[Résolu]Demande de l'aide contre un trojan

Bonjour à tous ! J’ai téléchargé un programme sur emule et à la place j’ai récolté un meute de trojans qui ont désactivé avast familiale et qui m’empêche d’installer où d’utilisé d’autres programmes anti virus.

Voici la liste des programmes téléchargés et que je ne peut pas utiliser :

Drweb
Antivir
HijackThis
Kaspersky

J’ai installé malwerbytes qui lui, fonctionne. Il m’a permis au bout d’une dizaine de passages de détruire une partie des trojans, dont certains manuellement, mais il me reste celui-ci « mule_st_key » et malheureusement malwerbytes n’arrive plus à redémarrer l’ordi pour supprimer le méchant programme, malgré une réinstallation.

Premier et dernier rapport de malwerbytes :

----------------------------------------- 1 rapport ----------------------------------------------------

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1717
Windows 5.1.2600 Service Pack 2

02/02/2009 22:41:01
mbam-log-2009-02-02 (22-41-01).txt

Type de recherche: Examen complet (C:\|E:\|F:\|)
Eléments examinés: 166877
Temps écoulé: 33 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\felipe\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Program Files\eMule\Uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\FIREFOX DOWNLOAD\210709\ancien\eMule0.49b-Installer1.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\felipe\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\felipe\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\felipe\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\felipe\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\felipe\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.


------------------------------------ dernier rapport ---------------------------------------

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1717
Windows 5.1.2600 Service Pack 2

04/02/2009 15:26:04
mbam-log-2009-02-04 (15-26-04).txt

Type de recherche: Examen complet (C:\|E:\|F:\|)
Eléments examinés: 167959
Temps écoulé: 37 minute(s), 1 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

----------------------------------------------------------------------------------------


Voilà, j’ai essayer de me débrouiller tout seul, mais là je ne sais plus quoi faire, j’espère que quelqu’un pourra m’aider.

merci, j'essaye ça et je te renvoie le rapport.

as-tu ressu ma réponse ? ....C'est la première fois que je viens sur un forum.

C'est sympa de m'aider, mais là, y a plus personne qui me répond, je fais quoi maintenant avec mon rapport ? je l'encadre au mur ? Non, je plaisante. Si quelqu'un a pitié de moi et veut bien reprendre la suite merci mille fois.

Excuse mon impatience destriot5.

Le fichiers qui m'a infecté est un exécutable (setup) sur le quel j'ai double cliqué, je l'ai balancé à la corbeille quand j'ai compris que c'était un programme malveillant.

Je vais faire ce que tu dis pour la suite.

Je n'y connais rien, mais le mule-st-key qui apparaissait dans le premier rapport, n'y est pas dans le second. Bon, alors j'espère à demain, merci pour ton aide.

bonjour !


voici log.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by felipe at 2009-02-06 19:06:33
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 80 GB (80%) free of 100 GB
Total RAM: 3327 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:42, on 06/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
E:\FIREFOX DOWNLOAD\RSIT.exe
C:\Program Files\trend micro\felipe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0132489437
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6054 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe -r []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-16 81920]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-03-16 1040384]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2003-07-28 188416]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

C:\Documents and Settings\felipe\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\FlightGear\bin\win32\fgfs.exe"="C:\Program Files\FlightGear\bin\win32\fgfs.exe:*:Enabled:fgfs"
"C:\Documents and Settings\felipe\Application Data\m\flec006.exe"="C:\Documents and Settings\felipe\Application Data\m\flec006.exe:*isabled:flec006"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9df81eaf-d204-11dd-be3e-806d6172696f}]
shell\AutoRun\command - D:\.\Bin\Assetup.exe


