Tom's Guide > Forum > Sécurité - Virus > Mon pc souffre et moi aussi aidez moi svp

Mon pc souffre et moi aussi aidez moi svp

Forum Sécurité - Virus : Mon pc souffre et moi aussi aidez moi svp

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
missesperenza   27-02-2009 à 20:43:38

voila le "hijackthis" merci de m'aider:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:38, on 2002-02-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe
C:\DOCUME~1\nacera\LOCALS~1\Temp\winepjij.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU"
O4 - HKLM\..\Policies\Explorer\Run: [USER-6386143AA7] .vbe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: TWL541P.lnk = C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D02EC146-87C0-4F4B-A661-29BB4B4830F1}: NameServer = 192.168.1.1,202.96.128.68
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: 88f5ece4530 - C:\WINDOWS\System32\iasnap32.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8283 bytes


merci merci de votre aide d'avance

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Destrio5   27-02-2009 à 21:12:02
- 0 +

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

Répondre à Destrio5
missesperenza   27-02-2009 à 21:46:30
- 0 +

Logfile of random's system information tool 1.05 (written by random/random)
Run by nacera at 2002-02-27 21:40:20
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (75%) free of 79 GB
Total RAM: 1015 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40, on 2002-02-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe
C:\DOCUME~1\nacera\LOCALS~1\Temp\winepjij.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\RSIT.exe
C:\Downloads\nacera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU"
O4 - HKLM\..\Policies\Explorer\Run: [USER-6386143AA7] .vbe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: TWL541P.lnk = C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D02EC146-87C0-4F4B-A661-29BB4B4830F1}: NameServer = 192.168.1.1,202.96.128.68
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: 88f5ece4530 - C:\WINDOWS\System32\iasnap32.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8302 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-29 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-16 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-21 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]
Peer2Peer-FR Toolbar - C:\Program Files\Peer2Peer-FR\tbPee1.dll [2002-02-26 1883672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-13 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-16 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - Peer2Peer-FR Toolbar - C:\Program Files\Peer2Peer-FR\tbPee1.dll [2002-02-26 1883672]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-16 251504]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-13 806912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe []
"Persistence"=C:\WINDOWS\system32\igfxpers.exe []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-13 211736]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-13 232216]
"Flashget"=C:\Program Files\FlashGet\FlashGet.exe [2007-09-11 2076720]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 2770800]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 389120]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"USER-6386143AA7"=C:\WINDOWS\system32\.vbe [2009-02-22 10000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-30 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-21 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5806104]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5806104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2002-02-26 16384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 24520488]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
TWL541P.lnk - C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\88f5ece4530]
C:\WINDOWS\System32\iasnap32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-30 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
"NoSMHelp"=1
"NoSMConfigurePrograms"=1
"NoSMMyPictures"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:ipsec"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"J:\flashget194en.exe"="J:\flashget194en.exe:*:Enabled:ipsec"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\WINDOWS\ALCMTR.EXE"="C:\WINDOWS\ALCMTR.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\kamsoft.exe"="C:\WINDOWS\system32\kamsoft.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winrimy.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winrimy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winsnewqg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winsnewqg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\sfglne.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\sfglne.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winwbpxg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winwbpxg.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\jofhx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\jofhx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\kxym.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\kxym.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winiaomm.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winiaomm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winlislt.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winlislt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winbndaaj.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winbndaaj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\sqhav.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\sqhav.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winvdbi.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winvdbi.exe:*:Enabled:ipsec"
"C:\Program Files\Spyware Doctor\pctsTray.exe"="C:\Program Files\Spyware Doctor\pctsTray.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\windprq.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\windprq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winpvgjis.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winpvgjis.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\pfroa.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\pfroa.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\vvfoyn.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\vvfoyn.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxtray.exe"="C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winvjnavx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winvjnavx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wqtt.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wqtt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\gljga.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\gljga.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\ujemg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\ujemg.exe:*:Enabled:ipsec"
"C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe"="C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\tttll.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\tttll.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\mmnpty.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\mmnpty.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winuxrsx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winuxrsx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winexbhv.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winexbhv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winjukfsv.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winjukfsv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winudtnoe.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winudtnoe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winoorfok.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winoorfok.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\brki.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\brki.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winftlc.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winftlc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wingqdx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wingqdx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winoskqfu.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winoskqfu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winedynw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winedynw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winftys.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winftys.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winutjlhf.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winutjlhf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winibeaul.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winibeaul.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winslul.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winslul.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\myrj.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\myrj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winqdcu.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winqdcu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winveklh.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winveklh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winujrtb.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winujrtb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\qudo.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\qudo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winjmsd.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winjmsd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winsklp.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winsklp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winrqhfv.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winrqhfv.exe:*:Enabled:ipsec"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winntrvp.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winntrvp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\nlifou.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\nlifou.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winljqxqy.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winljqxqy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\kevjdm.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\kevjdm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winxpci.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winxpci.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winljypeb.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winljypeb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\viojem.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\viojem.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxpers.exe"="C:\WINDOWS\system32\igfxpers.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winogynp.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winogynp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\pfoc.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\pfoc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winyenf.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winyenf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\flscfw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\flscfw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winpigh.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winpigh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winoaeykb.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winoaeykb.exe:*:Enabled:ipsec"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\irtoyq.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\irtoyq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winfexdrw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winfexdrw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\sffgl.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\sffgl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\gedqw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\gedqw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\ldimum.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\ldimum.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\lnpk.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\lnpk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wingyxm.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wingyxm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winxwwimb.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winxwwimb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winpybsh.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winpybsh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\vivsws.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\vivsws.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winubwwrl.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winubwwrl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winslsu.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winslsu.exe:*:Enabled:ipsec"
"C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe"="C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\dhpaw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\dhpaw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\uprqg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\uprqg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winsmih.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winsmih.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winwwmt.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winwwmt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winvkly.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winvkly.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winbxtli.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winbxtli.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\saoh.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\saoh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winurhjk.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winurhjk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\aixr.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\aixr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wingpek.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wingpek.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wintfma.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wintfma.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\vstdug.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\vstdug.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\tpvdck.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\tpvdck.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
shell\AutoRun\command - K:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11b4cd84-bf49-11dd-86dd-0018f3729656}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a010b0c-ec6e-11dd-8763-00111134106e}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4422a286-0103-11de-879e-00111134106e}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4422a287-0103-11de-879e-00111134106e}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75bbe5fa-d9d0-11dd-873d-00111134106e}]
shell\AutoRun\command - K:\ij.bat
shell\explore\command - K:\ij.bat
shell\open\command - K:\ij.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c500051c-d1a4-11dd-8721-00111134106e}]
shell\AutoRun\command - J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe
shell\open\command - J:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe


======File associations======

.ini - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1
.txt - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-22 18:07:31 ----D---- C:\Documents and Settings\nacera\Application Data\U3
2009-02-13 12:04:42 ----D---- C:\Program Files\PDFCreator Toolbar
2009-02-13 12:04:27 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\MSCC2FR.DLL
2009-02-13 12:04:25 ----D---- C:\Program Files\PDFCreator
2009-02-13 12:00:37 ----SHD---- C:\WINDOWS\system32\LocalService32
2009-02-13 11:59:31 ----ASH---- C:\WINDOWS\system32\57.tmp
2009-02-11 13:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-07 20:17:44 ----D---- C:\Documents and Settings\All Users\Application Data\UDL
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-02-07 20:15:35 ----D---- C:\Documents and Settings\nacera\Application Data\InstallShield
2009-02-07 20:14:57 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2009-02-07 20:14:54 ----A---- C:\WINDOWS\system32\E_FLBCAE.DLL
2009-02-07 20:14:54 ----A---- C:\WINDOWS\system32\E_FD4BCAE.DLL
2009-02-07 20:14:54 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-02-07 20:12:17 ----D---- C:\Program Files\epson
2009-02-07 20:12:17 ----A---- C:\WINDOWS\system32\eswiaml.dll
2009-02-07 20:12:17 ----A---- C:\WINDOWS\system32\eswia7e.dll
2009-02-07 20:12:17 ----A---- C:\WINDOWS\system32\esint7e.dll
2009-02-05 21:08:52 ----D---- C:\Program Files\MSECache
2009-01-14 08:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-13 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-11 11:27:08 ----D---- C:\Documents and Settings\nacera\Application Data\LimeWire
2009-01-11 11:26:48 ----D---- C:\Program Files\LimeWire
2008-12-27 22:41:57 ----D---- C:\My Documents
2008-12-26 12:13:05 ----D---- C:\my dvd
2008-12-26 00:38:53 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-12-26 00:38:48 ----D---- C:\Documents and Settings\nacera\Application Data\CyberLink
2008-12-26 00:36:27 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-12-23 22:26:19 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-12-22 19:43:39 ----D---- C:\WINDOWS\ERDNT
2008-12-22 19:43:39 ----D---- C:\Qoobox
2008-12-22 19:43:39 ----A---- C:\WINDOWS\system32\CF31543.exe
2008-12-21 22:34:15 ----D---- C:\Program Files\7-Zip
2008-12-21 19:27:28 ----D---- C:\WINDOWS\pss
2008-12-21 19:11:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-21 12:43:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-21 11:57:29 ----D---- C:\Downloads
2008-12-21 11:51:32 ----D---- C:\Program Files\FlashGet
2008-12-19 16:31:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-18 10:56:42 ----D---- C:\Program Files\Peer2Peer-FR
2008-12-18 10:56:42 ----D---- C:\Program Files\Conduit
2008-12-17 21:26:57 ----D---- C:\Documents and Settings\nacera\Application Data\Google
2008-12-17 21:26:15 ----D---- C:\Documents and Settings\nacera\Application Data\skypePM
2008-12-17 21:25:22 ----D---- C:\Documents and Settings\nacera\Application Data\Skype
2008-12-17 21:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-17 21:25:12 ----D---- C:\Program Files\Google
2008-12-17 21:25:09 ----D---- C:\Program Files\Skype
2008-12-17 21:25:08 ----D---- C:\Program Files\Fichiers communs\Skype
2008-12-17 21:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-12-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-14 09:38:12 ----D---- C:\WINDOWS\Sun
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\java.exe
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-14 09:37:46 ----D---- C:\Program Files\Java
2008-12-14 09:23:19 ----D---- C:\Documents and Settings\nacera\Application Data\Sun
2008-12-12 20:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-12 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 20:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-12 11:26:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-12 11:26:23 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-12 11:26:23 ----D---- C:\Program Files\Adobe
2008-12-12 08:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-12 08:50:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-12 08:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-12 08:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-12 08:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-12 08:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-12 08:49:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-11 17:08:59 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-11 17:08:59 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-11 17:08:59 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-10 21:06:45 ----D---- C:\Program Files\uTorrent
2008-12-10 21:06:43 ----D---- C:\Documents and Settings\nacera\Application Data\uTorrent
2008-12-10 20:55:14 ----D---- C:\WINDOWS\system32\DirectX
2008-12-10 20:55:14 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-10 20:54:52 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-12-10 19:48:49 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-12-10 19:48:47 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-10 19:48:43 ----D---- C:\Program Files\Windows Live
2008-12-10 19:48:42 ----D---- C:\WINDOWS\ie7updates
2008-12-10 19:48:38 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-10 19:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-10 19:48:31 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-10 19:12:09 ----D---- C:\Documents and Settings\nacera\Application Data\Macromedia
2008-12-10 19:10:26 ----D---- C:\Documents and Settings\nacera\Application Data\Adobe
2008-12-08 21:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-08 17:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-08 17:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-08 17:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-08 17:09:50 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-12-08 17:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-08 17:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-08 17:09:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-08 17:09:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-08 17:09:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-08 16:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-08 16:56:03 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-08 16:36:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-08 16:36:38 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-08 16:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-08 16:36:37 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-08 16:29:33 ----A---- C:\WINDOWS\system32\wups2.dll
2008-12-08 16:29:33 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-12-08 16:29:32 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-08 16:29:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-12-08 16:29:32 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-04 21:01:42 ----D---- C:\Program Files\MAXIPOWER
2008-12-04 11:49:58 ----D---- C:\Documents and Settings\nacera\Application Data\Identities
2008-12-04 11:49:50 ----SD---- C:\Documents and Settings\nacera\Application Data\Microsoft
2008-12-04 11:49:50 ----ASH---- C:\Documents and Settings\nacera\Application Data\desktop.ini
2008-09-05 23:30:46 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:30:04 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-03 17:53:02 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2008-09-03 17:53:02 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2008-09-03 17:53:02 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2008-09-03 17:53:02 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2008-09-03 17:53:01 ----A---- C:\WINDOWS\system32\c_iscii.dll
2008-09-03 17:53:00 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbda3.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbda2.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbda1.dll
2008-09-03 17:52:58 ----A---- C:\WINDOWS\system32\kbdusa.dll
2008-09-03 17:52:55 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2008-09-03 17:52:50 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2008-09-03 17:52:50 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2008-09-03 17:52:49 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2008-09-03 17:52:49 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2008-09-03 17:52:45 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2008-09-03 17:48:14 ----SHD---- C:\RECYCLER
2008-09-03 10:48:53 ----RA---- C:\WINDOWS\system32\igfxres.dll
2008-09-03 10:46:36 ----RA---- C:\WINDOWS\system32\igmedkrn.dll
2008-09-03 10:46:36 ----RA---- C:\WINDOWS\system32\ig4icd32.dll
2008-09-03 10:46:36 ----RA---- C:\WINDOWS\system32\ig4dev32.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\msvcr71.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\msvcp71.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\mfc71.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-09-01 21:12:59 ----D---- C:\Program Files\Alwil Software
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxprd32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxpgd32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxpdx32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxpdv32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\iglicd32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igldev32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxzoom.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxtray.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxsrvc.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxsrvc.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxress.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxpph.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxext.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxexps.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxdo.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxdev.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxCoIn_v4837.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxcfg.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\hkcmd.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\hccutils.dll
2008-09-01 21:00:59 ----RA---- C:\WINDOWS\system32\igxpun.exe
2008-09-01 21:00:59 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-09-01 21:00:59 ----D---- C:\WINDOWS\system32\Lang
2008-09-01 20:46:41 ----D---- C:\WINDOWS\OPTIONS
2008-09-01 20:46:01 ----R---- C:\WINDOWS\system32\ChCfg.exe
2008-09-01 20:45:41 ----D---- C:\WINDOWS\system32\RTCOM
2008-09-01 20:45:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-09-01 20:45:06 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-01 20:44:52 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-09-01 20:44:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-01 20:44:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-01 20:44:01 ----D---- C:\Program Files\Intel
2008-09-01 20:43:40 ----D---- C:\Intel
2008-09-01 20:40:40 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-09-01 20:39:02 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2008-09-01 20:38:57 ----D---- C:\Program Files\Microsoft Works
2008-09-01 20:38:52 ----D---- C:\Program Files\Microsoft Visual Studio
2008-09-01 20:38:31 ----D---- C:\WINDOWS\SHELLNEW
2008-09-01 20:38:15 ----D---- C:\Program Files\Microsoft.NET
2008-09-01 20:38:15 ----D---- C:\Program Files\Microsoft Office
2008-09-01 20:30:35 ----A---- C:\WINDOWS\system32\h323log.txt
2008-09-01 20:29:26 ----A---- C:\WINDOWS\system32\irmon.dll
2008-09-01 20:29:25 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-09-01 20:29:25 ----A---- C:\WINDOWS\system32\irftp.exe
2008-09-01 20:28:50 ----A---- C:\WINDOWS\system32\usbui.dll
2008-09-01 20:27:37 ----SHD---- C:\WINDOWS\Installer
2008-09-01 20:27:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-01 20:27:36 ----D---- C:\Program Files\Fichiers communs\ODBC
2008-09-01 20:27:34 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2008-09-01 20:27:33 ----RD---- C:\Program Files
2008-09-01 20:27:33 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-09-01 20:27:33 ----D---- C:\Program Files\Fichiers communs
2008-09-01 20:27:30 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-09-01 20:27:30 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-09-01 20:27:30 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-09-01 20:27:26 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\irclass.dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-09-01 20:27:19 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-09-01 20:27:19 ----A---- C:\WINDOWS\system32\batt.dll
2008-09-01 20:27:17 ----A---- C:\WINDOWS\system32\storprop.dll
2008-09-01 20:27:11 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-09-01 20:25:22 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-01 20:25:22 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-01 20:25:16 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-01 20:24:56 ----SHD---- C:\System Volume Information
2008-09-01 20:24:56 ----D---- C:\Documents and Settings
2008-09-01 20:14:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-01 20:14:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-01 20:14:36 ----RSD---- C:\WINDOWS\Fonts
2008-09-01 20:14:36 ----RD---- C:\WINDOWS\Web
2008-09-01 20:14:36 ----HD---- C:\WINDOWS\inf
2008-09-01 20:14:36 ----D---- C:\WINDOWS\WinSxS
2008-09-01 20:14:36 ----D---- C:\WINDOWS\WBEM
2008-09-01 20:14:36 ----D---- C:\WINDOWS\twain_32
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Temp
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\wins
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\wbem
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\usmt
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\spool
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\ShellExt
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\Setup
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\ras
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\oobe
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\npp
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\mui
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\IME
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\icsxml
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\ias
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\fr-fr
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\fr
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\export
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\drivers
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\dhcp
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\config
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\3com_dmi
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\3076
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\2052
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1054
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1042
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1041
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1037
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1036
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1033
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1031
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1028
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1025
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system
2008-09-01 20:14:36 ----D---- C:\WINDOWS\security
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Resources
2008-09-01 20:14:36 ----D---- C:\WINDOWS\repair
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Provisioning
2008-09-01 20:14:36 ----D---- C:\WINDOWS\PeerNet
2008-09-01 20:14:36 ----D---- C:\WINDOWS\pchealth
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Offline Web Pages
2008-09-01 20:14:36 ----D---- C:\WINDOWS\NLDRV
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Network Diagnostic
2008-09-01 20:14:36 ----D---- C:\WINDOWS\mui
2008-09-01 20:14:36 ----D---- C:\WINDOWS\msapps
2008-09-01 20:14:36 ----D---- C:\WINDOWS\msagent
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Media
2008-09-01 20:14:36 ----D---- C:\WINDOWS\L2Schemas
2008-09-01 20:14:36 ----D---- C:\WINDOWS\java
2008-09-01 20:14:36 ----D---- C:\WINDOWS\ime
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Help
2008-09-01 20:14:36 ----D---- C:\WINDOWS\ehome
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Driver Cache
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Debug
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Cursors
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Connection Wizard
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Config
2008-09-01 20:14:36 ----D---- C:\WINDOWS\AppPatch
2008-09-01 20:14:36 ----D---- C:\WINDOWS\addins
2008-09-01 20:14:36 ----D---- C:\WINDOWS
2008-09-01 18:48:45 ----HD---- C:\Program Files\Uninstall Information
2008-09-01 18:46:31 ----RSD---- C:\WINDOWS\assembly
2008-09-01 18:46:19 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-01 18:46:02 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-01 18:46:01 ----D---- C:\WINDOWS\Prefetch
2008-09-01 18:46:00 ----SD---- C:\WINDOWS\system32\Microsoft
2008-09-01 18:46:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-09-01 18:40:39 ----D---- C:\WINDOWS\system32\xircom
2008-09-01 18:40:39 ----D---- C:\Program Files\xerox
2008-09-01 18:40:39 ----D---- C:\Program Files\netmeeting
2008-09-01 18:40:39 ----D---- C:\Program Files\microsoft frontpage
2008-09-01 18:34:14 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-09-01 18:33:32 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-01 18:33:29 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-09-01 18:33:26 ----HD---- C:\Program Files\WindowsUpdate
2008-09-01 18:33:23 ----D---- C:\Program Files\Services en ligne
2008-09-01 18:33:10 ----A---- C:\WINDOWS\system32\desktop.ini
2008-09-01 18:33:10 ----A---- C:\WINDOWS\system32\atrace.dll
2008-09-01 18:33:07 ----A---- C:\WINDOWS\system32\acctres.dll
2008-09-01 18:33:06 ----D---- C:\Program Files\Fichiers communs\Services
2008-09-01 18:33:04 ----SD---- C:\WINDOWS\Tasks
2008-09-01 18:33:04 ----D---- C:\Program Files\Fichiers communs\MSSoap
2008-09-01 18:33:04 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-09-01 18:33:00 ----D---- C:\WINDOWS\srchasst
2008-09-01 18:32:59 ----D---- C:\WINDOWS\system32\Macromed
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wups.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-09-01 18:32:56 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-09-01 18:32:36 ----D---- C:\WINDOWS\system32\Restore
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\srclient.dll
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-09-01 18:32:35 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-09-01 18:32:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-09-01 18:32:34 ----A---- C:\WINDOWS\system32\inetres.dll
2008-09-01 18:32:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-09-01 18:32:33 ----D---- C:\Program Files\Outlook Express
2008-09-01 18:32:33 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\mstask.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\isign32.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-09-01 18:32:27 ----D---- C:\Program Files\Internet Explorer
2008-09-01 18:32:27 ----D---- C:\Program Files\Fichiers communs\System
2008-09-01 18:31:55 ----D---- C:\Program Files\ComPlus Applications
2008-09-01 18:31:50 ----D---- C:\WINDOWS\Registration
2008-09-01 18:31:37 ----D---- C:\Program Files\Windows Media Connect 2
2008-09-01 18:31:36 ----D---- C:\Program Files\Windows Media Player
2008-09-01 18:31:33 ----D---- C:\Program Files\MSN Gaming Zone
2008-09-01 18:31:33 ----A---- C:\WINDOWS\system32\write.exe
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\winchat.exe
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\hticons.dll
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\avwav.dll
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\sol.exe
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\getuname.dll
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\charmap.exe
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\calc.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\winmine.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tskill.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tscon.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\shadow.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\reset.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\regini.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\freecell.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\msg.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\logoff.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-09-01 18:31:22 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-09-01 18:31:20 ----D---- C:\Program Files\Windows NT
2008-09-01 18:31:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-09-01 18:31:20 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-09-01 18:31:20 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-09-01 18:31:17 ----D---- C:\WINDOWS\system32\MsDtc
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-09-01 18:31:15 ----D---- C:\WINDOWS\system32\Com
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\stclient.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\colbact.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\comuid.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-09-01 18:31:13 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-04-30 10:00:00 ----RA---- C:\WINDOWS\system32\ctl3dv2.dll
2008-04-30 10:00:00 ----R---- C:\WINDOWS\system32\rsop.msc
2008-04-30 10:00:00 ----R---- C:\WINDOWS\system32\perfmon.msc
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xenroll.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfx.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfsvc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfplatform.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfhost.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfcoinstaller.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WshRm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshisn.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wship6.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshfr.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshext.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshatm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wscript.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WPDSp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshserviceobj.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshextres.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshextautoplay.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshext.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdmtpus.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdmtp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdconns.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wowexec.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wow32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvxencd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvsencd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvsdecd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvencod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvdecod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvadve.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvadvd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpsrcwp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpshell.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpps.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpmde.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmploc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WMPEncEn.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-04-30 10:00:00 ----A---

