Pc bizarre...

Salut,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Bonjour et Merci  

Voici le log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Inv at 2009-03-25 08:55:08
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 143 GB (77%) free of 185 GB
Total RAM: 1023 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:55:55, on 25/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Azureus\Azureus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\onmdxeoj.exe
C:\Documents and Settings\Inv\Mes documents\RSIT.exe
C:\Documents and Settings\Inv\Mes documents\Inv.exe
c:\lsass.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [17369] C:\onmdxeoj.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: FCF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 5523 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-14 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"30951"=C:\onmdxeoj.exe [2009-03-25 20992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
C:\Documents and Settings\Inv\Application Data\Adobe\Manager.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~4\Office10\OSA.EXE [2001-02-13 83360]

C:\Documents and Settings\Inv\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2009-03-25 08:55:08 ----D---- C:\rsit
2009-03-24 23:35:55 ----A---- C:\lsass.exe
2009-03-24 23:35:54 ----A---- C:\onmdxeoj.exe
2009-03-24 23:35:53 ----A---- C:\WINDOWS\system32\reader_s.exe
2009-03-21 23:27:30 ----D---- C:\WINDOWS\Sun
2009-03-20 12:19:41 ----A---- C:\WINDOWS\BlendSettings.ini
2009-03-19 13:26:12 ----D---- C:\Program Files\Common Files
2009-03-19 11:35:57 ----D---- C:\Program Files\gPotato.eu
2009-03-19 11:17:42 ----D---- C:\Program Files\Bethesda Softworks
2009-03-19 11:16:34 ----D---- C:\WINDOWS\system32\xlive
2009-03-19 11:15:07 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-03-19 11:14:50 ----D---- C:\Documents and Settings\Inv\Application Data\DAEMON Tools Pro
2009-03-19 11:14:50 ----D---- C:\Documents and Settings\Inv\Application Data\DAEMON Tools
2009-03-19 11:14:03 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-03-19 11:13:59 ----D---- C:\Program Files\DAEMON Tools Lite
2009-03-19 11:01:09 ----D---- C:\Documents and Settings\Inv\Application Data\DAEMON Tools Lite
2009-03-19 09:09:27 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-03-19 09:09:27 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-03-19 09:09:27 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-03-19 09:09:26 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-03-19 09:09:26 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-03-19 09:09:26 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-03-19 09:09:26 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-03-19 09:09:25 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-03-19 09:09:25 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-03-19 09:09:25 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-03-19 09:09:25 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-03-19 09:09:25 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-03-19 09:09:24 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-03-19 09:09:24 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-03-19 09:09:24 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-03-19 09:09:23 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-03-19 09:09:23 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-03-19 09:09:23 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-03-19 09:09:23 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-03-19 09:09:23 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-03-19 09:09:22 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-03-19 09:09:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-03-19 09:09:21 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-03-19 09:09:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-03-19 09:09:21 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-03-19 09:09:21 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-03-19 09:09:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-03-19 09:09:20 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-03-19 09:09:20 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-03-19 09:09:19 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-03-19 09:09:19 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-03-19 09:09:19 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-03-19 09:09:19 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-03-19 09:09:18 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-03-19 09:09:18 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-03-19 09:09:18 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-03-19 09:09:17 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-03-19 09:09:17 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-03-19 09:09:17 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-03-19 09:09:17 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-03-19 09:09:16 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-03-19 09:09:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-03-19 09:09:16 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-03-19 09:09:07 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-03-19 09:09:07 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-03-19 09:09:07 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-03-19 09:09:06 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-03-19 09:09:06 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-03-19 09:09:06 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-03-19 09:09:06 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-03-19 09:09:06 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-03-19 09:09:06 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-03-19 09:09:05 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-03-19 09:09:05 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-03-19 09:09:05 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-03-19 09:08:59 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-03-19 09:08:59 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-03-19 09:08:58 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-03-19 09:08:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-03-19 09:08:57 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-03-19 09:08:57 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-03-19 09:08:56 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-03-19 09:08:56 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-03-19 09:08:41 ----D---- C:\WINDOWS\Logs
2009-03-19 09:06:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-17 16:49:05 ----D---- C:\Documents and Settings\Inv\Application Data\Samsung
2009-03-17 16:31:12 ----A---- C:\WINDOWS\system32\framedyn.dll
2009-03-17 16:31:09 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-03-17 16:30:44 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2009-03-17 16:30:22 ----D---- C:\Program Files\Samsung
2009-03-17 15:47:31 ----D---- C:\Program Files\Audacity
2009-03-16 03:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-03-16 03:00:34 ----D---- C:\Program Files\MSXML 4.0
2009-03-15 23:39:25 ----D---- C:\Program Files\SFR
2009-03-15 16:20:54 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2009-03-15 16:09:47 ----D---- C:\Program Files\HP
2009-03-15 16:09:45 ----HD---- C:\Config.Msi
2009-03-15 16:09:13 ----D---- C:\temp
2009-03-15 12:41:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-03-15 12:41:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-03-15 09:09:24 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-15 09:01:19 ----D---- C:\Documents and Settings\Inv\Application Data\Ahead
2009-03-15 09:00:57 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-03-15 08:59:20 ----D---- C:\Program Files\Nero
2009-03-15 08:59:20 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-03-15 08:59:20 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-03-15 08:58:50 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-03-15 08:58:48 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-03-15 08:48:11 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2009-03-15 08:48:07 ----D---- C:\Documents and Settings\Inv\Application Data\Azureus
2009-03-15 08:43:50 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-15 08:41:53 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2009-03-15 08:41:48 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared
2009-03-15 08:40:56 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-03-15 08:40:23 ----D---- C:\Program Files\Adobe
2009-03-15 00:51:23 ----D---- C:\Documents and Settings\Inv\Application Data\Thunderbird
2009-03-15 00:51:13 ----D---- C:\Program Files\Mozilla Thunderbird
2009-03-14 23:52:44 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-03-14 19:57:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-14 19:57:31 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-03-14 19:57:30 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-03-14 19:52:19 ----D---- C:\WINDOWS\system32\XPSViewer
2009-03-14 19:52:16 ----D---- C:\Program Files\MSBuild
2009-03-14 19:52:14 ----D---- C:\WINDOWS\system32\en-US
2009-03-14 19:52:10 ----D---- C:\Program Files\Reference Assemblies
2009-03-14 19:51:47 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-03-14 19:51:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-03-14 19:51:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-03-14 19:51:47 ----D---- C:\e651012c6c3a06737048a8820569d0
2009-03-14 19:50:01 ----D---- C:\Documents and Settings\Inv\Application Data\dvdcss
2009-03-14 19:48:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-03-14 19:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-03-14 19:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-03-14 19:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-03-14 19:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-03-14 19:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-03-14 19:47:03 ----D---- C:\WINDOWS\ie7updates
2009-03-14 19:46:37 ----D---- C:\WINDOWS\WBEM
2009-03-14 19:45:34 ----HDC---- C:\WINDOWS\ie7
2009-03-14 19:45:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-03-14 19:45:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-03-14 19:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-03-14 19:19:43 ----A---- C:\WINDOWS\ODBC.INI
2009-03-14 19:18:57 ----D---- C:\Program Files\Fichiers communs\Designer
2009-03-14 19:18:25 ----D---- C:\WINDOWS\ShellNew
2009-03-14 19:18:23 ----D---- C:\Program Files\Microsoft Office
2009-03-14 19:06:08 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-03-14 19:04:52 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-03-14 19:04:52 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-03-14 19:04:27 ----D---- C:\WINDOWS\BricoPacks
2009-03-14 19:02:55 ----D---- C:\Program Files\CCleaner
2009-03-14 18:56:36 ----D---- C:\WINDOWS\pss
2009-03-14 18:54:14 ----D---- C:\Program Files\Azureus
2009-03-14 18:49:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-03-14 18:49:23 ----D---- C:\Documents and Settings\Inv\Application Data\vlc
2009-03-14 18:49:21 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-03-14 18:49:07 ----D---- C:\Program Files\Windows Media Connect 2
2009-03-14 18:48:49 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-03-14 18:48:32 ----D---- C:\a329a238bf370562155ed998
2009-03-14 18:48:11 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-14 18:47:58 ----D---- C:\81249e4236f0a777629f
2009-03-14 18:47:53 ----D---- C:\WINDOWS\system32\LogFiles
2009-03-14 18:47:42 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-03-14 18:45:31 ----D---- C:\Program Files\VideoLAN
2009-03-14 18:32:18 ----A---- C:\WINDOWS\system32\zipfldr.dll.nouninst
2009-03-14 18:32:18 ----A---- C:\WINDOWS\system32\wuauclt1.exe.nouninst
2009-03-14 18:32:18 ----A---- C:\WINDOWS\system32\wuauclt.exe.nouninst
2009-03-14 18:32:18 ----A---- C:\WINDOWS\system32\wmploc.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\winsrv.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\winntbbu.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\WININET.DLL.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\wiaacmgr.exe.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\webcheck.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\uxtheme.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\URLMON.DLL.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\url.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\themeui.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\taskmgr.exe.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\syssetup.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\sysocmgr.exe.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\stobject.dll.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\sndvol32.exe.nouninst
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nswDC.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nswD9.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nsrDB.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nsmDE.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nsmD8.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nshDD.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nsgD7.tmp
2009-03-14 18:32:17 ----A---- C:\WINDOWS\system32\nscDA.tmp
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\sndrec32.exe.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\SHLWAPI.DLL.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\shimgvw.dll.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\shell32.dll.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\SHDOCVW.DLL.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\shdoclc.dll.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\rasdlg.dll.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\printui.dll.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\occache.dll.nouninst
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\nspD6.tmp
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\nspD5.tmp
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\nspD3.tmp
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\nskD4.tmp
2009-03-14 18:32:16 ----A---- C:\WINDOWS\system32\nskD2.tmp
