18 46592 --a------ C:\WINDOWS\system32\CMExt.dll <Not Verified; Revenger inc.; >
2008-06-30 21:54:18 802304 --a------ C:\WINDOWS\system32\Bulles-VS.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-30 21:54:17 0 d-------- C:\WINDOWS\Offline Web Pages
2008-06-30 21:54:17 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-30 21:54:10 155136 --a------ C:\WINDOWS\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:09 121856 --a------ C:\WINDOWS\system32\winmine.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:09 58880 --a------ C:\WINDOWS\system32\sol.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:09 82432 --a------ C:\WINDOWS\system32\charmap.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:09 973072 --a------ C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft® Calculatrice Plus>
2008-06-30 21:54:08 130048 --a------ C:\WINDOWS\system32\mshearts.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:08 57344 --a------ C:\WINDOWS\system32\freecell.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:02 1565184 --a------ C:\WINDOWS\system32\spider.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:54:00 64000 --a------ C:\WINDOWS\system32\remotepg.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-06-30 21:53:59 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-30 21:53:58 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-07-22 20:05:42 590 --a------ C:\WINDOWS\sumatrapdfprefs.dat
2008-07-07 18:06:09 463144 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-07-07 18:06:09 73406 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-06-30 23:49:39 62 --ahs---- C:\Documents and Settings\Administrateur\Application Data\desktop.ini
2008-05-13 02:16:37 219648 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:37 142336 --a------ C:\WINDOWS\system32\sfc_os.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:34 330752 --a------ C:\WINDOWS\system32\dmconfig.dll <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
2008-05-13 02:16:33 225280 --a------ C:\WINDOWS\system32\dmadmin.exe <Not Verified; Microsoft Corp., Veritas Software; Gestionnaire de disque logique pour Windows NT>
2008-05-13 02:16:21 119808 --a------ C:\WINDOWS\system32\verifier.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:20 51200 --a------ C:\WINDOWS\system32\syncapp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:16:20 221184 --a------ C:\WINDOWS\system32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2008-05-13 02:16:20 192000 --a------ C:\WINDOWS\system32\mycomput.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:19 321536 --a------ C:\WINDOWS\system32\hnetwiz.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft(R) Windows (R) 2000>
2008-05-13 02:16:19 33792 --a------ C:\WINDOWS\system32\eventvwr.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:19 276480 --a------ C:\WINDOWS\system32\dmdskres.dll <Not Verified; Microsoft Corp.; Gestionnaire de disque logique pour Windows NT>
2008-05-13 02:16:19 113152 --a------ C:\WINDOWS\hh.exe <Not Verified; Microsoft Corporation; HTML Help>
2008-05-13 02:16:18 1384960 --a------ C:\WINDOWS\system32\cards.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:16:17 957440 --a------ C:\WINDOWS\system32\wsecedit.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:16 208896 --a------ C:\WINDOWS\system32\wscript.exe <Not Verified; Microsoft Corporation; Microsoft (R) Windows Script Host>
2008-05-13 02:16:16 704000 --a------ C:\WINDOWS\system32\wiashext.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:16 890368 --a------ C:\WINDOWS\system32\wiaacmgr.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:15 594944 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:15 453632 --a------ C:\WINDOWS\system32\themeui.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:14 3599360 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:14 282112 --a------ C:\WINDOWS\system32\taskmgr.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:14 78336 --a------ C:\WINDOWS\system32\stobject.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:11 96256 --a------ C:\WINDOWS\system32\sigverif.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:11 1790464 --a------ C:\WINDOWS\system32\shimgvw.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:02 2584576 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:01 122880 --a------ C:\WINDOWS\system32\perfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:16:00 103936 --a------ C:\WINDOWS\system32\nslookup.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:00 368640 --a------ C:\WINDOWS\system32\newdev.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:16:00 2141696 --a------ C:\WINDOWS\system32\netshell.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:59 420864 --a------ C:\WINDOWS\system32\netid.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:59 84480 --a------ C:\WINDOWS\system32\mydocs.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:56 1238528 --a------ C:\WINDOWS\system32\msgina.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:55 590336 --a------ C:\WINDOWS\system32\moricons.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:55 3504640 --a------ C:\WINDOWS\system32\mobsync.exe <Not Verified; Microsoft Corporation; Gestionnaire de synchronisation Microsoft>