Répondre à missesperenza
missesperenza   27-02-2009 à 21:47:44
- 0 +

info.txt logfile of random's system information tool 1.05 2002-02-27 21:40:26

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42-->MsiExec.exe /I{23170F69-40C1-2701-0442-000001000000}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}\SETUP.EXE" -l0x40c UNINST
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
CX4300_5500_DX4400 Manuel-->C:\Program Files\EPSON\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\DOCUNINS.EXE
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
FlashGet 1.9.4.1063-->C:\Program Files\FlashGet\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
HijackThis 2.0.2-->"C:\Downloads\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Look 110-->C:\Program Files\InstallShield Installation Information\{6E8979F9-6946-4EE5-8849-586DF7DF8A7A}\Setup.exe -runfromtemp -l0x040c -removeonly
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_3812.exe" _?=C:\Program Files\PDFCreator Toolbar
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Peer2Peer-FR Toolbar-->C:\PROGRA~1\PEER2P~1\UNWISE.EXE C:\PROGRA~1\PEER2P~1\INSTALL.LOG
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
TWL541P-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7FD6904D-AF75-407B-BE42-39970517EA9D}\setup.exe" -l0x9 -removeonly
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
WinAVI Video Converter 8.0-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

======Security center information======

AV: avast! antivirus 4.8.1201 [VPS 080516-1] (outdated)

System event log

Computer Name: USER-6386143AA7
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le ?2009-?01-?24 à 20:00 :
- Mise à jour de sécurité cumulative pour Internet Explorer 7 pour Windows XP (KB958215)

Record Number: 5493
Source Name: Windows Update Agent
Time Written: 20090124085339.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{9943B39D-C04B-4D11-B629-F927805EA16F} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 5492
Source Name: Tcpip
Time Written: 20090124085241.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 3100
Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré.

Record Number: 5491
Source Name: Tcpip6
Time Written: 20090124085236.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 26
Message: Application popup : Windows - Pas de disque : Exception Processing Message c0000013 Parameters 75afbf7c 4 75afbf7c 75afbf7c

Record Number: 5490
Source Name: Application Popup
Time Written: 20090124085232.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 26
Message: Application popup : Windows - Pas de disque : Exception Processing Message c0000013 Parameters 75afbf7c 4 75afbf7c 75afbf7c

Record Number: 5489
Source Name: Application Popup
Time Written: 20090124085231.000000+060
Event Type: Informations
User:

Application event log

Computer Name: USER-6386143AA7
Event Code: 102
Message: wuaueng.dll (2216) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 1503
Source Name: ESENT
Time Written: 20081201021820.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 100
Message: wuauclt (2216) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 1502
Source Name: ESENT
Time Written: 20081201021820.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 101
Message: wuauclt (2176) Le moteur de base de données est arrêté.

Record Number: 1501
Source Name: ESENT
Time Written: 20081201021820.000000+060
Event Type: Informations
User:

Computer Name: USER-6386143AA7
Event Code: 454
Message: wuauclt (2176) La récupération/restauration de la base de données a échoué en raison d'une erreur inattendue -1216.

Record Number: 1500
Source Name: ESENT
Time Written: 20081201021820.000000+060
Event Type: erreur
User:

Computer Name: USER-6386143AA7
Event Code: 494
Message: wuauclt (2176) La récupération de la base de données a échoué en raison de l'erreur -1216 car elle a rencontré des références à une base de données, 'C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb', qui n'est plus présente. La base de données ne présentait pas un état cohérent avant d'être supprimée (ou déplacée et renommée). Le moteur de base de données ne permettra pas d'effectuer la récupération pour cette instance tant que la base de données manquante ne sera pas réinstallée. Si la base de données n'est plus disponible ni nécessaire, contactez le Support technique pour obtenir des instructions concernant les étapes à suivre pour permettre la récupération sans cette base de données.

Record Number: 1499
Source Name: ESENT
Time Written: 20081201021820.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Répondre à missesperenza
missesperenza   27-02-2009 à 21:57:07
- 0 +

voila les textes que vous m'avez demandé!!!

Répondre à missesperenza
Destrio5   27-02-2009 à 22:03:51
- 0 +

Effectivement, il y a des infections.

 

Message édité par Destrio5.


Message édité par Destrio5 le 27-02-2009 à 23:55:00
Répondre à Destrio5
missesperenza   27-02-2009 à 22:28:20
- 0 +



-------------- UsbFix V2.414.3 ---------------

* User : nacera - USER-6386143AA7
* Outils mis a jours le 18/01/2009 par Chiquitine29 et Chimay8
* Recherche effectuée à 22:13:28 le 2002-02-27
* Windows Xp - Internet Explorer 7.0.5730.13


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

F: - Lecteur amovible


+- Contenu de l'autorun : E:\autorun.inf

[autorun]
open=setup.exe
icon=setup.exe,0

+- Contenu de l'autorun : F:\autorun.inf

[AutoRun]
;LeoylWoCabL Kayw
OPeN= fiiyc.exe
;TxekCkgeCjqqcDYnwkmWHAkNcrsIIerikDUi
ShELL\exPloRe\COMmAnd= fiiyc.exe
;
shELl\Open\cOmMand = fiiyc.exe
;LWExO AjpKux revr
sHELL\opEn\DefauLt=1

;kAAw vEGOjdXXjh eHqvjG oOdpQ KUmshELkLlSnJriqQFLiCmqu
shELl\AuTOPlAY\coMmanD= fiiyc.exe


--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe


+- Listing des fichiers présents :

[2002-02-26 20:43][--a------] C:\AUTOEXEC.BAT
[2002-02-26 20:43][-r-hs----] C:\2u.com
[2002-02-26 20:43][-r-hs----] C:\NTDETECT.COM
[2002-02-26 20:43][---hs----] C:\boot.ini
[2002-02-27 22:13][--a------] C:\UsbFix.txt
[2002-02-26 20:43][--a------] C:\CONFIG.SYS
[2002-02-26 20:43][--a------] C:\IO.SYS
[2002-02-26 20:43][--a------] C:\MSDOS.SYS
[2002-02-26 20:43][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe


+- Listing des fichiers présents :

[2008-12-08 13:52][-r-hs----] D:\2u.com
[2008-12-08 13:52][-r-hs----] D:\6fnlpetp.exe

--------------- [ Lecteur E ] ----------------

E: - Lecteur de CD-ROM


+- Listing des fichiers présents :

[1998-10-02 07:12][-r-------] E:\Setup.exe
[2000-02-18 04:24][-r-------] E:\autorun.inf

--------------- [ Lecteur F ] ----------------

F: - Lecteur amovible


+- Listing des fichiers présents :

[2009-02-24 16:04][-r-hs----] F:\.vbs
[2002-02-22 21:01][-r-hs----] F:\vrhrx.pif
[2002-02-22 21:01][-r-hs----] F:\oyxi.pif
[2008-03-10 11:39][--a------] F:\pdfcreator_pdfcreator_0.9.5_francais_11085.exe
[2008-03-10 11:39][--a------] F:\PDFCreator-0_9_3_GPLGhostscript.exe
[2008-03-10 11:39][--a------] F:\fiiyc.exe
[2002-02-27 22:06][-r-hs----] F:\autorun.inf

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
EPSON Stylus DX4400 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Persistence=C:\WINDOWS\system32\igfxpers.exe
IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
Flashget=C:\Program Files\FlashGet\FlashGet.exe /min
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Monitor=C:\WINDOWS\PixArt\PAC207\Monitor.exe
UnlockerAssistant="C:\Program Files\Unlocker\UnlockerAssistant.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a010b0c-ec6e-11dd-8763-00111134106e}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a010b0c-ec6e-11dd-8763-00111134106e}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4422a286-0103-11de-879e-00111134106e}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4422a287-0103-11de-879e-00111134106e}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4422a287-0103-11de-879e-00111134106e}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75bbe5fa-d9d0-11dd-873d-00111134106e}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75bbe5fa-d9d0-11dd-873d-00111134106e}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75bbe5fa-d9d0-11dd-873d-00111134106e}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c500051c-d1a4-11dd-8721-00111134106e}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c500051c-d1a4-11dd-8721-00111134106e}\Shell\open\Command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX0\basic\avipbb.sys
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX0\basic\unacev2.dll
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX1\basic\avipbb.sys
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX1\basic\unacev2.dll
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX2\basic\avipbb.sys
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX2\basic\unacev2.dll
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX3\basic\avipbb.sys
Supprimé ! - C:\DOCUME~1\nacera\LOCALS~1\Temp\RarSFX3\basic\unacev2.dll
F:\autorun.inf ~> fichier appelé : "F:\ fiiyc.exe" ( absent ! )
Supprimé ! - [2002-02-26 20:43][-r-hs----] C:\2u.com
Supprimé ! - [2008-12-08 13:52][-r-hs----] D:\2u.com
Supprimé ! - [2008-12-08 13:52][-r-hs----] D:\6fnlpetp.exe
Echec de la supression !! - [1998-10-02 07:12] E:\Setup.exe
Echec de la supression !! - [2000-02-18 04:24] E:\autorun.inf
Echec de la supression !! - [2000-02-18 04:24] E:\autorun.inf
Supprimé ! - [2002-02-27 22:06][-r-hs----] F:\autorun.inf

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre [http://www.virustotal.com/fr/ interprété] par un spécialiste /!\

[2002-02-26 20:43][--a------] C:\AUTOEXEC.BAT
[2002-02-26 20:43][-rahs----] C:\NTDETECT.COM
[2002-02-26 20:43][---hs----] C:\boot.ini
[1998-10-02 07:12][-r-------] E:\Setup.exe
[2000-02-18 04:24][-r-------] E:\autorun.inf
[2009-02-24 16:04][-r-hs----] F:\.vbs
[2002-02-22 21:01][-r-hs----] F:\vrhrx.pif
[2002-02-22 21:01][-r-hs----] F:\oyxi.pif
[2008-03-10 11:39][--a------] F:\pdfcreator_pdfcreator_0.9.5_francais_11085.exe
[2008-03-10 11:39][--a------] F:\PDFCreator-0_9_3_GPLGhostscript.exe
[2008-03-10 11:39][--a------] F:\fiiyc.exe

--------------- [ Vaccination ] ----------------

C:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
D:\autorun.inf -> Dossier autorun.inf crée par UsbFix !
F:\autorun.inf -> Dossier autorun.inf crée par UsbFix !