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\ntshrui.dll.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\nseD1.tmp
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\nseD0.tmp
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\notepad.exe.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\newdev.dll.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\netshell.dll.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\netid.dll.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\mydocs.dll.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\system32\mspaint.exe.nouninst
2009-03-14 18:32:15 ----A---- C:\WINDOWS\notepad.exe.nouninst
2009-03-14 18:32:14 ----A---- C:\WINDOWS\system32\nsnCF.tmp
2009-03-14 18:32:14 ----A---- C:\WINDOWS\system32\MSHTML.DLL.nouninst
2009-03-14 18:32:14 ----A---- C:\WINDOWS\system32\msgina.dll.nouninst
2009-03-14 18:32:14 ----A---- C:\WINDOWS\system32\moricons.dll.nouninst
2009-03-14 18:32:14 ----A---- C:\WINDOWS\system32\logonui.exe.nouninst
2009-03-14 18:32:14 ----A---- C:\WINDOWS\system32\keymgr.dll.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\nsfCD.tmp
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\inetcplc.dll.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\fontext.dll.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\credui.dll.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\console.dll.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\cmd.exe.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\system32\cleanmgr.exe.nouninst
2009-03-14 18:32:13 ----A---- C:\WINDOWS\nsvCE.tmp
2009-03-14 18:32:13 ----A---- C:\WINDOWS\explorer.exe.nouninst
2009-03-14 18:32:12 ----A---- C:\WINDOWS\system32\nsuCC.tmp
2009-03-14 18:32:12 ----A---- C:\WINDOWS\system32\calc.exe.nouninst
2009-03-14 18:32:12 ----A---- C:\WINDOWS\system32\BROWSEUI.DLL.nouninst
2009-03-14 18:31:39 ----A---- C:\WINDOWS\system32\nsnB8.tmp
2009-03-14 18:31:38 ----A---- C:\WINDOWS\system32\nsxB4.tmp
2009-03-14 18:31:38 ----A---- C:\WINDOWS\system32\nsrB5.tmp
2009-03-14 18:31:38 ----A---- C:\WINDOWS\system32\nshB2.tmp
2009-03-14 18:31:38 ----A---- C:\WINDOWS\system32\nsgB0.tmp
2009-03-14 18:31:38 ----A---- C:\WINDOWS\system32\nscB6.tmp
2009-03-14 18:31:38 ----A---- C:\WINDOWS\system32\nscB3.tmp
2009-03-14 18:31:37 ----A---- C:\WINDOWS\system32\nsfAB.tmp
2009-03-14 18:31:37 ----A---- C:\WINDOWS\system32\nsaAE.tmp
2009-03-14 18:31:36 ----A---- C:\WINDOWS\system32\nsiA5.tmp
2009-03-14 18:31:35 ----A---- C:\WINDOWS\system32\nswA0.tmp
2009-03-14 18:31:35 ----A---- C:\WINDOWS\system32\nssA3.tmp
2009-03-14 18:31:35 ----A---- C:\WINDOWS\system32\nssA2.tmp
2009-03-14 18:31:35 ----A---- C:\WINDOWS\system32\nsrA1.tmp
2009-03-14 18:31:35 ----A---- C:\WINDOWS\system32\nsb9F.tmp
2009-03-14 18:31:34 ----A---- C:\WINDOWS\system32\nsq9C.tmp
2009-03-14 18:31:34 ----A---- C:\WINDOWS\system32\nsq9B.tmp
2009-03-14 18:31:33 ----A---- C:\WINDOWS\system32\nsz99.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\system32\nsy91.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\system32\nsx90.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\system32\nsx8C.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\system32\nss8E.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\system32\nsn93.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\system32\nsi92.tmp
2009-03-14 18:31:29 ----A---- C:\WINDOWS\nss8D.tmp
2009-03-14 18:31:27 ----A---- C:\WINDOWS\system32\nsl8A.tmp
2009-03-14 18:31:27 ----A---- C:\WINDOWS\system32\nsf89.tmp
2009-03-14 18:31:27 ----A---- C:\WINDOWS\system32\nsf88.tmp
2009-03-14 18:31:27 ----A---- C:\WINDOWS\system32\nsf87.tmp
2009-03-14 18:31:27 ----A---- C:\WINDOWS\system32\nse86.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nsy80.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nsx7F.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nsx7E.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nst82.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nss81.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nse84.tmp
2009-03-14 18:31:26 ----A---- C:\WINDOWS\system32\nsd83.tmp
2009-03-14 18:31:25 ----A---- C:\WINDOWS\system32\nsr7D.tmp
2009-03-14 18:31:25 ----A---- C:\WINDOWS\system32\nsb7C.tmp
2009-03-14 18:31:24 ----A---- C:\WINDOWS\system32\nsu76.tmp
2009-03-14 18:31:24 ----A---- C:\WINDOWS\system32\nsq7B.tmp
2009-03-14 18:31:24 ----A---- C:\WINDOWS\system32\nsq78.tmp
2009-03-14 18:31:24 ----A---- C:\WINDOWS\system32\nsp75.tmp
2009-03-14 18:31:24 ----A---- C:\WINDOWS\system32\nsa7A.tmp
2009-03-14 18:31:23 ----A---- C:\WINDOWS\system32\nsu74.tmp
2009-03-14 18:31:23 ----A---- C:\WINDOWS\system32\nst70.tmp
2009-03-14 18:31:23 ----A---- C:\WINDOWS\system32\nsj73.tmp
2009-03-14 18:31:23 ----A---- C:\WINDOWS\system32\nsj71.tmp
2009-03-14 18:30:35 ----D---- C:\WINDOWS\Packs
2009-03-14 18:30:35 ----A---- C:\WINDOWS\PackUninst.txt
2009-03-14 18:23:54 ----D---- C:\Documents and Settings\Inv\Application Data\ATI
2009-03-14 18:23:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-03-14 18:18:26 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-03-14 18:18:04 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-14 18:18:04 ----D---- C:\Program Files\ATI Technologies
2009-03-14 18:17:45 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-03-14 18:17:27 ----D---- C:\ATI
2009-03-14 18:16:59 ----D---- C:\Program Files\ASIO4ALL v2
2009-03-14 18:16:50 ----D---- C:\Program Files\VstPlugins
2009-03-14 18:16:50 ----A---- C:\WINDOWS\system32\rewire.dll
2009-03-14 18:16:03 ----D---- C:\Program Files\Outsim
2009-03-14 18:14:26 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2009-03-14 18:14:26 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2009-03-14 18:14:25 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
2009-03-14 18:14:25 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2009-03-14 18:14:12 ----D---- C:\Program Files\Image-Line
2009-03-14 18:10:43 ----D---- C:\Documents and Settings\Inv\Application Data\Macromedia
2009-03-14 18:10:43 ----D---- C:\Documents and Settings\Inv\Application Data\Adobe
2009-03-14 18:06:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-14 18:06:32 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-14 18:04:13 ----D---- C:\Documents and Settings\Inv\Application Data\WinRAR
2009-03-14 18:03:56 ----D---- C:\Program Files\WinRAR
2009-03-14 17:48:43 ----D---- C:\Documents and Settings\Inv\Application Data\Mozilla
2009-03-14 17:47:40 ----D---- C:\Program Files\Mozilla Firefox
2009-03-14 17:46:23 ----D---- C:\Program Files\Messenger Plus! Live
2009-03-14 17:45:37 ----D---- C:\Program Files\Microsoft Silverlight
2009-03-14 17:43:07 ----D---- C:\Program Files\Microsoft
2009-03-14 17:42:52 ----D---- C:\Program Files\Windows Live SkyDrive
2009-03-14 17:42:30 ----D---- C:\Program Files\Windows Live
2009-03-14 17:37:36 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-03-14 17:35:41 ----D---- C:\WINDOWS\Prefetch
2009-03-14 17:33:57 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-03-14 17:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-03-14 17:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-14 17:33:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-14 17:33:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-03-14 17:33:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-03-14 17:33:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-03-14 17:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-03-14 17:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-03-14 17:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-03-14 17:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-03-14 17:33:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-03-14 17:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-03-14 17:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-03-14 17:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-03-14 17:32:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-03-14 17:32:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-03-14 17:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-03-14 17:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-03-14 17:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-03-14 17:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-03-14 17:32:11 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-03-14 17:32:06 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-14 17:29:10 ----D---- C:\WINDOWS\system32\fr-fr
2009-03-14 17:29:09 ----D---- C:\WINDOWS\system32\fr
2009-03-14 17:29:09 ----D---- C:\WINDOWS\system32\bits
2009-03-14 17:29:09 ----D---- C:\WINDOWS\l2schemas
2009-03-14 17:27:33 ----D---- C:\WINDOWS\ServicePackFiles
2009-03-14 17:25:45 ----A---- C:\WINDOWS\system32\h323log.txt
2009-03-14 17:25:41 ----D---- C:\WINDOWS\network diagnostic
2009-03-14 17:24:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-14 17:23:48 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-03-14 17:22:19 ----A---- C:\WINDOWS\system32\usbui.dll
2009-03-14 17:21:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-03-14 17:21:38 ----D---- C:\WINDOWS\EHome
2009-03-14 17:21:13 ----SHD---- C:\WINDOWS\Installer
2009-03-14 17:21:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-14 17:21:12 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-03-14 17:21:12 ----A---- C:\WINDOWS\ODBCINST.INI
2009-03-14 17:21:09 ----RD---- C:\Program Files
2009-03-14 17:21:09 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-03-14 17:21:09 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-14 17:21:09 ----D---- C:\Program Files\Fichiers communs
2009-03-14 17:21:06 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-03-14 17:21:06 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-03-14 17:21:06 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-03-14 17:21:04 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-03-14 17:21:02 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-03-14 17:21:01 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-03-14 17:21:01 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-03-14 17:21:01 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-03-14 17:21:01 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-03-14 17:21:01 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-03-14 17:21:00 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-03-14 17:20:59 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-03-14 17:20:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-03-14 17:20:57 ----A---- C:\WINDOWS\system32\irclass.dll
2009-03-14 17:20:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-03-14 17:20:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-03-14 17:20:56 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-03-14 17:20:55 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-03-14 17:20:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-03-14 17:20:54 ----A---- C:\WINDOWS\system32\batt.dll
2009-03-14 17:20:54 ----A---- C:\WINDOWS\notepad.exe
2009-03-14 17:20:53 ----A---- C:\WINDOWS\system32\storprop.dll
2009-03-14 17:20:45 ----RA---- C:\WINDOWS\SET29.tmp
2009-03-14 17:20:45 ----RA---- C:\WINDOWS\SET28.tmp
2009-03-14 17:20:45 ----RA---- C:\WINDOWS\SET27.tmp
2009-03-14 17:20:45 ----RA---- C:\WINDOWS\SET26.tmp
2009-03-14 17:20:45 ----RA---- C:\WINDOWS\SET25.tmp
2009-03-14 17:20:45 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-03-14 17:20:42 ----RA---- C:\WINDOWS\SET8.tmp
2009-03-14 17:20:40 ----RA---- C:\WINDOWS\SET4.tmp
2009-03-14 17:20:38 ----RA---- C:\WINDOWS\SET3.tmp
2009-03-14 17:20:33 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-14 17:20:33 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-14 17:20:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-14 17:20:06 ----SHD---- C:\System Volume Information
2009-03-14 17:20:06 ----D---- C:\Documents and Settings
2009-03-14 17:17:31 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-03-14 17:14:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-14 17:14:13 ----RSD---- C:\WINDOWS\Fonts
2009-03-14 17:14:13 ----RD---- C:\WINDOWS\Web
2009-03-14 17:14:13 ----HD---- C:\WINDOWS\inf
2009-03-14 17:14:13 ----D---- C:\WINDOWS\WinSxS
2009-03-14 17:14:13 ----D---- C:\WINDOWS\twain_32
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Temp
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\wins
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\wbem
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\usmt
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\spool
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\ShellExt
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\Setup
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\ras
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\oobe
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\npp
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\mui
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\inetsrv
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\IME
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\icsxml
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\ias
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\export
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\drivers
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\dhcp
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\config
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\3com_dmi
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\3076
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\2052
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1054
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1042
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1041
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1037
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1036
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1033
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1031
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1028
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32\1025
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system32
2009-03-14 17:14:13 ----D---- C:\WINDOWS\system
2009-03-14 17:14:13 ----D---- C:\WINDOWS\security
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Resources