======List of files/folders created in the last 1 months======

2009-02-06 19:06:33 ----D---- C:\rsit
2009-02-06 19:06:33 ----D---- C:\Program Files\trend micro
2009-02-05 23:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-02-05 23:11:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-02-05 23:11:27 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-02-05 23:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-02-05 23:10:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-02-05 23:10:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-02-05 23:10:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-02-05 23:10:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-02-05 23:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-02-05 23:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-02-05 23:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-02-05 23:10:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-02-05 23:10:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-02-05 23:10:12 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-02-05 23:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-02-05 23:09:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-05 23:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-02-05 23:09:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-02-05 23:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-05 23:09:35 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-05 23:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-02-05 23:09:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-02-05 23:09:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-02-05 23:09:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-02-05 23:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-02-05 23:09:05 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-05 23:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-02-05 23:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-05 23:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-05 23:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-02-05 22:48:12 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-02-05 22:30:48 ----D---- C:\Program Files\Avira
2009-02-05 22:30:48 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-02-05 20:41:39 ----A---- C:\FindyKill.txt
2009-02-05 19:12:38 ----D---- C:\Program Files\FindyKill
2009-02-04 16:27:07 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-04 16:08:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-03 20:05:50 ----D---- C:\cible
2009-02-03 00:08:26 ----A---- C:\mbam-log-2009-02-02 (22-02-00)2.txt
2009-02-02 23:04:50 ----A---- C:\mbam-log-2009-02-02 (23-02-27).txt
2009-02-02 22:03:13 ----A---- C:\mbam-log-2009-02-02 (22-02-00).txt
2009-02-02 21:56:13 ----D---- C:\Documents and Settings\felipe\Application Data\Malwarebytes
2009-02-02 21:56:09 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-29 19:37:08 ----D---- C:\Documents and Settings\felipe\Application Data\flightgear.org
2009-01-29 19:36:16 ----D---- C:\Program Files\FlightGear
2009-01-26 21:55:50 ----N---- C:\WINDOWS\system32\mwgfxcopy.exe
2009-01-26 21:55:50 ----N---- C:\WINDOWS\system32\mwgfx24.dll
2009-01-26 21:55:50 ----N---- C:\WINDOWS\system32\mwgfx.dll
2009-01-26 21:55:50 ----N---- C:\WINDOWS\system32\mwdds.dll
2009-01-26 21:55:50 ----N---- C:\WINDOWS\system32\mwace.dll
2009-01-26 21:55:50 ----D---- C:\Program Files\Graphics
2009-01-24 15:53:37 ----D---- C:\Program Files\Audacity
2009-01-24 11:56:01 ----A---- C:\WINDOWS\iun6002.exe
2009-01-24 11:55:41 ----A---- C:\WINDOWS\C152 Setup Log.txt
2009-01-18 17:23:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2009-01-18 17:18:03 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared
2009-01-18 17:16:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-12 20:01:29 ----D---- C:\DVDVideoSoft
2009-01-12 19:58:03 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft
2009-01-12 19:58:00 ----D---- C:\Program Files\DVDVideoSoft
2009-01-12 19:58:00 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-01-11 19:35:32 ----D---- C:\Nathalie-Work
2009-01-10 10:03:18 ----D---- C:\Program Files\Hercules
2009-01-09 21:02:17 ----D---- C:\Program Files\TC Native Bundle DX 2.02
2009-01-09 19:13:34 ----D---- C:\Program Files\Native Instruments
2009-01-09 19:13:34 ----A---- C:\WINDOWS\system32\AbsynthIAC.dll
2009-01-09 01:15:27 ----A---- C:\WINDOWS\iris.INI
2009-01-09 01:09:40 ----D---- C:\Program Files\IRIS
2009-01-08 23:07:51 ----D---- C:\Documents and Settings\felipe\Application Data\teamspeak2
2009-01-08 23:04:45 ----D---- C:\Program Files\HyperLobbyPro3