--------------- ! Fin du rapport ! ----------------

Répondre à missesperenza
missesperenza   27-02-2009 à 22:35:32
- 0 +

et en plus a chaque fois que je place ma clef USB, ya un messag génant "windows pas de disque, exception processing message c 0000013 parameters 75afbf7c 4 75afbf7c 75afbf7c
ps: je te remercie pour ton aide

Répondre à missesperenza
Destrio5   27-02-2009 à 22:39:20
- 0 +

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:files
F:\.vbs
F:\vrhrx.pif
F:\oyxi.pif
F:\fiiyc.exe

:commands
[purity]
[emptytemp]
[reboot]



  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.


---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log

Répondre à Destrio5
missesperenza   27-02-2009 à 22:52:09
- 0 +

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
F:\.vbs moved successfully.
F:\vrhrx.pif moved successfully.
F:\oyxi.pif moved successfully.
F:\fiiyc.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\nacera\LOCALS~1\Temp\hvdap.exe scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4b8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_79c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02272002_224322

Files moved on Reboot...
C:\DOCUME~1\nacera\LOCALS~1\Temp\hvdap.exe moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_4b8.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_79c.dat not found!

Répondre à missesperenza
Destrio5   27-02-2009 à 23:00:24
- 0 +

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.


  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Répondre à Destrio5
missesperenza   27-02-2009 à 23:29:30
- 0 +

j'attend la citation, mais bloque des qu'il arrive au 3912ème element analysé, j'ai refais l'opération deux fois mais il s'arrete toujours a cet element et des que je veux fermer il me dit que le programme ne repond pas etc... :(

Répondre à missesperenza
Destrio5   27-02-2009 à 23:31:55
- 0 +

Essaie en mode sans échec.

Pour redémarrer en mode sans échec :

  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.

Répondre à Destrio5
missesperenza   27-02-2009 à 23:53:11
- 0 +

tres bien voila le dernier rapport:
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1811
Windows 5.1.2600 Service Pack 3

2002-02-27 23:44:26
mbam-log-2002-02-27 (23-44-26).txt

Type de recherche: Examen rapide
Eléments examinés: 93155
Temps écoulé: 3 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 20

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\LocalService32 (Worm.P2P) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\4A.tmp (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\57.tmp (Worm.P2P) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\39.music.mp3 (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\39.music.mp3.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\41.crack.zip (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\41.crack.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\42.keymaker.zip (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\42.keymaker.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\43.setup.zip (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\43.setup.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\44.unpack.zip (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\44.unpack.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\45.keygen.zip (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\45.keygen.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\46.serial.zip (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\46.serial.zip.kwd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\47.music.snd (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService32\47.music.snd.kwd (Worm.P2P) -> Quarantined and deleted successfully.

Répondre à missesperenza
missesperenza   27-02-2009 à 23:55:10
- 0 +

voila aller encore ca commence a m'amuser ;)

Répondre à missesperenza
Destrio5   27-02-2009 à 23:56:02
- 0 +

  • Relance MBAM, va dans Quarantaine et supprime tout.


  • Refais un scan RSIT et poste le rapport log.