2009-03-14 17:14:13 ----D---- C:\WINDOWS\repair
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Provisioning
2009-03-14 17:14:13 ----D---- C:\WINDOWS\PeerNet
2009-03-14 17:14:13 ----D---- C:\WINDOWS\pchealth
2009-03-14 17:14:13 ----D---- C:\WINDOWS\OEM
2009-03-14 17:14:13 ----D---- C:\WINDOWS\mui
2009-03-14 17:14:13 ----D---- C:\WINDOWS\msapps
2009-03-14 17:14:13 ----D---- C:\WINDOWS\msagent
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Media
2009-03-14 17:14:13 ----D---- C:\WINDOWS\java
2009-03-14 17:14:13 ----D---- C:\WINDOWS\ime
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Help
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Driver Cache
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Debug
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Cursors
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Connection Wizard
2009-03-14 17:14:13 ----D---- C:\WINDOWS\Config
2009-03-14 17:14:13 ----D---- C:\WINDOWS\AppPatch
2009-03-14 17:14:13 ----D---- C:\WINDOWS\addins
2009-03-14 17:14:13 ----D---- C:\WINDOWS
2009-03-14 16:54:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-03-14 16:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-03-14 16:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-03-14 16:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-03-14 16:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-03-14 16:53:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958215_0$
2009-03-14 16:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-03-14 16:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2009-03-14 16:52:58 ----A---- C:\WINDOWS\system32\MRT.exe
2009-03-14 16:52:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-03-14 16:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2009-03-14 16:52:36 ----HDC---- C:\WINDOWS\$NtUninstallKB960714_0$
2009-03-14 16:52:32 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2_0$
2009-03-14 16:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-14 16:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-03-14 16:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-03-14 16:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-03-14 16:52:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-03-14 16:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-03-14 16:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-03-14 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-03-14 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-03-14 16:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958690_0$
2009-03-14 16:51:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-03-14 16:50:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-03-14 16:50:25 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-03-14 16:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-03-14 16:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-03-14 16:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-03-14 16:49:57 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-03-14 16:43:50 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-14 16:43:28 ----A---- C:\WINDOWS\system32\wpa.bak
2009-03-14 16:41:17 ----D---- C:\WINDOWS\system32\PreInstall
2009-03-14 16:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-03-14 16:41:09 ----D---- C:\Documents and Settings\Inv\Application Data\Sun
2009-03-14 16:39:34 ----SHD---- C:\RECYCLER
2009-03-14 16:39:19 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-03-14 16:39:18 ----D---- C:\Documents and Settings\Inv\Application Data\Identities
2009-03-14 16:39:16 ----HD---- C:\Program Files\Uninstall Information
2009-03-14 16:39:10 ----SD---- C:\Documents and Settings\Inv\Application Data\Microsoft
2009-03-14 16:39:10 ----ASH---- C:\Documents and Settings\Inv\Application Data\desktop.ini
2009-03-14 16:38:21 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-03-14 16:37:19 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-14 16:37:06 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-14 16:37:06 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-03-14 16:34:19 ----D---- C:\WINDOWS\system32\xircom
2009-03-14 16:34:19 ----D---- C:\Program Files\xerox
2009-03-14 16:34:19 ----D---- C:\Program Files\microsoft frontpage
2009-03-14 16:34:08 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2009-03-14 16:34:00 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-14 16:34:00 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-14 16:34:00 ----A---- C:\WINDOWS\system32\java.exe
2009-03-14 16:33:44 ----D---- C:\Program Files\Java
2009-03-14 16:33:43 ----D---- C:\Program Files\Fichiers communs\Java
2009-03-14 16:32:49 ----RSD---- C:\WINDOWS\assembly
2009-03-14 16:32:49 ----D---- C:\WINDOWS\system32\URTTemp
2009-03-14 16:32:49 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-14 16:31:53 ----D---- C:\WINDOWS\fsc
2009-03-14 16:31:42 ----D---- C:\AddOn
2009-03-14 16:31:16 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-14 16:31:10 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-03-14 16:31:01 ----A---- C:\WINDOWS\control.ini
2009-03-14 16:31:01 ----A---- C:\AUTOEXEC.BAT
2009-03-14 16:30:48 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-03-14 16:29:53 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-14 16:29:52 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-14 16:29:52 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-03-14 16:29:47 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-03-14 16:29:43 ----HD---- C:\Program Files\WindowsUpdate
2009-03-14 16:29:39 ----D---- C:\Program Files\Services en ligne
2009-03-14 16:29:26 ----D---- C:\WINDOWS\system32\DirectX
2009-03-14 16:29:10 ----A---- C:\WINDOWS\system32\atrace.dll
2009-03-14 16:29:08 ----A---- C:\WINDOWS\system32\desktop.ini
2009-03-14 16:29:08 ----A---- C:\WINDOWS\desktop.ini
2009-03-14 16:29:02 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-03-14 16:29:01 ----D---- C:\Program Files\Fichiers communs\Services
2009-03-14 16:29:01 ----A---- C:\WINDOWS\system32\acctres.dll
2009-03-14 16:28:59 ----SD---- C:\WINDOWS\Tasks
2009-03-14 16:28:59 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-03-14 16:28:58 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-03-14 16:28:55 ----D---- C:\WINDOWS\srchasst
2009-03-14 16:28:54 ----D---- C:\WINDOWS\system32\Macromed
2009-03-14 16:28:52 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-03-14 16:28:52 ----A---- C:\WINDOWS\system32\wups.dll
2009-03-14 16:28:52 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-03-14 16:28:52 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-03-14 16:28:52 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-03-14 16:28:52 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-03-14 16:28:51 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-03-14 16:28:48 ----D---- C:\Program Files\Movie Maker
2009-03-14 16:28:45 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-03-14 16:28:45 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-03-14 16:28:45 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-03-14 16:28:45 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-03-14 16:28:42 ----D---- C:\WINDOWS\system32\Restore
2009-03-14 16:28:42 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-03-14 16:28:42 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-03-14 16:28:42 ----A---- C:\WINDOWS\system32\srclient.dll
2009-03-14 16:28:42 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-03-14 16:28:42 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-03-14 16:28:41 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-03-14 16:28:41 ----A---- C:\WINDOWS\system32\msconf.dll
2009-03-14 16:28:41 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-03-14 16:28:41 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-03-14 16:28:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-03-14 16:28:41 ----A---- C:\WINDOWS\system32\ils.dll
2009-03-14 16:28:39 ----D---- C:\Program Files\NetMeeting
2009-03-14 16:28:39 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-03-14 16:28:39 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-03-14 16:28:38 ----A---- C:\WINDOWS\system32\inetres.dll
2009-03-14 16:28:38 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-03-14 16:28:36 ----D---- C:\Program Files\Outlook Express
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\mstask.dll
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\isign32.dll
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-03-14 16:28:36 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-03-14 16:28:31 ----D---- C:\Program Files\Fichiers communs\System
2009-03-14 16:28:29 ----D---- C:\Program Files\Internet Explorer
2009-03-14 16:28:19 ----D---- C:\Program Files\ComPlus Applications
2009-03-14 16:28:17 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-14 16:28:17 ----A---- C:\WINDOWS\vb.ini
2009-03-14 16:28:13 ----D---- C:\WINDOWS\Registration
2009-03-14 16:27:47 ----D---- C:\Program Files\Windows Media Player
2009-03-14 16:27:47 ----D---- C:\Program Files\Online Services
2009-03-14 16:27:43 ----D---- C:\Program Files\Messenger
2009-03-14 16:27:40 ----D---- C:\Program Files\MSN Gaming Zone
2009-03-14 16:27:40 ----A---- C:\WINDOWS\system32\write.exe
2009-03-14 16:27:33 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-03-14 16:27:32 ----A---- C:\WINDOWS\system32\winchat.exe
2009-03-14 16:27:32 ----A---- C:\WINDOWS\system32\hticons.dll
2009-03-14 16:27:32 ----A---- C:\WINDOWS\system32\avwav.dll
2009-03-14 16:27:32 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-03-14 16:27:32 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-03-14 16:27:27 ----A---- C:\WINDOWS\system32\getuname.dll
2009-03-14 16:27:26 ----A---- C:\WINDOWS\system32\winmine.exe
2009-03-14 16:27:26 ----A---- C:\WINDOWS\system32\sol.exe
2009-03-14 16:27:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-03-14 16:27:26 ----A---- C:\WINDOWS\system32\freecell.exe
2009-03-14 16:27:26 ----A---- C:\WINDOWS\system32\charmap.exe
2009-03-14 16:27:26 ----A---- C:\WINDOWS\system32\calc.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\tskill.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\tscon.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\shadow.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\reset.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\regini.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\msg.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\logoff.exe
2009-03-14 16:27:25 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-03-14 16:27:24 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-03-14 16:27:24 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-03-14 16:27:24 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-03-14 16:27:24 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-03-14 16:27:24 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-03-14 16:27:23 ----A---- C:\WINDOWS\system32\stclient.dll
2009-03-14 16:27:23 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-03-14 16:27:23 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-03-14 16:27:23 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-03-14 16:27:19 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-03-14 16:27:11 ----D---- C:\Program Files\MSN
2009-03-14 16:27:10 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-03-14 16:27:10 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-03-14 16:27:10 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-03-14 16:27:10 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-03-14 16:27:09 ----D---- C:\Program Files\Windows NT
2009-03-14 16:27:09 ----A---- C:\WINDOWS\system32\spider.exe
2009-03-14 16:27:09 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-03-14 16:27:09 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-03-14 16:27:08 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-03-14 16:27:07 ----D---- C:\WINDOWS\system32\MsDtc
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-03-14 16:27:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-03-14 16:27:06 ----D---- C:\WINDOWS\system32\Com
2009-03-14 16:27:06 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-03-14 16:27:06 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-03-14 16:27:06 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-03-14 16:27:06 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-03-14 16:27:06 ----A---- C:\WINDOWS\system32\colbact.dll
2009-03-14 16:27:06 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-03-14 16:27:05 ----A---- C:\WINDOWS\system32\comuid.dll
2009-03-14 16:27:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-03-14 16:27:05 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-03-14 16:27:05 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-03-14 16:27:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-03-14 16:27:05 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-03-14 16:27:01 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-03-14 16:27:01 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-03-14 16:27:00 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-03-14 16:27:00 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-03-25 00:01:41 ----A---- C:\WINDOWS\win.ini
2009-03-25 00:01:41 ----A---- C:\WINDOWS\system.ini
2009-03-24 23:37:20 ----A---- C:\WINDOWS\system32\svchost.exe
2009-03-14 19:06:08 ----A---- C:\WINDOWS\system32\uxtheme.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-17 5632]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ae5mm4ui;ae5mm4ui; C:\WINDOWS\system32\drivers\ae5mm4ui.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-14 152984]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-03-24 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-03 593920]
S2 FCF;FCF; C:\WINDOWS\system32\svchost.exe [2009-03-24 14336]
S2 ICF;ICF; C:\WINDOWS\system32\svchost.exe [2009-03-24 14336]
S2 Tvyat;Tvyat; C:\WINDOWS\System32\svchost.exe [2009-03-24 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-15 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2009-03-24 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 Kmihidht;Kmihidht; C:\WINDOWS\system32\drivers\rootmdm.sys [2004-08-05 5888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------