======List of files/folders modified in the last 1 months======

2009-02-06 19:06:33 ----RD---- C:\Program Files
2009-02-06 19:06:28 ----D---- C:\WINDOWS\Prefetch
2009-02-06 18:58:04 ----D---- C:\Program Files\Mozilla Firefox
2009-02-06 18:57:26 ----D---- C:\WINDOWS\Temp
2009-02-06 18:57:10 ----AH---- C:\WINDOWS\system32\FFASTLOG.TXT
2009-02-06 00:17:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-05 23:13:05 ----D---- C:\WINDOWS
2009-02-05 23:12:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-05 23:12:44 ----D---- C:\WINDOWS\system32
2009-02-05 23:11:36 ----HD---- C:\WINDOWS\inf
2009-02-05 23:11:35 ----HD---- C:\WINDOWS\system32\drivers
2009-02-05 23:11:34 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-05 23:11:33 ----A---- C:\WINDOWS\imsins.BAK
2009-02-05 23:11:29 ----D---- C:\Program Files\Messenger
2009-02-05 23:10:47 ----D---- C:\Program Files\Internet Explorer
2009-02-05 23:10:31 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-05 23:09:17 ----D---- C:\WINDOWS\WinSxS
2009-02-05 22:59:40 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-05 22:48:12 ----D---- C:\WINDOWS\Debug
2009-02-05 20:44:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-04 16:32:20 ----SHD---- C:\WINDOWS\Installer
2009-02-02 19:30:03 ----D---- C:\Program Files\eMule
2009-01-31 17:49:21 ----D---- C:\CAKEXP
2009-01-29 18:40:28 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2009-01-19 18:53:46 ----D---- C:\Documents and Settings\felipe\Application Data\Adobe
2009-01-18 17:19:13 ----D---- C:\Program Files\Adobe
2009-01-18 17:18:30 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-01-18 17:18:03 ----D---- C:\Program Files\Fichiers communs
2009-01-16 01:09:25 ----D---- C:\Program Files\Microsoft Games
2009-01-11 19:35:57 ----D---- C:\WINDOWS\system32\config
2009-01-11 19:35:50 ----D---- C:\WINDOWS\system32\wbem
2009-01-11 19:35:49 ----D---- C:\WINDOWS\Registration
2009-01-11 19:35:38 ----D---- C:\WINDOWS\twain_32
2009-01-11 19:35:36 ----D---- C:\Program Files\Scanner
2009-01-11 19:35:17 ----D---- C:\WINDOWS\system32\Restore
2009-01-10 14:39:23 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-10 10:03:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-10 10:03:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-10 10:03:15 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-18 72704]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

-----------------EOF-----------------


et voici info.txt

info.txt logfile of random's system information tool 1.05 2009-02-06 19:06:43

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Active Camera 2004 demo-->E:\FIREFOX DOWNLOAD\fs24\Active Camera 2004 uninstal.exe
Adobe Acrobat 4.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASUS Gamer OSD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x40c -removeonly
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Cap-10B-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_cap10.exe
Celestia 1.5.1-->"C:\Program Files\Celestia\unins000.exe"
Cessna 152-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\UniC152Ver10.ini"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DiscoDSP Discovery VSTi v2.5-->C:\PROGRA~1\STEINB~1\VSTPLU~1\DiscoDSP\DISCOV~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\DiscoDSP\DISCOV~1\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Free YouTube Download 2.2-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
Generator 1.57-->C:\WINDOWS\UNWISE.EXE C:\audio\GENERA~1\INSTALL.LOG
Generator Midi Driver-->C:\WINDOWS\unwise.exe C:\audio\GENERA~1\mididrv.log
GForce.Software.Minimonsta.v1.01.VSTi.RTAS-DAC-->C:\PROGRA~1\GForce\MINIMO~1\UNWISE.EXE C:\PROGRA~1\GForce\MINIMO~1\INSTALL.LOG
Gmax F-86 Sabre-->"C:\Program Files\Microsoft Games\Flight Simulator 9\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Howard 500-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal Howard 500.exe
IL-2 Sturmovik: Forgotten Battles AEP-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D2BBEABB-A8DF-4451-A7C4-63C87B31E325} /l1036
IL-2 Sturmovik: Forgotten Battles-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3} /l1036
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jupiter-8V Demo 1.1-->"C:\Program Files\Arturia\Jupiter-8V\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Messerschmitt Me 108 by GK-->"C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall.exe" "C:\Program Files\Microsoft Games\Flight Simulator 9\Aircraft\Messerschmitt Me 108 by GK\install.log"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator 2004 Un siècle d'aviation-->"C:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Word 97-->C:\Program Files\Microsoft Office\Office\Install\AcmeWord.exe /w Word97.stf
minimoog V-->C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\Arturia\minimoog V\uninstal.log
Mirage F1v2.5-->"C:\Program Files\Microsoft Games\Flight Simulator 9\unins001.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Moog Modular V 2.2 Demo-->"C:\Program Files\Arturia\Moog Modular V 2\unins000.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Native Instruments Absynth v1.3.2-->C:\PROGRA~1\NATIVE~1\Absynth\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Absynth\INSTALL.LOG
Native Instruments FM7-->C:\PROGRA~1\NATIVE~1\Fm7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Fm7\INSTALL.LOG
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
PF+FB+AEP-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51F24145-A833-4BD5-AA38-AFC5268928E5} /l1036
Piper PA-22-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal Piper PA-22.exe
Robin DR221-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal Robin DR221.exe
Samdim Design Antonov An-24RV-->C:\Program Files\Microsoft Games\Flight Simulator 9\UninstalAn24RV.exe
Six Engine-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x40c -removeonly
Steinberg Cubase VST32 Demo-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNINST~1.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\Install.log
TC Native Bundle DX VST v2.02-->C:\PROGRA~1\TCNATI~1.02\UNWISE.EXE C:\PROGRA~1\TCNATI~1.02\INSTALL.LOG
ubi.com-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst
Uninstall 1.0.0.0-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