Répondre à Destrio5
missesperenza   28-02-2009 à 00:02:56
- 0 +

Logfile of random's system information tool 1.05 (written by random/random)
Run by nacera at 2002-02-27 23:57:52
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (75%) free of 79 GB
Total RAM: 1015 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:57, on 2002-02-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\nacera\LOCALS~1\Temp\dmwqwo.exe
C:\Downloads\RSIT.exe
C:\Downloads\nacera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU"
O4 - HKLM\..\Policies\Explorer\Run: [USER-6386143AA7] .vbe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: TWL541P.lnk = C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D02EC146-87C0-4F4B-A661-29BB4B4830F1}: NameServer = 192.168.1.1,202.96.128.68
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: 88f5ece4530 - C:\WINDOWS\System32\iasnap32.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8095 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-29 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-16 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-21 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]
Peer2Peer-FR Toolbar - C:\Program Files\Peer2Peer-FR\tbPee1.dll [2002-02-26 1883672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-13 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-16 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - Peer2Peer-FR Toolbar - C:\Program Files\Peer2Peer-FR\tbPee1.dll [2002-02-26 1883672]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-16 251504]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-13 806912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe []
"Persistence"=C:\WINDOWS\system32\igfxpers.exe []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-13 211736]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-13 232216]
"Flashget"=C:\Program Files\FlashGet\FlashGet.exe [2007-09-11 2076720]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 2770800]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 389120]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"USER-6386143AA7"=C:\WINDOWS\system32\.vbe [2009-02-22 10000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-30 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-21 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5806104]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5806104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2002-02-26 16384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 24520488]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
TWL541P.lnk - C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\88f5ece4530]
C:\WINDOWS\System32\iasnap32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-30 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
"NoSMConfigurePrograms"=1
"NoSMMyPictures"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:ipsec"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"J:\flashget194en.exe"="J:\flashget194en.exe:*:Enabled:ipsec"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\WINDOWS\ALCMTR.EXE"="C:\WINDOWS\ALCMTR.EXE:*:Enabled:ipsec"
"C:\WINDOWS\system32\kamsoft.exe"="C:\WINDOWS\system32\kamsoft.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winrimy.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winrimy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winsnewqg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winsnewqg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\sfglne.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\sfglne.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winwbpxg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winwbpxg.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\jofhx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\jofhx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\kxym.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\kxym.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winiaomm.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winiaomm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winlislt.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winlislt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winbndaaj.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winbndaaj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\sqhav.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\sqhav.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winvdbi.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winvdbi.exe:*:Enabled:ipsec"
"C:\Program Files\Spyware Doctor\pctsTray.exe"="C:\Program Files\Spyware Doctor\pctsTray.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\windprq.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\windprq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winpvgjis.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winpvgjis.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\pfroa.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\pfroa.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\vvfoyn.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\vvfoyn.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxtray.exe"="C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winvjnavx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winvjnavx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wqtt.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wqtt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\gljga.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\gljga.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\ujemg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\ujemg.exe:*:Enabled:ipsec"
"C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe"="C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\tttll.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\tttll.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\mmnpty.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\mmnpty.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winuxrsx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winuxrsx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winexbhv.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winexbhv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winjukfsv.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winjukfsv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winudtnoe.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winudtnoe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winoorfok.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winoorfok.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\brki.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\brki.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winftlc.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winftlc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wingqdx.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wingqdx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winoskqfu.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winoskqfu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winedynw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winedynw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winftys.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winftys.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winutjlhf.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winutjlhf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winibeaul.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winibeaul.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winslul.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winslul.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\myrj.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\myrj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winqdcu.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winqdcu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winveklh.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winveklh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winujrtb.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winujrtb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\qudo.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\qudo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winjmsd.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winjmsd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winsklp.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winsklp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winrqhfv.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winrqhfv.exe:*:Enabled:ipsec"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winntrvp.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winntrvp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\nlifou.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\nlifou.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winljqxqy.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winljqxqy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\kevjdm.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\kevjdm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winxpci.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winxpci.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winljypeb.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winljypeb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\viojem.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\viojem.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxpers.exe"="C:\WINDOWS\system32\igfxpers.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winogynp.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winogynp.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\pfoc.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\pfoc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winyenf.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winyenf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\flscfw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\flscfw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winpigh.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winpigh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winoaeykb.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winoaeykb.exe:*:Enabled:ipsec"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\irtoyq.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\irtoyq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winfexdrw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winfexdrw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\sffgl.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\sffgl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\gedqw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\gedqw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\ldimum.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\ldimum.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\lnpk.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\lnpk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wingyxm.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wingyxm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winxwwimb.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winxwwimb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winpybsh.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winpybsh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\vivsws.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\vivsws.exe:*:Enabled:ipsec"
"C:\DOCUME~1\saliha\LOCALS~1\Temp\winubwwrl.exe"="C:\DOCUME~1\saliha\LOCALS~1\Temp\winubwwrl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winslsu.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winslsu.exe:*:Enabled:ipsec"
"C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe"="C:\Program Files\MAXIPOWER\TWL541P\Mrv8000x.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\dhpaw.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\dhpaw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\uprqg.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\uprqg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winsmih.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winsmih.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winwwmt.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winwwmt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winvkly.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winvkly.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winbxtli.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winbxtli.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\saoh.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\saoh.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\winurhjk.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\winurhjk.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\aixr.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\aixr.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wingpek.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wingpek.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\wintfma.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\wintfma.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\vstdug.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\vstdug.exe:*:Enabled:ipsec"
"C:\DOCUME~1\nacera\LOCALS~1\Temp\tpvdck.exe"="C:\DOCUME~1\nacera\LOCALS~1\Temp\tpvdck.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.ini - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1
.txt - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-02-22 18:07:31 ----D---- C:\Documents and Settings\nacera\Application Data\U3
2009-02-13 12:04:42 ----D---- C:\Program Files\PDFCreator Toolbar
2009-02-13 12:04:27 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-02-13 12:04:26 ----A---- C:\WINDOWS\system32\MSCC2FR.DLL
2009-02-13 12:04:25 ----D---- C:\Program Files\PDFCreator
2009-02-11 13:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-07 20:17:44 ----D---- C:\Documents and Settings\All Users\Application Data\UDL
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-02-07 20:15:37 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-02-07 20:15:35 ----D---- C:\Documents and Settings\nacera\Application Data\InstallShield
2009-02-07 20:14:57 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2009-02-07 20:14:54 ----A---- C:\WINDOWS\system32\E_FLBCAE.DLL
2009-02-07 20:14:54 ----A---- C:\WINDOWS\system32\E_FD4BCAE.DLL
2009-02-07 20:14:54 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-02-07 20:12:17 ----D---- C:\Program Files\epson
2009-02-07 20:12:17 ----A---- C:\WINDOWS\system32\eswiaml.dll
2009-02-07 20:12:17 ----A---- C:\WINDOWS\system32\eswia7e.dll
2009-02-07 20:12:17 ----A---- C:\WINDOWS\system32\esint7e.dll
2009-02-05 21:08:52 ----D---- C:\Program Files\MSECache
2009-01-14 08:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-13 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-11 11:27:08 ----D---- C:\Documents and Settings\nacera\Application Data\LimeWire
2009-01-11 11:26:48 ----D---- C:\Program Files\LimeWire
2008-12-27 22:41:57 ----D---- C:\My Documents
2008-12-26 12:13:05 ----D---- C:\my dvd
2008-12-26 00:38:53 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-12-26 00:38:48 ----D---- C:\Documents and Settings\nacera\Application Data\CyberLink
2008-12-26 00:36:27 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-12-23 22:26:19 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-12-22 19:43:39 ----D---- C:\WINDOWS\ERDNT
2008-12-22 19:43:39 ----D---- C:\Qoobox
2008-12-22 19:43:39 ----A---- C:\WINDOWS\system32\CF31543.exe
2008-12-21 22:34:15 ----D---- C:\Program Files\7-Zip
2008-12-21 19:27:28 ----D---- C:\WINDOWS\pss
2008-12-21 19:11:02 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-21 12:43:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-21 11:57:29 ----D---- C:\Downloads
2008-12-21 11:51:32 ----D---- C:\Program Files\FlashGet
2008-12-19 16:31:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-18 10:56:42 ----D---- C:\Program Files\Peer2Peer-FR
2008-12-18 10:56:42 ----D---- C:\Program Files\Conduit
2008-12-17 21:26:57 ----D---- C:\Documents and Settings\nacera\Application Data\Google
2008-12-17 21:26:15 ----D---- C:\Documents and Settings\nacera\Application Data\skypePM
2008-12-17 21:25:22 ----D---- C:\Documents and Settings\nacera\Application Data\Skype
2008-12-17 21:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-17 21:25:12 ----D---- C:\Program Files\Google
2008-12-17 21:25:09 ----D---- C:\Program Files\Skype
2008-12-17 21:25:08 ----D---- C:\Program Files\Fichiers communs\Skype
2008-12-17 21:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-12-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-14 09:38:12 ----D---- C:\WINDOWS\Sun
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\java.exe
2008-12-14 09:37:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-14 09:37:46 ----D---- C:\Program Files\Java
2008-12-14 09:23:19 ----D---- C:\Documents and Settings\nacera\Application Data\Sun
2008-12-12 20:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-12 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 20:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-12 11:26:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-12 11:26:23 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-12 11:26:23 ----D---- C:\Program Files\Adobe
2008-12-12 08:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-12 08:50:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-12 08:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-12 08:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-12 08:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-12 08:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-12 08:49:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-11 17:08:59 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-11 17:08:59 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-11 17:08:59 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-10 21:06:45 ----D---- C:\Program Files\uTorrent
2008-12-10 21:06:43 ----D---- C:\Documents and Settings\nacera\Application Data\uTorrent
2008-12-10 20:55:14 ----D---- C:\WINDOWS\system32\DirectX
2008-12-10 20:55:14 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-10 20:54:52 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-12-10 19:48:49 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-12-10 19:48:47 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-10 19:48:43 ----D---- C:\Program Files\Windows Live
2008-12-10 19:48:42 ----D---- C:\WINDOWS\ie7updates
2008-12-10 19:48:38 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-10 19:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-10 19:48:31 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-10 19:12:09 ----D---- C:\Documents and Settings\nacera\Application Data\Macromedia
2008-12-10 19:10:26 ----D---- C:\Documents and Settings\nacera\Application Data\Adobe
2008-12-08 21:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-08 17:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-08 17:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-08 17:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-08 17:09:50 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-12-08 17:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-08 17:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-08 17:09:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-08 17:09:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-08 17:09:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-08 16:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-08 16:56:03 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-08 16:36:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-08 16:36:38 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-08 16:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-08 16:36:37 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-08 16:29:33 ----A---- C:\WINDOWS\system32\wups2.dll
2008-12-08 16:29:33 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-12-08 16:29:32 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-08 16:29:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-12-08 16:29:32 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-04 21:01:42 ----D---- C:\Program Files\MAXIPOWER
2008-12-04 11:49:58 ----D---- C:\Documents and Settings\nacera\Application Data\Identities
2008-12-04 11:49:50 ----SD---- C:\Documents and Settings\nacera\Application Data\Microsoft
2008-12-04 11:49:50 ----ASH---- C:\Documents and Settings\nacera\Application Data\desktop.ini
2008-09-05 23:30:46 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:30:04 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-03 17:53:02 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2008-09-03 17:53:02 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2008-09-03 17:53:02 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2008-09-03 17:53:02 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2008-09-03 17:53:01 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2008-09-03 17:53:01 ----A---- C:\WINDOWS\system32\c_iscii.dll
2008-09-03 17:53:00 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbda3.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbda2.dll
2008-09-03 17:52:58 ----RA---- C:\WINDOWS\system32\kbda1.dll
2008-09-03 17:52:58 ----A---- C:\WINDOWS\system32\kbdusa.dll
2008-09-03 17:52:55 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2008-09-03 17:52:50 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2008-09-03 17:52:50 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2008-09-03 17:52:49 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2008-09-03 17:52:49 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2008-09-03 17:52:45 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2008-09-03 17:48:14 ----RSHD---- C:\RECYCLER
2008-09-03 10:48:53 ----RA---- C:\WINDOWS\system32\igfxres.dll
2008-09-03 10:46:36 ----RA---- C:\WINDOWS\system32\igmedkrn.dll
2008-09-03 10:46:36 ----RA---- C:\WINDOWS\system32\ig4icd32.dll
2008-09-03 10:46:36 ----RA---- C:\WINDOWS\system32\ig4dev32.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\msvcr71.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\msvcp71.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\mfc71.dll
2008-09-01 21:13:00 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-09-01 21:12:59 ----D---- C:\Program Files\Alwil Software
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxprd32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxpgd32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxpdx32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igxpdv32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\iglicd32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igldev32.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxzoom.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxtray.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxsrvc.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxsrvc.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxress.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxpph.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxext.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxexps.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxdo.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxdev.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxCoIn_v4837.dll
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\igfxcfg.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\hkcmd.exe
2008-09-01 21:01:16 ----RA---- C:\WINDOWS\system32\hccutils.dll
2008-09-01 21:00:59 ----RA---- C:\WINDOWS\system32\igxpun.exe
2008-09-01 21:00:59 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-09-01 21:00:59 ----D---- C:\WINDOWS\system32\Lang
2008-09-01 20:46:41 ----D---- C:\WINDOWS\OPTIONS
2008-09-01 20:46:01 ----R---- C:\WINDOWS\system32\ChCfg.exe
2008-09-01 20:45:41 ----D---- C:\WINDOWS\system32\RTCOM
2008-09-01 20:45:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-09-01 20:45:06 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-01 20:44:52 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-09-01 20:44:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-01 20:44:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-01 20:44:01 ----D---- C:\Program Files\Intel
2008-09-01 20:43:40 ----D---- C:\Intel
2008-09-01 20:40:40 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-09-01 20:39:02 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2008-09-01 20:38:57 ----D---- C:\Program Files\Microsoft Works
2008-09-01 20:38:52 ----D---- C:\Program Files\Microsoft Visual Studio
2008-09-01 20:38:31 ----D---- C:\WINDOWS\SHELLNEW
2008-09-01 20:38:15 ----D---- C:\Program Files\Microsoft.NET
2008-09-01 20:38:15 ----D---- C:\Program Files\Microsoft Office
2008-09-01 20:30:35 ----A---- C:\WINDOWS\system32\h323log.txt
2008-09-01 20:29:26 ----A---- C:\WINDOWS\system32\irmon.dll
2008-09-01 20:29:25 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-09-01 20:29:25 ----A---- C:\WINDOWS\system32\irftp.exe
2008-09-01 20:28:50 ----A---- C:\WINDOWS\system32\usbui.dll
2008-09-01 20:27:37 ----SHD---- C:\WINDOWS\Installer
2008-09-01 20:27:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-01 20:27:36 ----D---- C:\Program Files\Fichiers communs\ODBC
2008-09-01 20:27:34 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2008-09-01 20:27:33 ----RD---- C:\Program Files
2008-09-01 20:27:33 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-09-01 20:27:33 ----D---- C:\Program Files\Fichiers communs
2008-09-01 20:27:30 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-09-01 20:27:30 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-09-01 20:27:30 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-09-01 20:27:29 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-09-01 20:27:28 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-09-01 20:27:27 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-09-01 20:27:26 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-09-01 20:27:25 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\irclass.dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-09-01 20:27:21 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-09-01 20:27:19 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-09-01 20:27:19 ----A---- C:\WINDOWS\system32\batt.dll
2008-09-01 20:27:17 ----A---- C:\WINDOWS\system32\storprop.dll
2008-09-01 20:27:11 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-09-01 20:25:22 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-01 20:25:22 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-01 20:25:16 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-01 20:24:56 ----SHD---- C:\System Volume Information
2008-09-01 20:24:56 ----D---- C:\Documents and Settings
2008-09-01 20:14:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-01 20:14:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-01 20:14:36 ----RSD---- C:\WINDOWS\Fonts
2008-09-01 20:14:36 ----RD---- C:\WINDOWS\Web
2008-09-01 20:14:36 ----HD---- C:\WINDOWS\inf
2008-09-01 20:14:36 ----D---- C:\WINDOWS\WinSxS
2008-09-01 20:14:36 ----D---- C:\WINDOWS\WBEM
2008-09-01 20:14:36 ----D---- C:\WINDOWS\twain_32
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Temp
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\wins
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\wbem
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\usmt
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\spool
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\ShellExt
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\Setup
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\ras
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\oobe
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\npp
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\mui
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\IME
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\icsxml
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\ias
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\fr-fr
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\fr
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\export
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\drivers
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\dhcp
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\config
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\3com_dmi
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\3076
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\2052
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1054
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1042
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1041
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1037
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1036
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1033
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1031
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1028
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32\1025
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system32
2008-09-01 20:14:36 ----D---- C:\WINDOWS\system
2008-09-01 20:14:36 ----D---- C:\WINDOWS\security
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Resources
2008-09-01 20:14:36 ----D---- C:\WINDOWS\repair
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Provisioning
2008-09-01 20:14:36 ----D---- C:\WINDOWS\PeerNet
2008-09-01 20:14:36 ----D---- C:\WINDOWS\pchealth
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Offline Web Pages
2008-09-01 20:14:36 ----D---- C:\WINDOWS\NLDRV
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Network Diagnostic
2008-09-01 20:14:36 ----D---- C:\WINDOWS\mui
2008-09-01 20:14:36 ----D---- C:\WINDOWS\msapps
2008-09-01 20:14:36 ----D---- C:\WINDOWS\msagent
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Media
2008-09-01 20:14:36 ----D---- C:\WINDOWS\L2Schemas
2008-09-01 20:14:36 ----D---- C:\WINDOWS\java
2008-09-01 20:14:36 ----D---- C:\WINDOWS\ime
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Help
2008-09-01 20:14:36 ----D---- C:\WINDOWS\ehome
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Driver Cache
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Debug
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Cursors
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Connection Wizard
2008-09-01 20:14:36 ----D---- C:\WINDOWS\Config
2008-09-01 20:14:36 ----D---- C:\WINDOWS\AppPatch
2008-09-01 20:14:36 ----D---- C:\WINDOWS\addins
2008-09-01 20:14:36 ----D---- C:\WINDOWS
2008-09-01 18:48:45 ----HD---- C:\Program Files\Uninstall Information
2008-09-01 18:46:31 ----RSD---- C:\WINDOWS\assembly
2008-09-01 18:46:19 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-01 18:46:02 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-01 18:46:01 ----D---- C:\WINDOWS\Prefetch
2008-09-01 18:46:00 ----SD---- C:\WINDOWS\system32\Microsoft
2008-09-01 18:46:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-09-01 18:40:39 ----D---- C:\WINDOWS\system32\xircom
2008-09-01 18:40:39 ----D---- C:\Program Files\xerox
2008-09-01 18:40:39 ----D---- C:\Program Files\netmeeting
2008-09-01 18:40:39 ----D---- C:\Program Files\microsoft frontpage
2008-09-01 18:34:14 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-09-01 18:33:32 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-01 18:33:29 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-09-01 18:33:26 ----HD---- C:\Program Files\WindowsUpdate
2008-09-01 18:33:23 ----D---- C:\Program Files\Services en ligne
2008-09-01 18:33:10 ----A---- C:\WINDOWS\system32\desktop.ini
2008-09-01 18:33:10 ----A---- C:\WINDOWS\system32\atrace.dll
2008-09-01 18:33:07 ----A---- C:\WINDOWS\system32\acctres.dll
2008-09-01 18:33:06 ----D---- C:\Program Files\Fichiers communs\Services
2008-09-01 18:33:04 ----SD---- C:\WINDOWS\Tasks
2008-09-01 18:33:04 ----D---- C:\Program Files\Fichiers communs\MSSoap
2008-09-01 18:33:04 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-09-01 18:33:00 ----D---- C:\WINDOWS\srchasst
2008-09-01 18:32:59 ----D---- C:\WINDOWS\system32\Macromed
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-09-01 18:32:58 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wups.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-09-01 18:32:57 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-09-01 18:32:56 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-09-01 18:32:40 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-09-01 18:32:36 ----D---- C:\WINDOWS\system32\Restore
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\srclient.dll
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-09-01 18:32:36 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-09-01 18:32:35 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-09-01 18:32:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-09-01 18:32:34 ----A---- C:\WINDOWS\system32\inetres.dll
2008-09-01 18:32:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-09-01 18:32:33 ----D---- C:\Program Files\Outlook Express
2008-09-01 18:32:33 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\mstask.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\isign32.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-09-01 18:32:32 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-09-01 18:32:27 ----D---- C:\Program Files\Internet Explorer
2008-09-01 18:32:27 ----D---- C:\Program Files\Fichiers communs\System
2008-09-01 18:31:55 ----D---- C:\Program Files\ComPlus Applications
2008-09-01 18:31:50 ----D---- C:\WINDOWS\Registration
2008-09-01 18:31:37 ----D---- C:\Program Files\Windows Media Connect 2
2008-09-01 18:31:36 ----D---- C:\Program Files\Windows Media Player
2008-09-01 18:31:33 ----D---- C:\Program Files\MSN Gaming Zone
2008-09-01 18:31:33 ----A---- C:\WINDOWS\system32\write.exe
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\winchat.exe
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\hticons.dll
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\avwav.dll
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-09-01 18:31:30 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\sol.exe
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\getuname.dll
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\charmap.exe
2008-09-01 18:31:28 ----A---- C:\WINDOWS\system32\calc.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\winmine.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tskill.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\tscon.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\shadow.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\reset.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\regini.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-09-01 18:31:27 ----A---- C:\WINDOWS\system32\freecell.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\msg.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\logoff.exe
2008-09-01 18:31:26 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-09-01 18:31:22 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-09-01 18:31:21 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-09-01 18:31:20 ----D---- C:\Program Files\Windows NT
2008-09-01 18:31:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-09-01 18:31:20 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-09-01 18:31:20 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-01 18:31:19 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-09-01 18:31:18 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-09-01 18:31:17 ----D---- C:\WINDOWS\system32\MsDtc
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-09-01 18:31:17 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-09-01 18:31:16 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-09-01 18:31:15 ----D---- C:\WINDOWS\system32\Com
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\stclient.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\colbact.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-09-01 18:31:15 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\comuid.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-09-01 18:31:14 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-09-01 18:31:13 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-09-01 18:31:08 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-04-30 10:00:00 ----RA---- C:\WINDOWS\system32\ctl3dv2.dll
2008-04-30 10:00:00 ----R---- C:\WINDOWS\system32\rsop.msc
2008-04-30 10:00:00 ----R---- C:\WINDOWS\system32\perfmon.msc
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xenroll.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfx.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfsvc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfplatform.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfhost.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wudfcoinstaller.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WshRm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshisn.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wship6.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshfr.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshext.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wshatm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wscript.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WPDSp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshserviceobj.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshextres.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshextautoplay.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdshext.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdmtpus.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdmtp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpdconns.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wowexec.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wow32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvxencd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvsencd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvsdecd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvencod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvdecod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvadve.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmvadvd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpui.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpsrcwp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpshell.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpps.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpmde.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmploc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WMPEncEn.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpcore.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpcd.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmpasf.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmp.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmiscmgr.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmiprop.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmi.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmerror.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmerrFRA.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmdrmsdk.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmdrmnet.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmdrmdev.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmdmps.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmasf.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wmadmod.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wlanapi.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winver.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winstrm.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winsta.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winspool.exe
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winsock.dll
2008-04-30 10:00:00 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-04-30 10:00:00 ----A---- C:\WINDO