Et voici le Info.txt :

info.txt logfile of random's system information tool 1.06 2009-03-25 08:55:59

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1.0-->"C:\Program Files\gPotato.eu\Street Gears\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Agere Systems PCI Soft Modem-->agrsmdel
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x3837
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class ISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Deckadance-->C:\Program Files\VstPlugins\Deckadance\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Inv\Mes documents\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Dig

---> Tu es infecté par Virut. Si l'infection est trop avancée, le formatage sera inévitable.

Fais un scan Dr.Web CureIt! puis poste le rapport ici :
http://www.commentcamarche.net/faq/sujet-16138-comment-...

Merci d'avance   Le scan a mis des heures :s

ovfsthoqxflfixlhdtjxslrixxyoxmdonmjtpt.dll;C:\WINDOWS\system32;BackDoor.Tdss.118;Supprimé.;
ovfsthoyplfhebsfnnekfeeftairiyhkcpltpg.dll;C:\WINDOWS\system32;BackDoor.Tdss.118;Supprimé.;
ovfsthpyjaeatkmanirdsphgvsbnfhligouxea.dll;C:\WINDOWS\system32;BackDoor.Tdss.115;Irréparable.Quarantaine.;



Voila ce que j'ai eu comme rapport.

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

ComboFix 09-03-23.01 - Inv 2009-03-25 19:30:58.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.407 [GMT 1:00]
Lancé depuis: c:\documents and settings\Inv\Mes documents\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\drivers\ntndis.sys

----- BITS: Il y a peut-être des sites infectés -----

hxxp://au.download.windj+|Cv+@J:NGD_DQ{zcxLJS@b#6O)sWU Client DownloadS-1-5-18`HT4?? 6VwoQZCDHM6VwoQZCDHMXu2D2D2D2DUcxLJS@GD_DQ{zGD_DQ{zGD_DQ{z+@J:Nj+|Cvowsupdate.com
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_icf
-------\Service_ICF


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-25 au 2009-03-25 ))))))))))))))))))))))))))))))))))))
.

2009-03-25 15:10 . 2009-03-25 15:13 <REP> d-------- c:\documents and settings\Inv\DoctorWeb
2009-03-25 10:27 . 2009-03-25 11:06 <REP> d--h----- C:\$AVG8.VAULT$
2009-03-25 10:24 . 2009-03-25 18:51 <REP> d-------- c:\windows\system32\drivers\Avg
2009-03-25 10:24 . 2009-03-25 10:24 <REP> d-------- c:\program files\AVG
2009-03-25 10:24 . 2009-03-25 11:21 <REP> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-25 10:24 . 2009-03-25 10:24 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-25 10:24 . 2009-03-25 10:24 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-25 10:24 . 2009-03-25 10:24 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-25 08:55 . 2009-03-25 08:55 <REP> d-------- C:\rsit
2009-03-24 23:55 . 2009-03-25 10:18 <REP> d-------- c:\documents and settings\Inv\.housecall6.6
2009-03-24 23:41 . 2009-03-24 23:41 0 --a------ c:\windows\system32\drivers\ovfsth.sys
2009-03-24 23:40 . 2009-03-25 12:24 43 --a------ c:\windows\system32\ovfsthhwcgeekvwxlvioutdbdftqopdjcowfwu.dat
2009-03-24 23:38 . 2009-03-24 23:38 182,656 --a--c--- c:\windows\system32\dllcache\ndis.sys
2009-03-24 23:36 . 2009-03-25 16:19 0 --a------ c:\windows\system32\drivers\c6e9c443.sys
2009-03-24 23:35 . 2009-03-25 12:24 12,640 --a------ c:\windows\system32\ovfsthetwmfwtumsvesryektaituejspcyjjxl.dat
2009-03-21 23:27 . 2009-03-21 23:27 <REP> d-------- c:\windows\Sun
2009-03-20 12:19 . 2009-03-23 17:39 23 --a------ c:\windows\BlendSettings.ini
2009-03-19 13:26 . 2009-03-19 13:26 <REP> d-------- c:\program files\Common Files
2009-03-19 13:26 . 2003-07-16 07:17 5,174 --a------ c:\windows\system32\nppt9x.vxd
2009-03-19 13:26 . 2004-12-30 22:43 4,682 --a------ c:\windows\system32\npptNT2.sys
2009-03-19 11:35 . 2009-03-19 11:35 <REP> d-------- c:\program files\gPotato.eu
2009-03-19 11:17 . 2009-03-20 11:44 <REP> d-------- c:\program files\Bethesda Softworks
2009-03-19 11:16 . 2009-03-19 11:16 <REP> d-------- c:\windows\system32\xlive
2009-03-19 11:15 . 2009-03-19 11:15 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools Pro
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-03-19 11:13 . 2009-03-19 11:14 <REP> d-------- c:\program files\DAEMON Tools Lite
2009-03-19 11:01 . 2009-03-19 11:15 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools Lite
2009-03-19 11:01 . 2009-03-19 11:01 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-19 09:08 . 2009-03-19 09:08 <REP> d-------- c:\windows\Logs
2009-03-19 09:08 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2009-03-19 09:06 . 2009-03-20 21:20 <REP> d----c--- c:\windows\system32\DRVSTORE
2009-03-17 16:49 . 2009-03-17 16:49 <REP> d-------- c:\documents and settings\Inv\Application Data\Samsung
2009-03-17 16:31 . 2003-02-21 18:42 348,160 --a------ c:\windows\system32\msvcr71.dll
2009-03-17 16:31 . 2006-05-03 22:53 174,592 --a------ c:\windows\system32\framedyn.dll
2009-03-17 16:31 . 2005-08-30 01:49 94,000 --a------ c:\windows\system32\drivers\ssm_mdm.sys
2009-03-17 16:31 . 2005-08-30 01:47 58,320 --a------ c:\windows\system32\drivers\ssm_bus.sys
2009-03-17 16:31 . 2005-08-30 01:49 8,336 --a------ c:\windows\system32\drivers\ssm_mdfl.sys
2009-03-17 16:31 . 2005-08-30 01:49 6,176 --a------ c:\windows\system32\drivers\ssm_cmnt.sys
2009-03-17 16:31 . 2005-08-30 01:49 6,176 --a------ c:\windows\system32\drivers\ssm_cm.sys
2009-03-17 16:31 . 2005-08-30 01:47 5,840 --a------ c:\windows\system32\drivers\ssm_whnt.sys
2009-03-17 16:31 . 2005-08-30 01:47 5,840 --a------ c:\windows\system32\drivers\ssm_wh.sys
2009-03-17 16:30 . 2009-03-17 16:31 <REP> d-------- c:\windows\system32\Samsung_USB_Drivers
2009-03-17 16:30 . 2009-03-17 16:30 <REP> d-------- c:\program files\Samsung
2009-03-17 16:30 . 2009-03-17 16:41 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-03-17 16:30 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2009-03-17 15:47 . 2009-03-17 15:47 <REP> d-------- c:\program files\Audacity
2009-03-16 03:00 . 2009-03-16 03:00 <REP> d-------- c:\program files\MSXML 4.0
2009-03-15 23:39 . 2009-03-15 23:39 <REP> d-------- c:\program files\SFR
2009-03-15 16:20 . 2009-03-15 16:20 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard
2009-03-15 16:10 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-15 16:10 . 2008-04-13 19:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- c:\temp\HP_WebRelease
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- C:\temp
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- c:\program files\HP
2009-03-15 16:09 . 2009-03-15 16:21 103,537 --a------ c:\windows\hpoins04.dat
2009-03-15 16:09 . 2004-06-22 08:04 17,176 --------- c:\windows\hpomdl04.dat
2009-03-15 16:01 . 2008-04-13 19:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-15 16:01 . 2008-04-13 19:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-15 12:46 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat
2009-03-15 12:41 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-15 12:41 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-15 09:09 . 2009-03-25 18:17 69 --a------ c:\windows\NeroDigital.ini
2009-03-15 09:01 . 2009-03-15 09:34 <REP> d-------- c:\documents and settings\Inv\Application Data\Ahead
2009-03-15 09:00 . 2009-03-15 09:00 <REP> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-03-15 08:59 . 2009-03-15 08:59 <REP> d-------- c:\program files\Nero
2009-03-15 08:59 . 2009-03-15 09:00 <REP> d-------- c:\program files\Fichiers communs\Ahead
2009-03-15 08:59 . 2009-03-15 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Nero
2009-03-15 08:48 . 2009-03-25 19:37 <REP> d-------- c:\documents and settings\Inv\Application Data\Azureus
2009-03-15 08:48 . 2009-03-15 08:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Azureus
2009-03-15 08:41 . 2009-03-15 08:41 <REP> d-------- c:\program files\Fichiers communs\Adobe Systems Shared
2009-03-15 08:41 . 2009-03-15 08:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Macrovision
2009-03-15 08:40 . 2009-03-18 08:17 <REP> d-------- c:\program files\Fichiers communs\Adobe
2009-03-15 00:51 . 2009-03-24 21:02 <REP> d-------- c:\program files\Mozilla Thunderbird
2009-03-15 00:51 . 2009-03-15 00:51 <REP> d-------- c:\documents and settings\Inv\Application Data\Thunderbird
2009-03-14 23:52 . 2009-03-14 23:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-03-14 19:57 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\windows\system32\XPSViewer
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\program files\Reference Assemblies
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\program files\MSBuild
2009-03-14 19:51 . 2009-03-14 19:51 <REP> d-------- C:\e651012c6c3a06737048a8820569d0
2009-03-14 19:51 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-14 19:51 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-14 19:51 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-14 19:51 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-14 19:51 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-14 19:51 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-14 19:51 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-14 19:50 . 2009-03-14 19:54 <REP> d-------- c:\documents and settings\Inv\Application Data\dvdcss
2009-03-14 19:46 . 2008-12-20 23:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-14 19:46 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-14 19:46 . 2007-03-08 06:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-14 19:46 . 2008-12-20 23:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-14 19:46 . 2008-12-20 23:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-14 19:46 . 2008-12-20 23:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-14 19:46 . 2008-12-20 23:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-14 19:46 . 2008-12-20 23:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-14 19:46 . 2008-12-19 10:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-14 19:19 . 2009-03-14 19:19 385 --a------ c:\windows\ODBC.INI
2009-03-14 19:18 . 2009-03-14 19:18 <REP> d-------- c:\windows\ShellNew
2009-03-14 19:06 . 2009-03-14 19:06 65,428 --a------ c:\windows\BricoPackUninst.cmd
2009-03-14 19:04 . 2009-03-14 19:04 <REP> d-------- c:\windows\BricoPacks
2009-03-14 19:04 . 2009-03-14 19:06 6,110 --a------ c:\windows\BricoPackFoldersDelete.cmd
2009-03-14 19:02 . 2009-03-14 19:02 <REP> d-------- c:\program files\CCleaner
2009-03-14 18:54 . 2009-03-15 08:53 <REP> d-------- c:\program files\Azureus
2009-03-14 18:49 . 2009-03-14 18:49 <REP> d-------- c:\program files\Windows Media Connect 2
2009-03-14 18:49 . 2009-03-15 09:45 <REP> d-------- c:\documents and settings\Inv\Application Data\vlc
2009-03-14 18:48 . 2009-03-14 18:49 <REP> d-------- C:\a329a238bf370562155ed998
2009-03-14 18:47 . 2009-03-14 18:47 <REP> d-------- c:\windows\system32\LogFiles
2009-03-14 18:47 . 2009-03-20 14:38 <REP> d-------- c:\windows\system32\drivers\UMDF
2009-03-14 18:47 . 2009-03-14 18:48 <REP> d-------- C:\81249e4236f0a777629f
2009-03-14 18:45 . 2009-03-14 18:45 <REP> d-------- c:\program files\VideoLAN
2009-03-14 18:31 . 2008-12-12 18:02 5,283,840 --a------ c:\windows\system32\nse86.tmp
2009-03-14 18:30 . 2009-03-14 18:30 <REP> d-------- c:\windows\Packs
2009-03-14 18:23 . 2009-03-14 18:23 <REP> d-------- c:\documents and settings\Inv\Application Data\ATI
2009-03-14 18:23 . 2009-03-14 18:23 <REP> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-03-14 18:22 . 2009-03-14 18:22 0 --a------ c:\windows\ativpsrm.bin
2009-03-14 18:18 . 2009-03-20 11:12 <REP> d--h----- c:\program files\InstallShield Installation Information
2009-03-14 18:18 . 2009-03-14 18:19 <REP> d-------- c:\program files\ATI Technologies
2009-03-14 18:18 . 2009-02-03 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2009-03-14 18:17 . 2009-03-14 18:18 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2009-03-14 18:17 . 2009-03-14 18:17 <REP> d-------- C:\ATI
2009-03-14 18:16 . 2009-03-14 18:19 <REP> d-------- c:\program files\VstPlugins
2009-03-14 18:16 . 2009-03-14 18:16 <REP> d-------- c:\program files\Outsim

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-24 22:38 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
2009-03-14 18:59 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-14 16:46 --------- d-----w c:\program files\Messenger Plus! Live
2009-03-14 16:45 --------- d-----w c:\program files\Windows Live
2009-03-14 16:43 --------- d-----w c:\program files\Microsoft
2009-03-14 16:42 --------- d-----w c:\program files\Windows Live SkyDrive
2009-03-14 16:37 --------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-14 15:43 --------- d-----w c:\program files\Java
2009-03-14 15:34 --------- d-----w c:\program files\microsoft frontpage
2009-03-14 15:33 --------- d-----w c:\program files\Fichiers communs\Java
2009-03-14 15:29 --------- d-----w c:\program files\Services en ligne
2009-02-04 07:27 3,488,768 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-02-04 03:52 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
.

------- Sigcheck -------

2004-08-05 13:00 182912 1df7f42665c94b825322fae71721130d c:\windows\$NtServicePackUninstall$\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\ServicePackFiles\i386\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys
2009-03-24 23:38 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\dllcache\ndis.sys
2009-03-24 23:38 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\drivers\ndis.sys

2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\explorer.exe
2004-08-05 13:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa c:\windows\$NtServicePackUninstall$\explorer.exe
2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\ServicePackFiles\i386\explorer.exe
2008-04-14 03:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe

2004-08-05 13:00 112640 46990969761352f53b2310d266e2f1df c:\windows\$NtServicePackUninstall$\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-04-14 03:34 112640 7e3defe771cb451b0ff630bfa435417e c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\system32\wuauclt.exe
2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Inv\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-25 10:24 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2009-02-27 17:10 35696 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-06-27 19:03 152872 c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2009-01-26 15:31 2144088 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-25 325640]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-25 107912]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-25 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-25 298264]
S1 c6e9c443;c6e9c443;c:\windows\system32\drivers\c6e9c443.sys [2009-03-24 0]
S2 FCF;FCF;c:\windows\system32\svchost.exe:exe.exe --> c:\windows\system32\svchost.exe:exe.exe [?]
S2 Tvyat;Tvyat;c:\windows\System32\svchost.exe -k netsvcs [2004-08-05 14336]
S4 Kmihidht;Kmihidht;c:\windows\system32\drivers\rootmdm.sys [2004-08-05 5888]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Tvyat
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-Run - c:\documents and settings\Inv\Application Data\Adobe\Manager.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Inv\Application Data\Mozilla\Firefox\Profiles\bscm564x.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 19:39:16
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FCF]
"ImagePath"="c:\windows\system32\svchost.exe:exe.exe"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(584)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(644)
c:\windows\system32\scecli.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-03-25 19:41:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-25 18:41:06

Avant-CF: 148 480 335 872 octets libres
Après-CF: 148,445,806,592 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
h:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

285 --- E O F --- 2009-03-20 10:33:07




Voici le rapport, merci  

/!\ Seul Phomos peut suivre cette procédure /!\

Désactive toute protection résidente (Antivirus...) !

---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :



---> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.

---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

Cela va relancer Combofix : au message qui apparaît, accepte.

Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.

Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

 

ComboFix 09-03-23.01 - Inv 2009-03-25 20:48:55.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.304 [GMT 1:00]
Lancé depuis: c:\documents and settings\Inv\Mes documents\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Inv\Mes documents\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé

FILE ::
c:\windows\system32\drivers\c6e9c443.sys
c:\windows\system32\drivers\ovfsth.sys
c:\windows\system32\ovfsthetwmfwtumsvesryektaituejspcyjjxl.dat
c:\windows\system32\ovfsthhwcgeekvwxlvioutdbdftqopdjcowfwu.dat
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\c6e9c443.sys
c:\windows\system32\drivers\ntndis.sys
c:\windows\system32\drivers\ovfsth.sys
c:\windows\system32\ovfsthetwmfwtumsvesryektaituejspcyjjxl.dat
c:\windows\system32\ovfsthhwcgeekvwxlvioutdbdftqopdjcowfwu.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_c6e9c443


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-25 au 2009-03-25 ))))))))))))))))))))))))))))))))))))
.

2009-03-25 15:10 . 2009-03-25 15:13 <REP> d-------- c:\documents and settings\Inv\DoctorWeb
2009-03-25 10:27 . 2009-03-25 11:06 <REP> d--h----- C:\$AVG8.VAULT$
2009-03-25 10:24 . 2009-03-25 18:51 <REP> d-------- c:\windows\system32\drivers\Avg
2009-03-25 10:24 . 2009-03-25 10:24 <REP> d-------- c:\program files\AVG
2009-03-25 10:24 . 2009-03-25 11:21 <REP> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-25 10:24 . 2009-03-25 10:24 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-25 10:24 . 2009-03-25 10:24 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-25 10:24 . 2009-03-25 10:24 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-25 08:55 . 2009-03-25 08:55 <REP> d-------- C:\rsit
2009-03-24 23:55 . 2009-03-25 10:18 <REP> d-------- c:\documents and settings\Inv\.housecall6.6
2009-03-24 23:38 . 2009-03-24 23:38 182,656 --a--c--- c:\windows\system32\dllcache\ndis.sys
2009-03-21 23:27 . 2009-03-21 23:27 <REP> d-------- c:\windows\Sun
2009-03-20 12:19 . 2009-03-23 17:39 23 --a------ c:\windows\BlendSettings.ini
2009-03-19 13:26 . 2009-03-19 13:26 <REP> d-------- c:\program files\Common Files
2009-03-19 13:26 . 2003-07-16 07:17 5,174 --a------ c:\windows\system32\nppt9x.vxd
2009-03-19 13:26 . 2004-12-30 22:43 4,682 --a------ c:\windows\system32\npptNT2.sys
2009-03-19 11:35 . 2009-03-19 11:35 <REP> d-------- c:\program files\gPotato.eu
2009-03-19 11:17 . 2009-03-20 11:44 <REP> d-------- c:\program files\Bethesda Softworks
2009-03-19 11:16 . 2009-03-19 11:16 <REP> d-------- c:\windows\system32\xlive
2009-03-19 11:15 . 2009-03-19 11:15 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools Pro
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-03-19 11:13 . 2009-03-19 11:14 <REP> d-------- c:\program files\DAEMON Tools Lite
2009-03-19 11:01 . 2009-03-19 11:15 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools Lite
2009-03-19 11:01 . 2009-03-19 11:01 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-19 09:08 . 2009-03-19 09:08 <REP> d-------- c:\windows\Logs
2009-03-19 09:08 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2009-03-19 09:06 . 2009-03-20 21:20 <REP> d----c--- c:\windows\system32\DRVSTORE
2009-03-17 16:49 . 2009-03-17 16:49 <REP> d-------- c:\documents and settings\Inv\Application Data\Samsung
2009-03-17 16:31 . 2003-02-21 18:42 348,160 --a------ c:\windows\system32\msvcr71.dll
2009-03-17 16:31 . 2006-05-03 22:53 174,592 --a------ c:\windows\system32\framedyn.dll
2009-03-17 16:31 . 2005-08-30 01:49 94,000 --a------ c:\windows\system32\drivers\ssm_mdm.sys
2009-03-17 16:31 . 2005-08-30 01:47 58,320 --a------ c:\windows\system32\drivers\ssm_bus.sys
2009-03-17 16:31 . 2005-08-30 01:49 8,336 --a------ c:\windows\system32\drivers\ssm_mdfl.sys
2009-03-17 16:31 . 2005-08-30 01:49 6,176 --a------ c:\windows\system32\drivers\ssm_cmnt.sys
2009-03-17 16:31 . 2005-08-30 01:49 6,176 --a------ c:\windows\system32\drivers\ssm_cm.sys
2009-03-17 16:31 . 2005-08-30 01:47 5,840 --a------ c:\windows\system32\drivers\ssm_whnt.sys
2009-03-17 16:31 . 2005-08-30 01:47 5,840 --a------ c:\windows\system32\drivers\ssm_wh.sys
2009-03-17 16:30 . 2009-03-17 16:31 <REP> d-------- c:\windows\system32\Samsung_USB_Drivers
2009-03-17 16:30 . 2009-03-17 16:30 <REP> d-------- c:\program files\Samsung
2009-03-17 16:30 . 2009-03-17 16:41 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-03-17 16:30 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2009-03-17 15:47 . 2009-03-17 15:47 <REP> d-------- c:\program files\Audacity
2009-03-16 03:00 . 2009-03-16 03:00 <REP> d-------- c:\program files\MSXML 4.0
2009-03-15 23:39 . 2009-03-15 23:39 <REP> d-------- c:\program files\SFR
2009-03-15 16:20 . 2009-03-15 16:20 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard
2009-03-15 16:10 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-15 16:10 . 2008-04-13 19:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- c:\temp\HP_WebRelease
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- C:\temp
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- c:\program files\HP
2009-03-15 16:09 . 2009-03-15 16:21 103,537 --a------ c:\windows\hpoins04.dat
2009-03-15 16:09 . 2004-06-22 08:04 17,176 --------- c:\windows\hpomdl04.dat
2009-03-15 16:01 . 2008-04-13 19:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-15 16:01 . 2008-04-13 19:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-15 12:46 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat
2009-03-15 12:41 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-15 12:41 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-15 09:09 . 2009-03-25 18:17 69 --a------ c:\windows\NeroDigital.ini
2009-03-15 09:01 . 2009-03-15 09:34 <REP> d-------- c:\documents and settings\Inv\Application Data\Ahead
2009-03-15 09:00 . 2009-03-15 09:00 <REP> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-03-15 08:59 . 2009-03-15 08:59 <REP> d-------- c:\program files\Nero
2009-03-15 08:59 . 2009-03-15 09:00 <REP> d-------- c:\program files\Fichiers communs\Ahead
2009-03-15 08:59 . 2009-03-15 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Nero
2009-03-15 08:48 . 2009-03-25 20:48 <REP> d-------- c:\documents and settings\Inv\Application Data\Azureus
2009-03-15 08:48 . 2009-03-15 08:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Azureus
2009-03-15 08:41 . 2009-03-15 08:41 <REP> d-------- c:\program files\Fichiers communs\Adobe Systems Shared
2009-03-15 08:41 . 2009-03-15 08:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Macrovision
2009-03-15 08:40 . 2009-03-18 08:17 <REP> d-------- c:\program files\Fichiers communs\Adobe
2009-03-15 00:51 . 2009-03-24 21:02 <REP> d-------- c:\program files\Mozilla Thunderbird
2009-03-15 00:51 . 2009-03-15 00:51 <REP> d-------- c:\documents and settings\Inv\Application Data\Thunderbird
2009-03-14 23:52 . 2009-03-14 23:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-03-14 19:57 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\windows\system32\XPSViewer
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\program files\Reference Assemblies
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\program files\MSBuild
2009-03-14 19:51 . 2009-03-14 19:51 <REP> d-------- C:\e651012c6c3a06737048a8820569d0
2009-03-14 19:51 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-14 19:51 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-14 19:51 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-14 19:51 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-14 19:51 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-14 19:51 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-14 19:51 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-14 19:50 . 2009-03-14 19:54 <REP> d-------- c:\documents and settings\Inv\Application Data\dvdcss
2009-03-14 19:46 . 2008-12-20 23:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-14 19:46 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-14 19:46 . 2007-03-08 06:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-14 19:46 . 2008-12-20 23:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-14 19:46 . 2008-12-20 23:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-14 19:46 . 2008-12-20 23:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-14 19:46 . 2008-12-20 23:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-14 19:46 . 2008-12-20 23:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-14 19:46 . 2008-12-19 10:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-14 19:19 . 2009-03-14 19:19 385 --a------ c:\windows\ODBC.INI
2009-03-14 19:18 . 2009-03-14 19:18 <REP> d-------- c:\windows\ShellNew
2009-03-14 19:06 . 2009-03-14 19:06 65,428 --a------ c:\windows\BricoPackUninst.cmd
2009-03-14 19:04 . 2009-03-14 19:04 <REP> d-------- c:\windows\BricoPacks
2009-03-14 19:04 . 2009-03-14 19:06 6,110 --a------ c:\windows\BricoPackFoldersDelete.cmd
2009-03-14 19:02 . 2009-03-14 19:02 <REP> d-------- c:\program files\CCleaner
2009-03-14 18:54 . 2009-03-15 08:53 <REP> d-------- c:\program files\Azureus
2009-03-14 18:49 . 2009-03-14 18:49 <REP> d-------- c:\program files\Windows Media Connect 2
2009-03-14 18:49 . 2009-03-15 09:45 <REP> d-------- c:\documents and settings\Inv\Application Data\vlc
2009-03-14 18:48 . 2009-03-14 18:49 <REP> d-------- C:\a329a238bf370562155ed998
2009-03-14 18:47 . 2009-03-14 18:47 <REP> d-------- c:\windows\system32\LogFiles
2009-03-14 18:47 . 2009-03-20 14:38 <REP> d-------- c:\windows\system32\drivers\UMDF
2009-03-14 18:47 . 2009-03-14 18:48 <REP> d-------- C:\81249e4236f0a777629f
2009-03-14 18:45 . 2009-03-14 18:45 <REP> d-------- c:\program files\VideoLAN
2009-03-14 18:31 . 2008-12-12 18:02 5,283,840 --a------ c:\windows\system32\nse86.tmp
2009-03-14 18:30 . 2009-03-14 18:30 <REP> d-------- c:\windows\Packs
2009-03-14 18:23 . 2009-03-14 18:23 <REP> d-------- c:\documents and settings\Inv\Application Data\ATI
2009-03-14 18:23 . 2009-03-14 18:23 <REP> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-03-14 18:22 . 2009-03-14 18:22 0 --a------ c:\windows\ativpsrm.bin
2009-03-14 18:18 . 2009-03-20 11:12 <REP> d--h----- c:\program files\InstallShield Installation Information
2009-03-14 18:18 . 2009-03-14 18:19 <REP> d-------- c:\program files\ATI Technologies
2009-03-14 18:18 . 2009-02-03 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2009-03-14 18:17 . 2009-03-14 18:18 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2009-03-14 18:17 . 2009-03-14 18:17 <REP> d-------- C:\ATI
2009-03-14 18:16 . 2009-03-14 18:19 <REP> d-------- c:\program files\VstPlugins
2009-03-14 18:16 . 2009-03-14 18:16 <REP> d-------- c:\program files\Outsim
2009-03-14 18:16 . 2009-03-14 18:16 <REP> d-------- c:\program files\ASIO4ALL v2
2009-03-14 18:16 . 2002-07-07 23:14 1,294,336 --a------ c:\windows\system32\vorbis.acm
2009-03-14 18:16 . 2006-06-20 09:56 225,280 --a------ c:\windows\system32\rewire.dll
2009-03-14 18:14 . 2009-03-14 18:14 <REP> d-------- c:\program files\TeaTimer (Spybot - Search & Destroy)

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-24 22:38 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
2009-03-14 18:59 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-14 16:46 --------- d-----w c:\program files\Messenger Plus! Live
2009-03-14 16:45 --------- d-----w c:\program files\Windows Live
2009-03-14 16:43 --------- d-----w c:\program files\Microsoft
2009-03-14 16:42 --------- d-----w c:\program files\Windows Live SkyDrive
2009-03-14 16:37 --------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-14 15:43 --------- d-----w c:\program files\Java
2009-03-14 15:34 --------- d-----w c:\program files\microsoft frontpage
2009-03-14 15:33 --------- d-----w c:\program files\Fichiers communs\Java
2009-03-14 15:29 --------- d-----w c:\program files\Services en ligne
2009-02-04 07:27 3,488,768 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-02-04 03:52 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
.

------- Sigcheck -------

2004-08-05 13:00 182912 1df7f42665c94b825322fae71721130d c:\windows\$NtServicePackUninstall$\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\ServicePackFiles\i386\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys
2009-03-24 23:38 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\dllcache\ndis.sys
2009-03-24 23:38 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\drivers\ndis.sys

2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\explorer.exe
2004-08-05 13:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa c:\windows\$NtServicePackUninstall$\explorer.exe
2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\ServicePackFiles\i386\explorer.exe
2008-04-14 03:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe

2004-08-05 13:00 112640 46990969761352f53b2310d266e2f1df c:\windows\$NtServicePackUninstall$\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-04-14 03:34 112640 7e3defe771cb451b0ff630bfa435417e c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\system32\wuauclt.exe
2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-25_19.40.20.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-25 19:57:37 16,384 ----atw c:\windows\temp\Perflib_Perfdata_3ac.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Inv\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-25 10:24 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2009-02-27 17:10 35696 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-06-27 19:03 152872 c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2009-01-26 15:31 2144088 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-25 325640]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-25 107912]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-25 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-25 298264]
S2 FCF;FCF;c:\windows\system32\svchost.exe:exe.exe --> c:\windows\system32\svchost.exe:exe.exe [?]
S2 Tvyat;Tvyat;c:\windows\System32\svchost.exe -k netsvcs [2004-08-05 14336]
S4 Kmihidht;Kmihidht;c:\windows\system32\drivers\rootmdm.sys [2004-08-05 5888]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Tvyat
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Inv\Application Data\Mozilla\Firefox\Profiles\bscm564x.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 20:57:58
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FCF]
"ImagePath"="c:\windows\system32\svchost.exe:exe.exe"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(584)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(644)
c:\windows\system32\scecli.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
.
**************************************************************************
.
Heure de fin: 2009-03-25 21:00:18 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-25 20:00:14
ComboFix2.txt 2009-03-25 18:41:10

Avant-CF: 148 384 296 960 octets libres
Après-CF: 148,373,254,144 octets libres

282 --- E O F --- 2009-03-20 10:33:07



Par contre j'ai bien désactivé AVG, strange   Merci d'avance  

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.

Double-clique sur le fichier téléchargé pour lancer le processus d'installation.

Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.

Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.

Sélectionne Exécuter un examen rapide.

Clique sur Rechercher.

L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

Ferme tes navigateurs.

Si des malwares ont été détectés, clique sur Afficher les résultats.

Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1897
Windows 5.1.2600 Service Pack 3

25/03/2009 21:38:28
mbam-log-2009-03-25 (21-38-28).txt

Type de recherche: Examen rapide
Eléments examinés: 62891
Temps écoulé: 4 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FCF (Rootkit.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)



Voici mon scan  

Relance MBAM, va dans Quarantaine et supprime tout.

Fais un scan AVPTool et poste le rapport.

Voici le lien vers le rapport, impossible de le copier ici, trop lourd  

http://rapidshare.com/files/213851162/t.txt.html

Merci d'avance  

Up   Merci.

Je te réponds dans la soirée.

Merci Destrio  

  Phomos,

Je vais prendre la relève.

As-tu bien sauvegardé tes données les plus vitales ? Veille à ne sauvegarder aucun fichier dont l'extension est .exe, .scr, .zip, .rar.

Je t'envoie un MP pour la suite des instructions. Tu posteras le rapport, ici, sur le forum.

 

Bonjour Egwene  

Oui j'ai tout save, j'ai reformaté il y'a peu  


Merci pour les instructions je te tiens au courant  

ComboFix 09-03-27.02 - Inv 2009-03-28 13:02:13.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.595 [GMT 1:00]
Lancé depuis: c:\documents and settings\Inv\Mes documents\KittyFix.exe

* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOTDRV
-------\Service_botdrv
-------\Service_PCIDump


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-28 au 2009-03-28 ))))))))))))))))))))))))))))))))))))
.

2009-03-28 12:49 . 2009-03-28 12:49 <REP> d-------- c:\program files\Free Audio Pack
2009-03-25 21:22 . 2009-03-25 21:22 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-25 21:22 . 2009-03-25 21:22 <REP> d-------- c:\documents and settings\Inv\Application Data\Malwarebytes
2009-03-25 21:22 . 2009-03-25 21:22 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-25 21:22 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-25 21:22 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-25 15:10 . 2009-03-25 15:13 <REP> d-------- c:\documents and settings\Inv\DoctorWeb
2009-03-25 10:27 . 2009-03-25 11:06 <REP> d--h----- C:\$AVG8.VAULT$
2009-03-25 10:24 . 2009-03-28 09:40 <REP> d-------- c:\windows\system32\drivers\Avg
2009-03-25 10:24 . 2009-03-25 10:24 <REP> d-------- c:\program files\AVG
2009-03-25 10:24 . 2009-03-25 11:21 <REP> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-25 10:24 . 2009-03-25 10:24 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-25 10:24 . 2009-03-25 10:24 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-25 10:24 . 2009-03-25 10:24 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-25 08:55 . 2009-03-25 08:55 <REP> d-------- C:\rsit
2009-03-24 23:55 . 2009-03-25 10:18 <REP> d-------- c:\documents and settings\Inv\.housecall6.6
2009-03-24 23:38 . 2009-03-24 23:38 182,656 --a--c--- c:\windows\system32\dllcache\ndis.sys
2009-03-21 23:27 . 2009-03-21 23:27 <REP> d-------- c:\windows\Sun
2009-03-20 12:19 . 2009-03-27 17:18 23 --a------ c:\windows\BlendSettings.ini
2009-03-19 13:26 . 2009-03-19 13:26 <REP> d-------- c:\program files\Common Files
2009-03-19 13:26 . 2003-07-16 07:17 5,174 --a------ c:\windows\system32\nppt9x.vxd
2009-03-19 13:26 . 2004-12-30 22:43 4,682 --a------ c:\windows\system32\npptNT2.sys
2009-03-19 11:35 . 2009-03-19 11:35 <REP> d-------- c:\program files\gPotato.eu
2009-03-19 11:17 . 2009-03-20 11:44 <REP> d-------- c:\program files\Bethesda Softworks
2009-03-19 11:16 . 2009-03-19 11:16 <REP> d-------- c:\windows\system32\xlive
2009-03-19 11:15 . 2009-03-19 11:15 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools Pro
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools
2009-03-19 11:14 . 2009-03-19 11:14 <REP> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-03-19 11:13 . 2009-03-19 11:14 <REP> d-------- c:\program files\DAEMON Tools Lite
2009-03-19 11:01 . 2009-03-19 11:15 <REP> d-------- c:\documents and settings\Inv\Application Data\DAEMON Tools Lite
2009-03-19 11:01 . 2009-03-19 11:01 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-19 09:08 . 2009-03-19 09:08 <REP> d-------- c:\windows\Logs
2009-03-19 09:08 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
2009-03-19 09:06 . 2009-03-20 21:20 <REP> d----c--- c:\windows\system32\DRVSTORE
2009-03-17 16:49 . 2009-03-17 16:49 <REP> d-------- c:\documents and settings\Inv\Application Data\Samsung
2009-03-17 16:31 . 2003-02-21 18:42 348,160 --a------ c:\windows\system32\msvcr71.dll
2009-03-17 16:31 . 2006-05-03 22:53 174,592 --a------ c:\windows\system32\framedyn.dll
2009-03-17 16:31 . 2005-08-30 01:49 94,000 --a------ c:\windows\system32\drivers\ssm_mdm.sys
2009-03-17 16:31 . 2005-08-30 01:47 58,320 --a------ c:\windows\system32\drivers\ssm_bus.sys
2009-03-17 16:31 . 2005-08-30 01:49 8,336 --a------ c:\windows\system32\drivers\ssm_mdfl.sys
2009-03-17 16:31 . 2005-08-30 01:49 6,176 --a------ c:\windows\system32\drivers\ssm_cmnt.sys
2009-03-17 16:31 . 2005-08-30 01:49 6,176 --a------ c:\windows\system32\drivers\ssm_cm.sys
2009-03-17 16:31 . 2005-08-30 01:47 5,840 --a------ c:\windows\system32\drivers\ssm_whnt.sys
2009-03-17 16:31 . 2005-08-30 01:47 5,840 --a------ c:\windows\system32\drivers\ssm_wh.sys
2009-03-17 16:30 . 2009-03-17 16:31 <REP> d-------- c:\windows\system32\Samsung_USB_Drivers
2009-03-17 16:30 . 2009-03-17 16:30 <REP> d-------- c:\program files\Samsung
2009-03-17 16:30 . 2009-03-17 16:41 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-03-17 16:30 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2009-03-17 15:47 . 2009-03-17 15:47 <REP> d-------- c:\program files\Audacity
2009-03-16 03:00 . 2009-03-16 03:00 <REP> d-------- c:\program files\MSXML 4.0
2009-03-15 23:39 . 2009-03-15 23:39 <REP> d-------- c:\program files\SFR
2009-03-15 16:20 . 2009-03-15 16:20 <REP> d-------- c:\program files\Fichiers communs\Hewlett-Packard
2009-03-15 16:10 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-03-15 16:10 . 2008-04-13 19:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- c:\temp\HP_WebRelease
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- C:\temp
2009-03-15 16:09 . 2009-03-15 16:09 <REP> d-------- c:\program files\HP
2009-03-15 16:09 . 2009-03-15 16:21 103,537 --a------ c:\windows\hpoins04.dat
2009-03-15 16:09 . 2004-06-22 08:04 17,176 --------- c:\windows\hpomdl04.dat
2009-03-15 16:01 . 2008-04-13 19:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-03-15 16:01 . 2008-04-13 19:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-03-15 12:46 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat
2009-03-15 12:41 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-15 12:41 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-15 09:09 . 2009-03-28 12:45 69 --a------ c:\windows\NeroDigital.ini
2009-03-15 09:01 . 2009-03-15 09:34 <REP> d-------- c:\documents and settings\Inv\Application Data\Ahead
2009-03-15 09:00 . 2009-03-15 09:00 <REP> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-03-15 08:59 . 2009-03-15 08:59 <REP> d-------- c:\program files\Nero
2009-03-15 08:59 . 2009-03-15 09:00 <REP> d-------- c:\program files\Fichiers communs\Ahead
2009-03-15 08:59 . 2009-03-15 08:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Nero
2009-03-15 08:48 . 2009-03-27 23:24 <REP> d-------- c:\documents and settings\Inv\Application Data\Azureus
2009-03-15 08:48 . 2009-03-15 08:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Azureus
2009-03-15 08:41 . 2009-03-15 08:41 <REP> d-------- c:\program files\Fichiers communs\Adobe Systems Shared
2009-03-15 08:41 . 2009-03-15 08:41 <REP> d-------- c:\documents and settings\All Users\Application Data\Macrovision
2009-03-15 08:40 . 2009-03-18 08:17 <REP> d-------- c:\program files\Fichiers communs\Adobe
2009-03-15 00:51 . 2009-03-27 13:10 <REP> d-------- c:\program files\Mozilla Thunderbird
2009-03-15 00:51 . 2009-03-15 00:51 <REP> d-------- c:\documents and settings\Inv\Application Data\Thunderbird
2009-03-14 23:52 . 2009-03-14 23:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-03-14 19:57 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\windows\system32\XPSViewer
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\program files\Reference Assemblies
2009-03-14 19:52 . 2009-03-14 19:52 <REP> d-------- c:\program files\MSBuild
2009-03-14 19:51 . 2009-03-14 19:51 <REP> d-------- C:\e651012c6c3a06737048a8820569d0
2009-03-14 19:51 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-03-14 19:51 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-14 19:51 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-14 19:51 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-03-14 19:51 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-14 19:51 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-03-14 19:51 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-14 19:50 . 2009-03-14 19:54 <REP> d-------- c:\documents and settings\Inv\Application Data\dvdcss
2009-03-14 19:46 . 2008-12-20 23:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-03-14 19:46 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-03-14 19:46 . 2007-03-08 06:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-03-14 19:46 . 2008-12-20 23:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-03-14 19:46 . 2008-12-20 23:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-03-14 19:46 . 2008-12-20 23:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-03-14 19:46 . 2008-12-20 23:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-03-14 19:46 . 2008-12-20 23:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-03-14 19:46 . 2008-12-19 10:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-03-14 19:19 . 2009-03-14 19:19 385 --a------ c:\windows\ODBC.INI
2009-03-14 19:18 . 2009-03-14 19:18 <REP> d-------- c:\windows\ShellNew
2009-03-14 19:06 . 2009-03-14 19:06 65,428 --a------ c:\windows\BricoPackUninst.cmd
2009-03-14 19:04 . 2009-03-14 19:04 <REP> d-------- c:\windows\BricoPacks
2009-03-14 19:04 . 2009-03-14 19:06 6,110 --a------ c:\windows\BricoPackFoldersDelete.cmd
2009-03-14 19:02 . 2009-03-14 19:02 <REP> d-------- c:\program files\CCleaner
2009-03-14 18:54 . 2009-03-15 08:53 <REP> d-------- c:\program files\Azureus
2009-03-14 18:49 . 2009-03-14 18:49 <REP> d-------- c:\program files\Windows Media Connect 2
2009-03-14 18:49 . 2009-03-15 09:45 <REP> d-------- c:\documents and settings\Inv\Application Data\vlc
2009-03-14 18:48 . 2009-03-14 18:49 <REP> d-------- C:\a329a238bf370562155ed998
2009-03-14 18:47 . 2009-03-14 18:47 <REP> d-------- c:\windows\system32\LogFiles
2009-03-14 18:47 . 2009-03-20 14:38 <REP> d-------- c:\windows\system32\drivers\UMDF
2009-03-14 18:47 . 2009-03-14 18:48 <REP> d-------- C:\81249e4236f0a777629f
2009-03-14 18:45 . 2009-03-14 18:45 <REP> d-------- c:\program files\VideoLAN
2009-03-14 18:31 . 2008-12-12 18:02 5,283,840 --a------ c:\windows\system32\nse86.tmp
2009-03-14 18:30 . 2009-03-14 18:30 <REP> d-------- c:\windows\Packs
2009-03-14 18:23 . 2009-03-14 18:23 <REP> d-------- c:\documents and settings\Inv\Application Data\ATI
2009-03-14 18:23 . 2009-03-14 18:23 <REP> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-03-14 18:22 . 2009-03-14 18:22 0 --a------ c:\windows\ativpsrm.bin
2009-03-14 18:18 . 2009-03-20 11:12 <REP> d--h----- c:\program files\InstallShield Installation Information
2009-03-14 18:18 . 2009-03-14 18:19 <REP> d-------- c:\program files\ATI Technologies
2009-03-14 18:18 . 2009-02-03 21:05 593,920 --------- c:\windows\system32\ati2sgag.exe
2009-03-14 18:17 . 2009-03-14 18:18 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2009-03-14 18:17 . 2009-03-14 18:17 <REP> d-------- C:\ATI

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-24 22:38 182,656 ----a-w c:\windows\system32\drivers\ndis.sys
2009-03-14 18:59 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-14 16:46 --------- d-----w c:\program files\Messenger Plus! Live
2009-03-14 16:45 --------- d-----w c:\program files\Windows Live
2009-03-14 16:43 --------- d-----w c:\program files\Microsoft
2009-03-14 16:42 --------- d-----w c:\program files\Windows Live SkyDrive
2009-03-14 16:37 --------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-14 15:43 --------- d-----w c:\program files\Java
2009-03-14 15:34 --------- d-----w c:\program files\microsoft frontpage
2009-03-14 15:33 --------- d-----w c:\program files\Fichiers communs\Java
2009-03-14 15:29 --------- d-----w c:\program files\Services en ligne
2009-02-04 07:27 3,488,768 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-02-04 03:52 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
.

------- Sigcheck -------

2004-08-05 13:00 182912 1df7f42665c94b825322fae71721130d c:\windows\$NtServicePackUninstall$\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\ServicePackFiles\i386\ndis.sys
2008-04-13 20:20 182656 1df7f42665c94b825322fae71721130d c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ndis.sys
2009-03-24 23:38 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\dllcache\ndis.sys
2009-03-24 23:38 213120 1df7f42665c94b825322fae71721130d c:\windows\system32\drivers\ndis.sys

2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\explorer.exe
2004-08-05 13:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa c:\windows\$NtServicePackUninstall$\explorer.exe
2008-04-14 03:34 979968 3efe912dd25d2586e6a0341db0a66f69 c:\windows\ServicePackFiles\i386\explorer.exe
2008-04-14 03:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\explorer.exe

2004-08-05 13:00 112640 46990969761352f53b2310d266e2f1df c:\windows\$NtServicePackUninstall$\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\ServicePackFiles\i386\wuauclt.exe
2008-04-14 03:34 112640 7e3defe771cb451b0ff630bfa435417e c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wuauclt.exe
2008-10-16 14:09 66584 2275f45e257d46e6500558b2930cb9a4 c:\windows\system32\wuauclt.exe
2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-25_19.40.20.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-02-24 11:10:10 2,084,864 ----a-w c:\windows\system32\AudDesign.dll
+ 2005-02-24 11:10:30 417,792 ----a-w c:\windows\system32\AudDisplay.dll
+ 2005-03-11 16:37:10 1,986,560 ----a-w c:\windows\system32\AudFile.dll
+ 2005-02-24 11:11:06 1,212,416 ----a-w c:\windows\system32\AudioInfos.dll
+ 2005-03-10 15:00:30 454,656 ----a-w c:\windows\system32\AudioRecord.dll
+ 2005-02-24 11:11:56 479,232 ----a-w c:\windows\system32\AudioVisu.dll
+ 2005-02-24 14:21:12 458,752 ----a-w c:\windows\system32\AudPlayer.dll
+ 1998-07-12 18:00:00 32,768 ----a-w c:\windows\system32\CMDLGFR.DLL
+ 1998-07-12 22:00:00 15,360 ----a-w c:\windows\system32\inetfr.DLL
+ 2003-08-07 14:01:50 237,568 ----a-w c:\windows\system32\lame_enc.dll
+ 2003-03-18 20:20:00 1,060,864 ----a-w c:\windows\system32\MFC71.dll
+ 1998-07-12 22:00:00 59,904 ----a-w c:\windows\system32\Mscc2fr.dll
+ 1998-07-12 22:00:00 141,312 ----a-w c:\windows\system32\MSCMCFR.DLL
+ 1998-06-16 22:00:00 516,173 ----a-w c:\windows\system32\MSVCP60D.DLL
+ 2000-11-29 01:07:30 307,200 ----a-w c:\windows\system32\msvcr70.dll
+ 1998-06-16 22:00:00 385,100 ----a-w c:\windows\system32\MSVCRTD.DLL
+ 1998-07-12 22:00:00 21,504 ----a-w c:\windows\system32\TABCTFR.DLL
+ 2000-10-01 18:00:00 119,568 ----a-w c:\windows\system32\VB6FR.DLL
+ 1999-03-25 18:00:00 101,888 ----a-w c:\windows\system32\VB6STKIT.DLL
+ 2005-02-24 10:51:38 348,160 ----a-w c:\windows\system32\WMAFile.dll
+ 2009-03-28 12:05:22 16,384 ----atw c:\windows\temp\Perflib_Perfdata_a8.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Inv\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-25 10:24 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2009-02-27 17:10 35696 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-06-27 19:03 152872 c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2009-01-26 15:31 2144088 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\program files\SFR\Media Center\httpd\httpd.exe"= c:\program files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)

R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-25 325640]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-25 107912]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-25 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-25 298264]
S2 Tvyat;Tvyat;c:\windows\System32\svchost.exe -k netsvcs [2004-08-05 14336]
S4 Kmihidht;Kmihidht;c:\windows\system32\drivers\rootmdm.sys [2004-08-05 5888]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Tvyat
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Inv\Application Data\Mozilla\Firefox\Profiles\bscm564x.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-28 13:05:39
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(564)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(624)
c:\windows\system32\scecli.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
.
**************************************************************************
.
Heure de fin: 2009-03-28 13:07:35 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-28 12:07:32
ComboFix2.txt 2009-03-25 18:41:10

Avant-CF: 123 119 927 296 octets libres
Après-CF: 123,292,680,192 octets libres

288 --- E O F --- 2009-03-20 10:33:07



Voici le rapport   Merci d'avance!

Ti Up  

Je up, toujours personne ? Je pense que mon pc est clean mais j'aimerais en être sur merci  

Refais un scan RSIT et poste le rapport log.

Bug toujours impossible de tout coller c'est normal ? :s

Voici le lien   :

http://rapidshare.com/files/216660687/log.txt.html


Merci  


(Et ma connexion se fait lente depuis hier, problème avec Neuf ou autre ?)


Merci  

Up  

Menu Démarrer > Exécuter > Tape combofix /u et valide.

Tu as quoi comme antivirus ?

J'ai un message d'erreur "Windows ne trouve pas 'combofix'..."

J'ai Kaspersky Antivirus, j'avais AVG avant de reformater mon pc, j'ai décidé de changer.

Merci !

Ps : J'ai même fait un scan complet + suppression de toutes les infections en mode sans échec + anti spyware + Ccleaner + défragmentation mdr

---> C'est normal, tu as renommé ComboFix en KittyFix.

Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

Double-clique sur OTMoveIt3.exe afin de le lancer.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:services
botdrv
restore
dwshd

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

Voici le rapport :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service\Driver botdrv not found.
Service\Driver botdrv not found.
Service\Driver restore not found.
Service\Driver restore not found.
Service\Driver dwshd not found.
Service\Driver dwshd not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Inv\LOCALS~1\Temp\e4j63.tmp_dir15804\exe4jlib.jar scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Inv\LOCALS~1\Temp\~DF85FB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Inv\Local Settings\Temporary Internet Files\Content.IE5\UWHOSBYN\browse[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Inv\Local Settings\Temporary Internet Files\Content.IE5\OSTKVVL3\ThirdpartyMedRect[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Inv\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_880.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04052009_095726

Files moved on Reboot...
C:\DOCUME~1\Inv\LOCALS~1\Temp\e4j63.tmp_dir15804\exe4jlib.jar moved successfully.
File C:\DOCUME~1\Inv\LOCALS~1\Temp\~DF85FB.tmp not found!
File C:\Documents and Settings\Inv\Local Settings\Temporary Internet Files\Content.IE5\UWHOSBYN\browse[1].htm not found!
File C:\Documents and Settings\Inv\Local Settings\Temporary Internet Files\Content.IE5\OSTKVVL3\ThirdpartyMedRect[1].htm not found!
File C:\WINDOWS\temp\Perflib_Perfdata_880.dat not found!


Merci  


PS : les not found c'est normal j'ai fait une première suppression mais le rapport n'est pas sorti, petit bug alors j'ai recommencé   Mais tout a été supprimé.

Ton PC va bien ?

Tu peux me poster le rapport info situé dans C:\rsit ?

Voici le rapport  

info.txt logfile of random's system information tool 1.06 2009-03-25 08:55:59

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1.0-->"C:\Program Files\gPotato.eu\Street Gears\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Agere Systems PCI Soft Modem-->agrsmdel
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x3837
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class ISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Deckadance-->C:\Program Files\VstPlugins\Deckadance\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Inv\Mes documents\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.21)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Oblivion-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SFR - Media Center-->C:\Program Files\SFR\Media Center\uninstall.exe
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: PLATEFORM
Event Code: 15007
Message: La réservation de l'espace de nom identifié par le préfixe d'URL http://*:2869/ a été correctement ajoutée.

Record Number: 5
Source Name: HTTP
Time Written: 20090314162941.000000+060
Event Type: Informations
User:

Computer Name: PLATEFORM
Event Code: 1005
Message: Votre ordinateur a détecté que l'adresse IP 192.168.1.20 pour la carte
avec l'adresse réseau 00112F21D84E est déjà utilisée sur le réseau.
Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 4
Source Name: Dhcp
Time Written: 20090314162606.000000+060
Event Type: Avertissement
User:

Computer Name: PLATEFORM
Event Code: 6011
Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers PLATEFORM.

Record Number: 3
Source Name: EventLog
Time Written: 20090314162556.000000+060
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090314172013.000000+060
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090314172013.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: PLATEFORM
Event Code: 1001
Message: Détecteur d'erreurs 941474795.

Record Number: 347
Source Name: Application Hang
Time Written: 20090319115123.000000+060
Event Type: erreur
User:

Computer Name: PLATEFORM
Event Code: 1002
Message: Application bloquée Fallout3.exe, version 1.0.0.12, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 346
Source Name: Application Hang
Time Written: 20090319115120.000000+060
Event Type: erreur
User:

Computer Name: PLATEFORM
Event Code: 1000
Message: Application défaillante fallout3.exe, version 1.0.0.12, module défaillant fallout3.exe, version 1.0.0.12, adresse de défaillance 0x00748d95.

Record Number: 345
Source Name: Application Error
Time Written: 20090319115001.000000+060
Event Type: erreur
User:

Computer Name: PLATEFORM
Event Code: 4097
Message: L'application, C:\Program Files\Bethesda Softworks\Fallout 3\Fallout3.exe, a généré une erreur d'application
L'erreur s'est produite le 03/19/2009 à 11:45:36.140
L'exception générée était c0000005 à l'adresse 00B48D95 (Fallout3)

Record Number: 344
Source Name: DrWatson
Time Written: 20090319114536.000000+060
Event Type: Informations
User:

Computer Name: PLATEFORM
Event Code: 1000
Message: Application défaillante fallout3.exe, version 1.0.0.12, module défaillant fallout3.exe, version 1.0.0.12, adresse de défaillance 0x00748d95.

Record Number: 343
Source Name: Application Error
Time Written: 20090319114531.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------


Oui tout va bien excepté de gros ralentissements parfois au niveau du net mais je crois que c'est à cause de ces *** de chez Neuf  

Merci beaucoup Destrio  

Désinstalle les programmes suivants :
- J2SE Runtime Environment 5.0
- Java 6 Update 11

Mets à jour Java.

Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)

En bas à droite, clique sur Démarrer Online-scanner.

Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

Accepte les Contrôles ActiveX.

Choisis Poste de travail pour le scan.

Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

Pour t'aider à utiliser le scan en ligne : Tutoriel

Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.