2008-05-13 02:15:52 1519616 --a------ C:\WINDOWS\system32\mmc.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:52 6848000 --a------ C:\WINDOWS\system32\logonui.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:47 162304 --a------ C:\WINDOWS\system32\hotplug.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:47 960512 --a------ C:\WINDOWS\system32\gpedit.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:46 524800 --a------ C:\WINDOWS\system32\fsquirt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:21 396288 --a------ C:\WINDOWS\system32\fontext.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:21 443904 --a------ C:\WINDOWS\system32\filemgmt.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:21 1411584 --a------ C:\WINDOWS\explorer.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:20 211968 --a------ C:\WINDOWS\system32\els.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:20 494080 --a------ C:\WINDOWS\system32\dmdlgs.dll <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT>
2008-05-13 02:15:20 392704 --a------ C:\WINDOWS\system32\devmgr.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:20 25600 --a------ C:\WINDOWS\system32\ctfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:20 167936 --a------ C:\WINDOWS\system32\cscript.exe <Not Verified; Microsoft Corporation; Microsoft (R) Windows Script Host>
2008-05-13 02:15:19 1450496 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; Services COM>
2008-05-13 02:15:19 663552 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:18 415232 --a------ C:\WINDOWS\system32\cmd.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:18 113152 --a------ C:\WINDOWS\system32\cleanmgr.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:18 1225728 --a------ C:\WINDOWS\system32\certmgr.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:17 37888 --a------ C:\WINDOWS\system32\batmeter.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:12 502784 --a------ C:\WINDOWS\system32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft(R) Uniscribe Unicode script processor>
2008-05-13 02:15:12 90112 --a------ C:\WINDOWS\system32\makecab.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:11 49664 --a------ C:\WINDOWS\system32\xcacls.exe
2008-05-13 02:15:11 15872 --a------ C:\WINDOWS\system32\showacls.exe
2008-05-13 02:15:11 155648 --a------ C:\WINDOWS\system32\reschange.exe
2008-05-13 02:15:10 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-05-13 02:15:10 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-05-13 02:15:10 1129984 --a------ C:\WINDOWS\SumatraPDF.exe
2008-05-13 02:15:09 65536 --a------ C:\WINDOWS\system32\StripMyRights.exe <Not Verified; Systemintegrasjon AS; StripMyRights>
2008-05-13 02:15:09 36864 --a------ C:\WINDOWS\system32\qfecheck.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:09 37648 --a------ C:\WINDOWS\system32\qchain.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2008-05-13 02:15:09 529408 --a------ C:\WINDOWS\system32\Mystify.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:09 290816 --a------ C:\WINDOWS\system32\MpegVideo.dll <Not Verified; DScaler Team; MpegVideo Module>
2008-05-13 02:15:09 438272 --a------ C:\WINDOWS\system32\MpegAudio.dll <Not Verified; DScaler Team; MpegAudio Module>
2008-05-13 02:15:09 217088 --a------ C:\WINDOWS\system32\JkDefrag.exe <Not Verified; J.C. Kessels; JkDefrag>
2008-05-13 02:15:09 74752 --a------ C:\WINDOWS\system32\Images.scr <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-13 02:15:09 462848 --a------ C:\WINDOWS\system32\HashTab.dll <Not Verified; Beeblebrox.org; HashTab>
2008-05-13 02:15:09 54784 --a------ C:\WINDOWS\system32\GoRC.exe
2008-05-13 02:15:08 271872 --a------ C:\WINDOWS\system32\upx.exe <Not Verified; The UPX Team http://upx.sf.net; UPX>
2008-05-13 02:15:08 184370 --a------ C:\WINDOWS\system32\macshift.exe
2008-05-13 02:15:08 1292800 --a------ C:\WINDOWS\system32\Aurora.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:07 32256 --a------ C:\WINDOWS\system32\whoami.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:07 319488 --a------ C:\WINDOWS\system32\wget.exe
2008-05-13 02:15:07 139264 --a------ C:\WINDOWS\system32\psicon.dll
2008-05-13 02:15:07 398494 --a------ C:\WINDOWS\system32\moricons2.dll <Not Verified; ; Moricons 2>
2008-05-13 02:15:07 517632 --a------ C:\WINDOWS\system32\7za.exe <Not Verified; Igor Pavlov; 7-Zip>
2008-05-13 02:15:06 203264 --a------ C:\WINDOWS\system32\UnRAR.exe
2008-05-13 02:15:06 35840 --a------ C:\WINDOWS\system32\touch.exe
2008-05-13 02:15:06 62464 --a------ C:\WINDOWS\system32\StripReloc.exe
2008-05-13 02:15:06 5120 --a------ C:\WINDOWS\system32\sleep.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:06 11776 --a------ C:\WINDOWS\system32\setx.exe
2008-05-13 02:15:06 79872 --a------ C:\WINDOWS\system32\robocopy.exe <Not Verified; Microsoft; Microsoft Robocopy>
2008-05-13 02:15:06 4608 --a------ C:\WINDOWS\system32\permcopy.exe
2008-05-13 02:15:06 20480 --a------ C:\WINDOWS\system32\mvdir.exe
2008-05-13 02:15:06 69632 --a------ C:\WINDOWS\system32\mv.exe
2008-05-13 02:15:06 8636 --a------ C:\WINDOWS\system32\modifyPE.exe