Répondre à missesperenza
Destrio5   28-02-2009 à 00:04:31
- 0 +

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.

Répondre à Destrio5
missesperenza   28-02-2009 à 00:14:59
- 0 +

dsl j'ai une connexion 128 :( donc ca peut prendre un peu de temps

Répondre à missesperenza
missesperenza   28-02-2009 à 00:45:06
- 0 +

:( des que j'essaye de l'installer ils me disent "erreur, il n'a pas été possible d'établir une connexion internet....."
je voudrai vous dire aussi que je ne l'ai pas télécharger du lien que vous m'avez donné, parcequ'il bloquait mais g télécharger la meme version de "01.net"

Répondre à missesperenza
Destrio5   28-02-2009 à 00:49:12
- 0 +

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.


Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Répondre à Destrio5
missesperenza   28-02-2009 à 00:51:59
- 0 +

comment désactiver les protections residentes g supprimé spywaredoctor et g eu du mal a enlevé "avast4" g pu y arriver enfin je crois grace a "unlocker assistant"

Répondre à missesperenza
Destrio5   28-02-2009 à 00:54:57
- 0 +

Lance ComboFix quand même.

Répondre à Destrio5
missesperenza   28-02-2009 à 01:14:26
- 0 +

ComboFix 09-02-27.02 - nacera 2002-02-28 1:02:05.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1015.647 [GMT 1:00]
Lancé depuis: c:\downloads\ComboFix.exe
AV: avast! antivirus 4.8.1201 [VPS 080516-1] *On-access scanning enabled* (Outdated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\nacera\Application Data\02000000cc3d6937530C.manifest
c:\documents and settings\nacera\Application Data\02000000cc3d6937530O.manifest
c:\documents and settings\nacera\Application Data\02000000cc3d6937530P.manifest
c:\documents and settings\nacera\Application Data\02000000cc3d6937530S.manifest
c:\windows\GnuHashes.ini
c:\windows\IE4 Error Log.txt
c:\windows\system32\GroupPolicy000.dat
.
---- Exécution préalable -------
.
C:\2u.com
C:\autorun.inf
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\regedits.exe
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\sdcvhost.exe
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DAC970NT
-------\Service_dac970nt


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-27 au 2009-02-27 ))))))))))))))))))))))))))))))))))))
.

2009-02-22 18:11 . 2009-02-22 18:11 10,000 -r-hs---- c:\windows\system32\.vbe
2009-02-22 18:07 . 2009-02-22 18:09 <REP> d-------- c:\documents and settings\nacera\Application Data\U3
2009-02-13 12:04 . 2009-02-13 12:04 <REP> d-------- c:\program files\PDFCreator Toolbar
2009-02-13 12:04 . 2009-02-13 12:04 <REP> d-------- c:\program files\PDFCreator
2009-02-13 12:04 . 2004-03-09 00:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX
2009-02-13 12:04 . 2005-10-15 12:32 196,608 --a------ c:\windows\system32\pdfcmnnt.dll
2009-02-13 12:04 . 1998-07-13 01:08 141,312 --a------ c:\windows\system32\MSCMCFR.DLL
2009-02-13 12:04 . 1998-06-24 00:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX
2009-02-13 12:04 . 1998-07-13 01:08 119,568 --a------ c:\windows\system32\VB6FR.DLL
2009-02-13 12:04 . 1998-07-13 01:08 59,904 --a------ c:\windows\system32\MSCC2FR.DLL
2009-02-13 12:04 . 1998-07-06 00:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL
2009-02-13 12:04 . 2009-02-13 12:04 15,397 --a------ c:\program files\settings.dat
2009-02-07 20:17 . 2009-02-07 20:17 <REP> d-------- c:\documents and settings\All Users\Application Data\UDL
2009-02-07 20:15 . 2009-02-07 20:15 <REP> d-------- c:\documents and settings\nacera\Application Data\InstallShield
2009-02-07 20:14 . 2009-02-07 20:14 <REP> d-------- c:\documents and settings\All Users\Application Data\EPSON
2009-02-07 20:14 . 2006-12-08 03:04 76,800 --a------ c:\windows\system32\E_FLBCAE.DLL
2009-02-07 20:14 . 2006-04-19 03:00 62,976 --a------ c:\windows\system32\E_FD4BCAE.DLL
2009-02-07 20:14 . 2004-09-10 21:12 49,152 --a------ c:\windows\system32\E_DCINST.DLL
2009-02-07 20:14 . 2008-04-13 11:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-02-07 20:14 . 2008-04-13 11:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-02-07 20:14 . 2008-04-13 11:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-02-07 20:14 . 2008-04-13 11:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-02-07 20:14 . 2008-04-13 11:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-02-07 20:14 . 2008-04-13 11:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-02-07 20:12 . 2009-02-07 20:17 <REP> d-------- c:\program files\epson
2009-02-07 20:12 . 2006-12-28 00:00 208,896 --a------ c:\windows\system32\esint7e.dll
2009-02-07 20:12 . 2006-12-28 00:00 66,560 --a------ c:\windows\system32\eswia7e.dll
2009-02-07 20:12 . 2006-03-10 00:00 3,584 --a------ c:\windows\system32\eswiaml.dll
2009-02-05 21:08 . 2009-02-05 21:08 <REP> d-------- c:\program files\MSECache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-27 00:03 --------- d-----w c:\program files\FlashGet
2009-02-20 09:49 --------- d-----w c:\program files\Peer2Peer-FR
2009-02-13 11:01 --------- d-----w c:\documents and settings\nacera\Application Data\LimeWire
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-07 19:18 --------- d-----w c:\program files\Fichiers communs\InstallShield
2009-01-16 21:36 --------- d-----w c:\program files\Google
2009-01-11 10:27 --------- d-----w c:\program files\LimeWire
2008-12-27 01:28 --------- d-----w c:\program files\Microsoft Works
2002-02-26 19:43 10,000 --sh--r c:\windows\.vbe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"= "c:\program files\Peer2Peer-FR\tbPee1.dll" [2002-02-26 1883672]