======Security center information======

AV: Avira AntiVir PersonalEdition Classic

System event log

Computer Name: XX-FC12373748B0
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2553
Source Name: EventLog
Time Written: 20090120192003.000000+060
Event Type: Informations
User:

Computer Name: XX-FC12373748B0
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 2552
Source Name: EventLog
Time Written: 20090120192003.000000+060
Event Type: Informations
User:

Computer Name: XX-FC12373748B0
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 2551
Source Name: EventLog
Time Written: 20090120181459.000000+060
Event Type: Informations
User:

Computer Name: XX-FC12373748B0
Event Code: 7036
Message: Le service Service de transfert intelligent en arrière-plan est entré dans l'état : en cours d'exécution.

Record Number: 2550
Source Name: Service Control Manager
Time Written: 20090120180100.000000+060
Event Type: Informations
User:

Computer Name: XX-FC12373748B0
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de transfert intelligent en arrière-plan.

Record Number: 2549
Source Name: Service Control Manager
Time Written: 20090120180100.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Salut,

voila le premier rapport que tu m'a demandé :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\felipe\Application Data\m\flec006.exe deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9df81eaf-d204-11dd-be3e-806d6172696f}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\felipe\LOCALS~1\Temp\etilqs_eVG1XWZThRItEIDFfjwD scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\felipe\LOCALS~1\Temp\~DF2D00.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\urlclassifier3.sqlite-journal scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02072009_183733

Files moved on Reboot...
File C:\DOCUME~1\felipe\LOCALS~1\Temp\etilqs_eVG1XWZThRItEIDFfjwD not found!
C:\DOCUME~1\felipe\LOCALS~1\Temp\~DF2D00.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\urlclassifier3.sqlite-journal moved successfully.
C:\Documents and Settings\felipe\Local Settings\Application Data\Mozilla\Firefox\Profiles\h5ekmfxp.default\XUL.mfl moved successfully.

C'est écrit sur les rapports que tu as XP.

Non, ce n'est pas embêtant.

J'y vais, bonne soirée

Bon, bonne soirée et à demain.

avira antivir m'a dit qu'il y avait un cheval de troie sur mon ordi.
Comme je ne sais pas si c'est un faux positif, j'ai choisi déplacer en quarantaine.

Il y a des alertes, mais je n'ai pas bougé de la page de tom's guide de la soirée.

Ils sont dans la restauration système, je te réponds d'ici 20 minutes.

Bonjour,

voici le rapport toolscleaner2

par contre je n'ai pas compris comment mettre à jour java avec la page que tu m'a donné en lien.

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\FindyKill.txt: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\felipe\Bureau\OTMoveIt3.exe: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\felipe\Bureau\OTMoveIt3.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\Program Files\FindyKill: supprimé !

Corbeille vidée!