2008-05-13 02:15:06 28160 --a------ C:\WINDOWS\system32\md5sum.exe
2008-05-13 02:15:06 9728 --a------ C:\WINDOWS\system32\mcast.exe
2008-05-13 02:15:06 35840 --a------ C:\WINDOWS\system32\linkspeed.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:06 520192 --a------ C:\WINDOWS\system32\lame.exe
2008-05-13 02:15:06 378880 --a------ C:\WINDOWS\system32\helpctr.exe
2008-05-13 02:15:06 12800 --a------ C:\WINDOWS\system32\dhcploc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:06 35840 --a------ C:\WINDOWS\system32\choice.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:06 28672 --a------ C:\WINDOWS\system32\chknic.exe
2008-05-13 02:15:06 62976 --a------ C:\WINDOWS\system32\cabarc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-13 02:15:05 462848 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-05-13 02:15:03 225280 --a------ C:\WINDOWS\system32\msvcm90.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® 2008>
2008-05-13 02:15:02 59904 --a------ C:\WINDOWS\system32\mfcm90u.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® 2008>
2008-05-13 02:15:02 59904 --a------ C:\WINDOWS\system32\mfcm90.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® 2008>
2008-05-13 02:14:54 1872666 --a------ C:\WINDOWS\system32\cygwin1.dll <Not Verified; Red Hat; Cygwin>
2008-05-13 02:14:53 59904 --a------ C:\WINDOWS\system32\zlib1.dll <Not Verified; ; zlib>
2008-05-13 02:14:53 168448 --a------ C:\WINDOWS\system32\unrar.dll
2008-05-13 02:14:53 67584 --a------ C:\WINDOWS\system32\rpl.exe <Not Verified; GnuWin32 <http://gnuwin32.sourceforge.net>; Rpl>
2008-05-13 02:14:53 16852 --a------ C:\WINDOWS\system32\cat.exe
2008-05-11 03:12:46 184320 --a------ C:\WINDOWS\system32\telnet.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-11 03:12:45 230912 --a------ C:\WINDOWS\regedit.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-11 03:12:43 2787840 --a------ C:\WINDOWS\system32\winntbbu.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-05-11 01:31:16 1571840 --a------ C:\WINDOWS\system32\sfcfiles.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-11 01:25:12 229376 --a------ C:\WINDOWS\system32\cewmdm.dll <Not Verified; Microsoft Corporation; Windows Media Device Manager>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A}]
27/07/2008 09:57: VIRUS ALERT! 348160 --a------ C:\WINDOWS\nfavxwdbsxb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Taskix"="C:\Program Files\Taskix\Taskix32.exe" [25/01/2007 22:33: VIRUS ALERT!]
"Vistadrv"="C:\Program Files\VistaDriveStatus\vsdrv.exe" [30/07/2006 03:37: VIRUS ALERT!]
"SoundMan"="SOUNDMAN.EXE" [16/04/2007 15:28: VIRUS ALERT! C:\WINDOWS\soundman.exe]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [17/07/2008 20:53: VIRUS ALERT!]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27/05/2008 10:50: VIRUS ALERT!]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 11:25: VIRUS ALERT!]
"lphcef3j0e7aa"="C:\WINDOWS\system32\lphcef3j0e7aa.exe" [28/07/2008 17:57: VIRUS ALERT!]
"SMrhcaf3j0e7aa"="C:\Program Files\rhcaf3j0e7aa\rhcaf3j0e7aa.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LClock"="C:\Program Files\LClock\LClock.exe" [19/09/2004 20:27: VIRUS ALERT!]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [07/02/2008 00:54: VIRUS ALERT!]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [04/07/2008 17:01: VIRUS ALERT!]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=1 (0x1)
"NoDispBackgroundPage"=1 (0x1)
"NoDispScrSavPage"=1 (0x1)
"DisableTaskMgr"=1 (0x1)
"NoDispCPL"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"=1 (0x1)
"NoActiveDesktop"=0 (0x0)
"NoRemoteRecursiveEvents"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"NoSetActiveDesktop"=0 (0x0)
"HideRunAsVerb"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"NoNetConnectDisconnect"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoStartMenuMFUprogramsList"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"=1 (0x1)
"ForceClassicControlPanel"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoDesktopCleanupWizard"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoResolveSearch"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"NoSMBalloonTip"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoStartMenuMFUprogramsList"=1 (0x1)
"NoStrCmpLogical"=0 (0x0)
"NoWelcomeScreen"=1 (0x1)
"NoToolbarCustomize"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"NoStartMenuMorePrograms"=1 (0x1)
"NoSetFolders"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"=1 (0x1)
"ForceClassicControlPanel"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoDesktopCleanupWizard"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoResolveSearch"=1 (0x1)
"NoResolveTrack"=1 (0x1)
"NoSMBalloonTip"=1 (0x1)
"NoSMConfigurePrograms"=1 (0x1)
"NoStartBanner"=1 (0x1)
"NoStartMenuMFUprogramsList"=1 (0x1)
"NoStrCmpLogical"=0 (0x0)
"NoWelcomeScreen"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"eqvwamkl"= {66D912F9-3D50-4401-8090-A70C8AF8211A} - C:\WINDOWS\eqvwamkl.dll [27/07/2008 09:57: VIRUS ALERT! 274432]
"wnslvxtf"= {0D536C64-5BE2-407F-B985-409A70678EDD} - C:\WINDOWS\wnslvxtf.dll [27/07/2008 09:57: VIRUS ALERT! 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\keygen.exe]
Debugger=StripMyRights.exe /D /L N

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.4.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^Yahoo! Widgets.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Yahoo! Widgets.lnk
backup=C:\WINDOWS\pss\Yahoo! Widgets.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe /onboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService LmHosts upnphost SSDPSRV
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c167cf0-49c2-11dd-8e0c-0040ca4759cc}]
Auto\command- auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d14410fc-5007-11dd-8e46-001167685d9c}]
AutoRun\command- H:\Autorun.exe




-- Hosts -----------------------------------------------------------------------

127.0.0.1 mpa.one.microsoft.com
127.0.0.1 rad.msn.com
127.0.0.1 rad.live.com
127.0.0.1 ads1.msn.com
127.0.0.1 adfarm.mediaplex.com
127.0.0.1 101com.com
127.0.0.1 101order.com
127.0.0.1 103bees.com
127.0.0.1 1100i.com
127.0.0.1 123banners.com

10854 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-07-28 21:38:49 ------------




extra.txt

[quote]Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professionnel (build 2600) SP 3.0
Architecture: X86; Language: French

CPU 0: AMD Athlon(tm) XP 2600+
Percentage of Memory in Use: 37%
Physical Memory (total/avail): 767.48 MiB / 479.71 MiB
Pagefile Memory (total/avail): 1875.54 MiB / 1543.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1907.75 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.55 GiB total, 37.09 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG SP8004H - 74.56 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 74.55 GiB - C:



-- Security Center -------------------------------------------------------------



-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrateur\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=WINDOWS-26198EF
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrateur
LOGONSERVER=\\WINDOWS-26198EF
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Smart Projects\IsoBuster
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=WINDOWS-26198EF
USERNAME=Administrateur
USERPROFILE=C:\Documents and Settings\Administrateur
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

fz [I](admin)[/I]
Administrateur [I](admin)[/I]


-- Add/Remove Programs ---------------------------------------------------------

7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
AtomixMP3 v2.3 Trial --> C:\PROGRA~1\ATOMIX~1\UNWISE.EXE C:\PROGRA~1\ATOMIX~1\INSTALL.LOG
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal - Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BlueSoleil --> MsiExec.exe /X{63D1A44F-E1FD-4460-BE0A-8745012F67EF}
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDex extraction audio --> "C:\Program Files\CDex_170b2\uninstall.exe"
Disney-Pixar Ratatouille --> C:\Program Files\InstallShield Installation Information\{B94C6815-7BCC-4124-AC39-9208A06FFFA7}\setup.exe -runfromtemp -l0x040c -removeonly
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Ink --> MsiExec.exe /I{9FCB2876-554D-491D-A2CD-58F8252D6C64}
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Joustra - E=Lab --> C:\PROGRA~1\Joustra\UNWISE.EXE C:\PROGRA~1\Joustra\INSTALL.LOG
Labtec WebCam --> MsiExec.exe /X{995BF1A7-30E5-49E5-A0E4-AD3213D9E330}
LClock --> "C:\Program Files\LClock\Désinstaller.exe"
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Ma-Config.com --> MsiExec.exe /X{06526E3A-92DD-4F45-90CD-902953F1A8D2}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
MessengerDiscovery Live 1.5.0725 --> "C:\Program Files\MessengerDiscovery\unins001.exe"
Microsoft Office Excel Viewer 2003 --> MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003 --> MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Mozilla Firefox (2.0.0.16) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN Image Text --> C:\Program Files\MSNImageText\Uninstal.exe
MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenOffice.org 2.4 --> MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14}
PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe"
Programme de gestion Camera de Labtec® --> "C:\Program Files\Fichiers communs\Labtec\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Sony Media Manager 2.2 --> MsiExec.exe /X{2B5A75F0-FD85-4094-AB00-94902398D192}
Taskix --> "C:\Program Files\Taskix\Désinstaller.exe"
Unlocker 1.8.7 --> C:\Program Files\Unlocker\uninst.exe
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6h --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VistaDriveStatus --> "C:\Program Files\VistaDriveStatus\Dési