[HKEY_CLASSES_ROOT\clsid\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]
2002-02-26 21:00 1883672 --a------ c:\program files\Peer2Peer-FR\tbPee1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"= "c:\program files\Peer2Peer-FR\tbPee1.dll" [2002-02-26 1883672]

[HKEY_CLASSES_ROOT\clsid\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B00F3D7D-ECAD-4A3B-BCF7-BA5FC1FD0F8D}"= "c:\program files\Peer2Peer-FR\tbPee1.dll" [2002-02-26 1883672]

[HKEY_CLASSES_ROOT\clsid\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-30 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-21 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5806104]
"EPSON Stylus DX4400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 250368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 211736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 232216]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-11 2076720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 2770800]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 389120]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-30 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"USER-6386143AA7"=".vbe" [2009-02-22 c:\windows\system32\.vbe]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
TWL541P.lnk - c:\program files\MAXIPOWER\TWL541P\Mrv8000x.exe [2008-12-08 1007616]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5806104 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-09-29 17:57 24520488 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2002-02-26 20:43 16384000 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"= c:\\Program Files\\FlashGet\\FlashGet.exe
"c:\\WINDOWS\\system32\\userinit.exe"=
"c:\\WINDOWS\\system32\\igfxtray.exe"=
"c:\\Program Files\\MAXIPOWER\\TWL541P\\Mrv8000x.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\usnsvc.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\msohtmed.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\hkcmd.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATICAE.EXE"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=

R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2008-04-30 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2008-04-30 52736]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [2008-04-30 30208]
R3 W8335PCI;MAXIPOWER TWL541P Wireless NIC;c:\windows\system32\drivers\Mrvw123.sys [2008-12-08 282624]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [2008-04-30 36864]
S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?]
S3 PAC207;Look 110;c:\windows\system32\drivers\PFC027.SYS [2002-02-22 507264]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - DAC970NT
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe
Notify-88f5ece4530 - c:\windows\System32\iasnap32.dll


.
------- Examen supplémentaire -------
.
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {D02EC146-87C0-4F4B-A661-29BB4B4830F1} = 192.168.1.1,202.96.128.68
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-27 01:05:25
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wscript.exe
.
**************************************************************************
.
Heure de fin: 2009-02-27 1:08:17 - La machine a redémarré [nacera]
ComboFix-quarantined-files.txt 2009-02-27 00:08:15

Avant-CF: 61,579,579,392 octets libres
Après-CF: 61,857,533,952 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

224 --- E O F --- 2002-02-27 19:00:21

Répondre à missesperenza
missesperenza   28-02-2009 à 01:15:51
- 0 +

stp comment puisje supprimer définitivement "avast4"

Répondre à missesperenza
missesperenza   28-02-2009 à 01:28:39
- 0 +

bravo tu es un vrai géni
et maintenant que dois je faire pour l'installation de l'antivirus CHEF??

Répondre à missesperenza
missesperenza   28-02-2009 à 01:42:15
- 0 +

ComboFix 09-02-27.02 - nacera 2009-02-27 1:31:22.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.689 [GMT 1:00]
Lancé depuis: c:\downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DAC970NT
-------\Service_dac970nt


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-27 au 2009-02-27 ))))))))))))))))))))))))))))))))))))
.

2009-02-22 18:11 . 2009-02-22 18:11 10,000 -r-hs---- c:\windows\system32\.vbe
2009-02-22 18:07 . 2009-02-22 18:09 <REP> d-------- c:\documents and settings\nacera\Application Data\U3
2009-02-13 12:04 . 2009-02-13 12:04 <REP> d-------- c:\program files\PDFCreator Toolbar
2009-02-13 12:04 . 2009-02-13 12:04 <REP> d-------- c:\program files\PDFCreator
2009-02-13 12:04 . 2004-03-09 00:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX
2009-02-13 12:04 . 2005-10-15 12:32 196,608 --a------ c:\windows\system32\pdfcmnnt.dll
2009-02-13 12:04 . 1998-07-13 01:08 141,312 --a------ c:\windows\system32\MSCMCFR.DLL
2009-02-13 12:04 . 1998-06-24 00:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX
2009-02-13 12:04 . 1998-07-13 01:08 119,568 --a------ c:\windows\system32\VB6FR.DLL
2009-02-13 12:04 . 1998-07-13 01:08 59,904 --a------ c:\windows\system32\MSCC2FR.DLL
2009-02-13 12:04 . 1998-07-06 00:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL
2009-02-13 12:04 . 2009-02-13 12:04 15,397 --a------ c:\program files\settings.dat
2009-02-07 20:17 . 2009-02-07 20:17 <REP> d-------- c:\documents and settings\All Users\Application Data\UDL
2009-02-07 20:15 . 2009-02-07 20:15 <REP> d-------- c:\documents and settings\nacera\Application Data\InstallShield
2009-02-07 20:14 . 2009-02-07 20:14 <REP> d-------- c:\documents and settings\All Users\Application Data\EPSON
2009-02-07 20:14 . 2006-12-08 03:04 76,800 --a------ c:\windows\system32\E_FLBCAE.DLL
2009-02-07 20:14 . 2006-04-19 03:00 62,976 --a------ c:\windows\system32\E_FD4BCAE.DLL
2009-02-07 20:14 . 2004-09-10 21:12 49,152 --a------ c:\windows\system32\E_DCINST.DLL
2009-02-07 20:14 . 2008-04-13 11:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-02-07 20:14 . 2008-04-13 11:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-02-07 20:14 . 2008-04-13 11:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-02-07 20:14 . 2008-04-13 11:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-02-07 20:14 . 2008-04-13 11:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-02-07 20:14 . 2008-04-13 11:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-02-07 20:12 . 2009-02-07 20:17 <REP> d-------- c:\program files\epson
2009-02-07 20:12 . 2006-12-28 00:00 208,896 --a------ c:\windows\system32\esint7e.dll
2009-02-07 20:12 . 2006-12-28 00:00 66,560 --a------ c:\windows\system32\eswia7e.dll
2009-02-07 20:12 . 2006-03-10 00:00 3,584 --a------ c:\windows\system32\eswiaml.dll
2009-02-05 21:08 . 2009-02-05 21:08 <REP> d-------- c:\program files\MSECache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-27 00:32 --------- d-----w c:\program files\FlashGet
2009-02-20 09:49 --------- d-----w c:\program files\Peer2Peer-FR
2009-02-13 11:01 --------- d-----w c:\documents and settings\nacera\Application Data\LimeWire
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-07 19:18 --------- d-----w c:\program files\Fichiers communs\InstallShield
2009-01-16 21:36 --------- d-----w c:\program files\Google
2009-01-11 10:27 --------- d-----w c:\program files\LimeWire
2008-12-27 01:28 --------- d-----w c:\program files\Microsoft Works
2008-12-25 23:34 29,480 ----a-w c:\windows\system32\msxml3a.dll
2008-12-14 08:37 410,984 ----a-w c:\windows\system32\deploytk.dll
2002-02-26 19:43 10,000 --sh--r c:\windows\.vbe
.

((((((((((((((((((((((((((((( SnapShot@2009-02-27_ 1.05.57.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-12-22 19:00:12 303,104 ----a-w c:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-02-27 00:21:41 303,104 ----a-w c:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-02-03 02:07:18 240,544 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
- 2008-12-10 18:26:20 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-02-27 00:30:28 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-02-27 00:33:36 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_524.dat
+ 2009-02-27 00:33:16 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7b4.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"= "c:\program files\Peer2Peer-FR\tbPee1.dll" [2002-02-26 1883672]

[HKEY_CLASSES_ROOT\clsid\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]
2002-02-26 21:00 1883672 --a------ c:\program files\Peer2Peer-FR\tbPee1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}"= "c:\program files\Peer2Peer-FR\tbPee1.dll" [2002-02-26 1883672]

[HKEY_CLASSES_ROOT\clsid\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B00F3D7D-ECAD-4A3B-BCF7-BA5FC1FD0F8D}"= "c:\program files\Peer2Peer-FR\tbPee1.dll" [2002-02-26 1883672]

[HKEY_CLASSES_ROOT\clsid\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-30 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-21 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5806104]
"EPSON Stylus DX4400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 250368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 211736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 232216]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-11 2076720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 2770800]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 389120]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-30 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"USER-6386143AA7"=".vbe" [2009-02-22 c:\windows\system32\.vbe]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
TWL541P.lnk - c:\program files\MAXIPOWER\TWL541P\Mrv8000x.exe [2008-12-08 1007616]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5806104 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-09-29 17:57 24520488 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2002-02-26 20:43 16384000 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"= c:\\Program Files\\FlashGet\\FlashGet.exe
"c:\\WINDOWS\\system32\\userinit.exe"=
"c:\\WINDOWS\\system32\\igfxtray.exe"=
"c:\\Program Files\\MAXIPOWER\\TWL541P\\Mrv8000x.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\usnsvc.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\msohtmed.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\hkcmd.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATICAE.EXE"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=

R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2008-04-30 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2008-04-30 52736]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [2008-04-30 30208]
R3 W8335PCI;MAXIPOWER TWL541P Wireless NIC;c:\windows\system32\drivers\Mrvw123.sys [2008-12-08 282624]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [2008-04-30 36864]
S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?]
S3 PAC207;Look 110;c:\windows\system32\drivers\PFC027.SYS [2002-02-22 507264]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - DAC970NT
.
.
------- Examen supplémentaire -------
.
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {D02EC146-87C0-4F4B-A661-29BB4B4830F1} = 192.168.1.1,202.96.128.68
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-27 01:33:35
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wscript.exe
.
**************************************************************************
.
Heure de fin: 2009-02-27 1:35:21 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-27 00:35:19
ComboFix2.txt 2009-02-27 00:08:18

Avant-CF: 61 867 614 208 octets libres
Après-CF: 61,856,239,616 octets libres

206 --- E O F --- 2002-02-27 19:00:21

Répondre à missesperenza
Destrio5   28-02-2009 à 01:46:39
- 0 +

Je ne parlais pas de ComboFix.

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.


  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.

Répondre à Destrio5
missesperenza   28-02-2009 à 08:16:41
- 0 +

destrio comment je dois taper combofix /u??
et puis j'ai retelechargé avec flashget, antivir, mais dès que je veux l'ouvrir il me dit qu'il est utilisé par un autre processeur.........je sais que je t'embete dsl
dis moi qu'est que ca veut dire, c'est un gros virus c'est ca???

Répondre à missesperenza
missesperenza   28-02-2009 à 08:20:24
- 0 +

ah oui c'est bon j'ai désinstallé combofix

Répondre à missesperenza
missesperenza   28-02-2009 à 09:05:00
- 0 +

et ben ecoute j'ai enfin réussi a télécharger antivir jusqu'au bout, meme les mises a jours
mais le probleme c'est qu'a chaque fois que je l'ouvrais il se refermait tt seul et maintenant je ne peut meme plus l'ouvrir :(

Répondre à missesperenza
Destrio5   28-02-2009 à 16:25:46
- 0 +

On va essayer d'autres choses.

--> Télécharge le scanner portable AVPTool sur ton Bureau.
--> Lance l'exécutable intitulé setup_7.0xxxxx en double-cliquant dessus.
--> Réponds Oui à la question Do you want to continue installation ?.
--> Clique sur Next pour les deux fenêtres suivantes : AVPTool s'installe sur ton Bureau dans un dossier nommé Kaspersky Lab Tool.
--> L'outil se lance tout seul : coche toutes les cases dans l'onglet Automatic Scan.
--> Clique maintenant sur Scan. Le scan commence, une nouvelle fenêtre s'ouvre indiquant la progression du balayage en pourcentage.
--> A la fin du scan, AVPTool signale les objets infectés par l'intermédiaire d'un pop-up : coche alors Apply to all et clique sur Disinfect ou sur Delete selon ce que propose la fenêtre.
--> Une fois les infections traitées par l'intermédiaire des pop-ups, il se peut que des fichiers malsains n'aient pas été supprimés : ils apparaissent en rouge dans la liste : clique alors sur le bouton Neutralize all de la fenêtre de progression du scan : si une pop-up indique qu'il faut redémarrer, accepte en cliquant sur OK.
--> Rends-toi maintenant dans l'onglet Events de la fenêtre de progression du scan et décoche Show all events.
--> Clique enfin sur Reports puis Save to file et enregistre le rapport sur ton Bureau sous le nom Rapport AVPTool.
--> Ferme les fenêtres d'AVPTool : un message apparaît proposant de désinstaller le logiciel : choisis Yes.
--> Un message d'alerte indique que le PC doit être redémarré pour finir la désinstallation. À la question Would you like to restart now, réponds Oui et laisse ton ordinateur redémarrer en Mode normal.
--> Poste le rapport dans ta prochaine réponse.

Répondre à Destrio5
missesperenza   28-02-2009 à 20:17:44
- 0 +

DESTRIOOOOOOOOOO a l'aide, ce matin avant que tu me reponde à un moment j'ai redémaré mon PC et ensuite ya des fenetres qui me sont apparues et je pensais que c'etait des virus et j'ai tt supprimé et finalement j'ai supprimé msn, flashget et surtout la connexion parceque des que j'allume mon pc c'est toutes ces applications qui apparaissent....je suis bete.....................;que dois je faire maintenant????
j'arrive plus a me connecté
ps: la je suis connécté grace a un laptop en wifi chez moi

Répondre à missesperenza
Destrio5   28-02-2009 à 20:20:15
- 0 +

Essaie ceci :


  • Double-clique sur WinsockXPFix.exe.
  • Tout d'abord, clique sur le boutton ReG-Backup. Cela sauvegardera ton registre par précaution.
  • Clique sur OK, et encore une fois. Tu verras une fenêtre de sauvegarde de ton registre, tu cliqueras une nouvelle fois sur OK.


  • Retourne à la fenêtre principale.
  • Clique sur Fix.
  • Clique sur Yes.
  • Il se lancera pendant une minute ou deux et un bip se fera entendre et tu verras cette fenêtre.
  • Finalement, clique sur OK et laisse ton PC redémarrer. Lorsqu'il aura redémarré, essaie d'aller sur Internet.

Répondre à Destrio5
missesperenza   28-02-2009 à 20:22:59
- 0 +

oui mais comment faire sans connexion pour telecharger ce que tu m'as demandé

Répondre à missesperenza
Destrio5   28-02-2009 à 20:23:53
- 0 +

Avec une clé USB par exemple.

Répondre à Destrio5
missesperenza   28-02-2009 à 20:38:02
- 0 +

j'ai fait ce que tu m'as di ca marche pas :(

Répondre à missesperenza
missesperenza   28-02-2009 à 20:38:48
- 0 +

on pourrait peut etre restaurer le systeme non??

Répondre à missesperenza
Destrio5   28-02-2009 à 20:39:25
- 0 +

Tu peux toujours essayer d'utiliser la restauration système.

Répondre à Destrio5
missesperenza   28-02-2009 à 20:41:22
- 0 +

et comment dois je faire??

Répondre à missesperenza
Destrio5   28-02-2009 à 20:43:45
- 0 +

Menu Démarrer > Tous les programmes > Accessoires > Outils système > Restauration du système.

Répondre à Destrio5
missesperenza   28-02-2009 à 20:45:18
- 0 +

je vais te parraitre un peu lourde mais : et apres??
dsl de t'apprendre que je suis nulle en informatique

Répondre à missesperenza
Destrio5   28-02-2009 à 20:49:29
- 0 +

Après, tu choisis une date dans le calendrier pour ta restauration et tu restaures. Je ne peux pas te guider plus précisément.

Répondre à Destrio5
missesperenza   28-02-2009 à 20:58:16
- 0 +

c'est bon j'ai réstauré et ca MARCHE!! merci
et ensuite je fais quoi pour mon probleme d'anti virus
parcontre j'ai des fenetres qui apparaissent pour tout les programmes et je clique soit sur ignorer soit su reparer, quand est ce que je peux savoir si c'est un programme ou un virus???

Répondre à missesperenza
Destrio5   28-02-2009 à 20:59:24
- 0 +

Fais le scan avec AVPTool.

Répondre à Destrio5
missesperenza   28-02-2009 à 22:43:49
- 0 +

Scan
----
Scanned: 309145
Detected: 3
Untreated: 0
Start time: 27/02/2009 21:45:32
Duration: 00:49:17
Finish time: 27/02/2009 22:34:49


Detected
--------
Status Object
------ ------
disinfected: Trojan program Trojan-Downloader.WMA.GetCodec.u File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3
disinfected: Trojan program Trojan-Downloader.WMA.GetCodec.u File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3
deleted: virus EICAR-Test-File File: C:\Documents and Settings\nacera\Local Settings\temp\Av-test.txt


Events
------
Time Name Status Reason
---- ---- ------ ------
27/02/2009 21:46:33 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 21:46:33 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3 not disinfected postponed
27/02/2009 21:46:33 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 21:46:33 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3 not disinfected postponed
27/02/2009 21:49:19 File: C:\Documents and Settings\nacera\Local Settings\temp\Av-test.txt detected virus 'EICAR-Test-File'
27/02/2009 21:49:19 File: C:\Documents and Settings\nacera\Local Settings\temp\Av-test.txt not disinfected postponed
27/02/2009 21:49:48 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 21:49:48 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3 not disinfected postponed
27/02/2009 21:49:48 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 21:49:48 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3 not disinfected postponed
27/02/2009 22:13:11 File: C:\Documents and Settings\nacera\Local Settings\temp\Av-test.txt detected virus 'EICAR-Test-File'
27/02/2009 22:13:11 File: C:\Documents and Settings\nacera\Local Settings\temp\Av-test.txt not disinfected postponed
27/02/2009 22:13:41 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 22:13:41 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Incomplete\Preview-T-3545427-parody toi moi (256k 44800).mp3 not disinfected postponed
27/02/2009 22:13:41 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 22:13:41 File: C:\Documents and Settings\nacera\Mes documents\LimeWire\Saved\parody toi moi (256k 44800).mp3 not disinfected postponed
27/02/2009 22:34:19 File: c:\documents and settings\nacera\mes documents\limewire\incomplete\preview-t-3545427-parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 22:34:29 File: c:\documents and settings\nacera\mes documents\limewire\incomplete\preview-t-3545427-parody toi moi (256k 44800).mp3 disinfected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 22:34:29 File: c:\documents and settings\nacera\mes documents\limewire\saved\parody toi moi (256k 44800).mp3 detected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 22:34:44 File: c:\documents and settings\nacera\mes documents\limewire\saved\parody toi moi (256k 44800).mp3 disinfected Trojan program 'Trojan-Downloader.WMA.GetCodec.u'
27/02/2009 22:34:44 File: c:\documents and settings\nacera\local settings\temp\av-test.txt detected virus 'EICAR-Test-File'
27/02/2009 22:34:44 File: c:\documents and settings\nacera\local settings\temp\av-test.txt not disinfected cannot be disinfected
27/02/2009 22:34:49 File: c:\documents and settings\nacera\local settings\temp\av-test.txt deleted


Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
All objects 167509 3 3 0 0 1562 348 0 13
System memory 2641 0 0 0 0 2 5 0 0
Startup objects 565 0 0 0 0 0 11 0 0
Disk boot sectors 6 0 0 0 0 0 0 0 0
Mes documents 274 2 2 0 0 1 0 0 0
Mail databases 0 0 0 0 0 0 0 0 0
Poste de travail 154567 1 1 0 0 1238 244 0 11
Disque local (C:) 9456 0 0 0 0 321 88 0 2
Disque local (D:) 0 0 0 0 0 0 0 0 0
Look 110 (E:) 0 0 0 0 0 0 0 0 0
NACERA (F:) 0 0 0 0 0 0 0 0 0
Disque amovible (G:) 0 0 0 0 0 0 0 0 0
Disque amovible (H:) 0 0 0 0 0 0 0 0 0
Disque amovible (I:) 0 0 0 0 0 0 0 0 0
Disque amovible (J:) 0 0 0 0 0 0 0 0 0


Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes


Quarantine
----------
Status Object Size Added
------ ------ ---- -----


Backup
------
Status Object Size
------ ------ ----

Répondre à missesperenza
Destrio5   28-02-2009 à 22:54:40
- 0 +

On va faire un peu de tri.


1/

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).



2/

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).


Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

Répondre à Destrio5
Page Précédente
1 2
Page Suivante
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Mon pc souffre et moi aussi aidez moi svp
Aller à :

Il y a 1373 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 2,210 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens