[Résolu] Problème : Impossible d'accéder aux disques
Dernière réponse : dans Sécurité
Bonjour,
Je vous écris car depuis hier maintenant il m'est impossible de consulter par double clic mes disques durs. A chaque fois un message d'erreur apparait : "Impossible de trouver le fichier script "C:\Msdb87.vbs" ou D:\Msdb87.vbs" ou M\:Msdb87.vbs" ."
La première fois que ça m'est arrivé AVG à détecter un virus mais ça na rien arrangé au problème. Ad-Aware, Spybot et Malwarebyte's non rien trouvé et donc encore moins supprimé un ver ou virus.
Après quelques recherches, je suis tombé sur des forums avec des sujets un chouilla semblable à mon problème mais pour autant pas de solution(s).
Voila, aidez moi arranger ce problème s'il vous plait. Je suis très inquiet car j'ai mon disque dur externe qui lui aussi est touché et dessus j'ai des photos, musiques et cours que je ne veux surtout pas perdre lors d'un formatage et même si j'ai linux sur un autre disque dur je ne sais pas si le virus, ver ou je ne sais quoi ne va pas s'incruster si je fais un copie de sauvegarde sur le disque dur de linux (car même si linux ne sera pas touché, je ne sais pas si au moment de re-copie des fichiers sur le disque dur de windows, le virus, ver ne va pas se re-incruster).
A ceci mon ordinateur marche très bien. Mes logiciels, jeux fonctionnement parfaitement et je peux accéder à mes disques durs par "clic-droit", "ouvrir". Je suis persuadé que c'est un virus ou ver qui est à l'origine de mon problème car il est apparu depuis que j'ai utilisé une clef usb qui a servie sur un ordinateur lui même touché par ce même problème mais que j'ai formaté pour arranger le problème.
Merci de votre aide
Je vous écris car depuis hier maintenant il m'est impossible de consulter par double clic mes disques durs. A chaque fois un message d'erreur apparait : "Impossible de trouver le fichier script "C:\Msdb87.vbs" ou D:\Msdb87.vbs" ou M\:Msdb87.vbs" ."
La première fois que ça m'est arrivé AVG à détecter un virus mais ça na rien arrangé au problème. Ad-Aware, Spybot et Malwarebyte's non rien trouvé et donc encore moins supprimé un ver ou virus.
Après quelques recherches, je suis tombé sur des forums avec des sujets un chouilla semblable à mon problème mais pour autant pas de solution(s).
Voila, aidez moi arranger ce problème s'il vous plait. Je suis très inquiet car j'ai mon disque dur externe qui lui aussi est touché et dessus j'ai des photos, musiques et cours que je ne veux surtout pas perdre lors d'un formatage et même si j'ai linux sur un autre disque dur je ne sais pas si le virus, ver ou je ne sais quoi ne va pas s'incruster si je fais un copie de sauvegarde sur le disque dur de linux (car même si linux ne sera pas touché, je ne sais pas si au moment de re-copie des fichiers sur le disque dur de windows, le virus, ver ne va pas se re-incruster).
A ceci mon ordinateur marche très bien. Mes logiciels, jeux fonctionnement parfaitement et je peux accéder à mes disques durs par "clic-droit", "ouvrir". Je suis persuadé que c'est un virus ou ver qui est à l'origine de mon problème car il est apparu depuis que j'ai utilisé une clef usb qui a servie sur un ordinateur lui même touché par ce même problème mais que j'ai formaté pour arranger le problème.
Merci de votre aide
Autres pages sur : resolu probleme impossible acceder disques
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Dossier : log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 16:24:25
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 25 GB (22%) free of 110 GB
Total RAM: 2047 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:25:21, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Maison\Bureau\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 8431 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-25 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-25 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-25 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"MS-RAD2"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs []
"MS-RADD"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs []
"MS-RADE"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs []
"MS-RAD7"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs []
"MS-RAD6"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs []
"MS-RAD5"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs []
"MS-RAD4"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs []
"MS-RADA"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs []
"MS-RAD1"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs []
"MS-RAD8"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs []
"MS-RAD3"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs []
"MS-RADC"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs []
"MS-RADF"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs []
"MS-RAD9"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs []
"MS-RADB"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs []
"MS-RAD0"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs []
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD0]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad599.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD1]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad7CC.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD2]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radB9E.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD3]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad24D.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD4]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad871.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD5]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad9F8.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD6]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad0F0.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD7]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad80A.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD8]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad6BD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD9]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radD83.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADA]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radE86.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADB]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad7\rad200.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADC]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad2DD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADD]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad941.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADE]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad233.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADF]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radE76.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"NBService"=3
"iPod Service"=3
"MDM"=2
"ATI Smart"=2
"a2free"=2
"a2AntiDialer"=2
"usnjsvc"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=2
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*![:D]( ":D")
isabled:SplinterCell4"
"D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
"D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
"D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
"D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*![:D]( ":D")
isabled:ActOfWar"
"D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled![:p]( ":p")
eggle Extreme"
"D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
"D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c10b0ce-5cd3-11dd-b3d8-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdB87.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59681ea4-5ccc-11dd-9370-a45bc3650dbc}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdB87.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - O:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd0BE.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd980.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd4F7.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd61A.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdC4F.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd3BF.vbs
======List of files/folders created in the last 1 months======
2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
2009-05-01 16:24:25 ----D---- C:\rsit
2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
======List of files/folders modified in the last 1 months======
2009-05-01 16:24:31 ----RD---- C:\Program Files
2009-05-01 16:24:23 ----D---- C:\WINDOWS\Prefetch
2009-05-01 15:49:34 ----D---- C:\WINDOWS\Temp
2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
2009-05-01 15:32:51 ----D---- C:\Program Files\Mozilla Firefox
2009-04-30 19:41:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
2009-04-29 19:15:15 ----SHD---- C:\WINDOWS\Installer
2009-04-29 16:18:52 ----D---- C:\Azureus
2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-28 13:45:52 ----D---- C:\WINDOWS
2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-04-27 15:23:20 ----D---- C:\WINDOWS\system32
2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-26 19:52:18 ----D---- C:\Jeux
2009-04-26 19:48:01 ----D---- C:\dossier de partages
2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
2009-04-25 19:32:52 ----D---- C:\Incomplete
2009-04-25 19:32:45 ----D---- C:\Limewire
2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-19 12:06:00 ----D---- C:\iTunes music
2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
2009-04-03 17:45:53 ----RSH---- C:\boot.ini
2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 az0iqero;az0iqero; C:\WINDOWS\system32\drivers\az0iqero.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-25 152984]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 16:24:25
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 25 GB (22%) free of 110 GB
Total RAM: 2047 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:25:21, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Maison\Bureau\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 8431 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-25 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-25 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-25 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"MS-RAD2"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs []
"MS-RADD"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs []
"MS-RADE"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs []
"MS-RAD7"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs []
"MS-RAD6"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs []
"MS-RAD5"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs []
"MS-RAD4"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs []
"MS-RADA"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs []
"MS-RAD1"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs []
"MS-RAD8"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs []
"MS-RAD3"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs []
"MS-RADC"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs []
"MS-RADF"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs []
"MS-RAD9"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs []
"MS-RADB"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs []
"MS-RAD0"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs []
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD0]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad599.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD1]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad7CC.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD2]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radB9E.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD3]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad24D.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD4]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad871.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD5]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad9F8.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD6]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad0F0.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD7]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad80A.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD8]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad6BD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD9]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radD83.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADA]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radE86.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADB]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad7\rad200.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADC]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad2DD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADD]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad941.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADE]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad233.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADF]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radE76.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"NBService"=3
"iPod Service"=3
"MDM"=2
"ATI Smart"=2
"a2free"=2
"a2AntiDialer"=2
"usnjsvc"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=2
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*
isabled:SplinterCell4""D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
"D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
"D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
"D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*
isabled:ActOfWar""D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled
eggle Extreme""D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
"D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c10b0ce-5cd3-11dd-b3d8-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdB87.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59681ea4-5ccc-11dd-9370-a45bc3650dbc}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdB87.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - O:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd0BE.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd980.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd4F7.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd61A.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdC4F.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd3BF.vbs
======List of files/folders created in the last 1 months======
2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
2009-05-01 16:24:25 ----D---- C:\rsit
2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
======List of files/folders modified in the last 1 months======
2009-05-01 16:24:31 ----RD---- C:\Program Files
2009-05-01 16:24:23 ----D---- C:\WINDOWS\Prefetch
2009-05-01 15:49:34 ----D---- C:\WINDOWS\Temp
2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
2009-05-01 15:32:51 ----D---- C:\Program Files\Mozilla Firefox
2009-04-30 19:41:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
2009-04-29 19:15:15 ----SHD---- C:\WINDOWS\Installer
2009-04-29 16:18:52 ----D---- C:\Azureus
2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-28 13:45:52 ----D---- C:\WINDOWS
2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-04-27 15:23:20 ----D---- C:\WINDOWS\system32
2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-26 19:52:18 ----D---- C:\Jeux
2009-04-26 19:48:01 ----D---- C:\dossier de partages
2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
2009-04-25 19:32:52 ----D---- C:\Incomplete
2009-04-25 19:32:45 ----D---- C:\Limewire
2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-19 12:06:00 ----D---- C:\iTunes music
2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
2009-04-03 17:45:53 ----RSH---- C:\boot.ini
2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 az0iqero;az0iqero; C:\WINDOWS\system32\drivers\az0iqero.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-25 152984]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Dossier : into.txt
info.txt logfile of random's system information tool 1.06 2009-05-01 16:25:27
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ableton Live v7.0.1-->"C:\Program Files\Ableton\Live 7.0.1\Uninstall\unins000.exe"
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{230CCBE9-14B0-4008-97AF-30C10F99E42C}\setup.exe" -l0x40c
a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
a-squared HiJackFree 3.1-->"C:\Program Files\a-squared HiJackFree\unins000.exe"
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class![:D]( ":D")
ISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x040c -removeonly
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BioShock-->C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\Setup.exe -runfromtemp -l0x040c -removeonly
Black & White® 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x40c -removeonly
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
burnatonce-->"C:\Program Files\burnatonce\unins000.exe"
Call of Duty(R) 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374}
CanoScan Toolbox 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}\setup.exe" -l0x40c anything
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Collection Microsoft Encarta 2005-->MsiExec.exe /I{054600C0-64A6-4248-A026-9745C1E9E159}
Command & Conquer 3 Tiberium Wars™ Demo-->MsiExec.exe /I{39F7653F-3E82-4FED-9EE5-6B9253EA57E3}
Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Earth 2160-->D:\Jeux\EARTH2~1\Uninstall_Earth2160.exe /U D:\Jeux\EARTH2~1\install.log
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Fable - The Lost Chapters-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
FEAR-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x40c /zU -removeonly
FileAlyzer-->"C:\Program Files\Safer Networking\FileAlyzer\unins000.exe"
FW LiveUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11F5D779-7BD9-465A-BBC4-10701386BCB9}\setup.exe" -l0x9 -removeonly
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Half-Life 2: Episode One-->"C:\Program Files\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two-->"C:\Program Files\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20071984-5EB1-4881-8EDB-082532ACEC6D}\setup.exe" -l0x40c
Heroes of Might and Magic® III The Shadow of Death(TM)-->C:\WINDOWS\IsUn040c.exe -f"d:\jeux\Hereos III\Uninst.isu" -c"d:\jeux\Hereos III\uninst.dll
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Homeworld2-->D:\Jeux\Homeworld2\uninstall.exe
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jurassic Park Operation Genesis-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Age of Empires II-->"D:\Jeux\Age of Empire II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Halo-->"C:\Jeux\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS-->C:\PROGRA~1\NATIVE~1\Massive\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Massive\INSTALL.LOG
Need for Speed Underground 2-->D:\Jeux\NFS underground 2\EAUninstall.exe
Need for Speed™ Carbon-->D:\Jeux\NFS Carbon\EAUninstall.exe
Need for Speed™ Most Wanted-->D:\Jeux\NFS Most Wanted\EAUninstall.exe
Nero 7 Essentials-->MsiExec.exe /I{F87DA817-8D53-42CC-AA45-93A100341036}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Peggle Extreme-->"C:\Program Files\Steam\steam.exe" steam://uninstall/3483
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400
Prince of Persia T2T-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x40c -removeonly
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rayman Raving Rabbids-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{111E336D-30BF-4CD4-8D69-4541732AFB27}\setup.exe" -l0x40c -removeonly
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
RegAlyzer (OpenSBI Edition)-->"C:\Program Files\Safer Networking\RegAlyzer\unins000.exe"
Richard Burns Rally-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92C7D009-A464-4948-A980-7A3E28CB2F49}\setup.exe" -l0x40c
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SimCity 3000-->C:\WINDOWS\IsUn040c.exe -f"d:\jeux\SimCity 3000\Uninst.isu"
Sonic and Knuckles-->D:\Jeux\Sonic\Sonic and Knuckles\Uninstal.exe
Sonic the Hedgehog 3-->D:\Jeux\Sonic\Sonic the Hedgehog 3\Uninstal.exe
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{5CC68528-24FF-4DF8-91C9-AF540F98505A}
Sony Ericsson PC Suite 4.006.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x040c -removeonly
Sony Ericsson PC Suite-->MsiExec.exe /I{B192E1BB-98A4-4369-9271-96117A57F546}
SoulSeek 157 NS 13c-->"C:\Program Files\SoulseekNS\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x40c
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Sunbelt Personal Firewall-->MsiExec.exe /X{F61A549E-9C8A-4859-8BFE-2A4A018BBA4A}
Supreme Commander-->C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x040c -removeonly
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Vuze-->C:\Program Files\Vuze\uninstall.exe
WellPhone DirectSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEC7E01-B73C-451D-A366-96978AFD233B}\setup.exe" UNINSTALL
WellPhone-->"C:\Program Files\SmartCom\WellPhone\UnInst32.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
xp-AntiSpy 3.96-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus Free
FW: Sunbelt Personal Firewall
======System event log======
Computer Name: NOUS
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments ""
pour démarrer le serveur :
{0C0A3666-30C9-11D0-8F20-00805F2CD064}
Record Number: 169
Source Name: DCOM
Time Written: 20090331212923.000000+120
Event Type: erreur
User: NOUS\Maison
Computer Name: NOUS
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments ""
pour démarrer le serveur :
{0C0A3666-30C9-11D0-8F20-00805F2CD064}
Record Number: 168
Source Name: DCOM
Time Written: 20090331204125.000000+120
Event Type: erreur
User: NOUS\Maison
Computer Name: NOUS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.
Record Number: 167
Source Name: Service Control Manager
Time Written: 20090331203950.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 166
Source Name: Service Control Manager
Time Written: 20090331203944.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 165
Source Name: Service Control Manager
Time Written: 20090331203944.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: NOUS
Event Code: 1100
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 774
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224020.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 773
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224020.000000+120
Event Type:
User:
Computer Name: NOUS
Event Code: 1100
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 772
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224018.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 771
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224018.000000+120
Event Type:
User:
Computer Name: NOUS
Event Code: 1100
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 770
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224017.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-05-01 16:25:27
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ableton Live v7.0.1-->"C:\Program Files\Ableton\Live 7.0.1\Uninstall\unins000.exe"
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{230CCBE9-14B0-4008-97AF-30C10F99E42C}\setup.exe" -l0x40c
a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
a-squared HiJackFree 3.1-->"C:\Program Files\a-squared HiJackFree\unins000.exe"
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -cleanAudacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x040c -removeonly
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BioShock-->C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\Setup.exe -runfromtemp -l0x040c -removeonly
Black & White® 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x40c -removeonly
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
burnatonce-->"C:\Program Files\burnatonce\unins000.exe"
Call of Duty(R) 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374}
CanoScan Toolbox 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}\setup.exe" -l0x40c anything
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Collection Microsoft Encarta 2005-->MsiExec.exe /I{054600C0-64A6-4248-A026-9745C1E9E159}
Command & Conquer 3 Tiberium Wars™ Demo-->MsiExec.exe /I{39F7653F-3E82-4FED-9EE5-6B9253EA57E3}
Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Earth 2160-->D:\Jeux\EARTH2~1\Uninstall_Earth2160.exe /U D:\Jeux\EARTH2~1\install.log
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Fable - The Lost Chapters-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
FEAR-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x40c /zU -removeonly
FileAlyzer-->"C:\Program Files\Safer Networking\FileAlyzer\unins000.exe"
FW LiveUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11F5D779-7BD9-465A-BBC4-10701386BCB9}\setup.exe" -l0x9 -removeonly
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Half-Life 2: Episode One-->"C:\Program Files\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two-->"C:\Program Files\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20071984-5EB1-4881-8EDB-082532ACEC6D}\setup.exe" -l0x40c
Heroes of Might and Magic® III The Shadow of Death(TM)-->C:\WINDOWS\IsUn040c.exe -f"d:\jeux\Hereos III\Uninst.isu" -c"d:\jeux\Hereos III\uninst.dll
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Homeworld2-->D:\Jeux\Homeworld2\uninstall.exe
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jurassic Park Operation Genesis-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Age of Empires II-->"D:\Jeux\Age of Empire II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Halo-->"C:\Jeux\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS-->C:\PROGRA~1\NATIVE~1\Massive\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Massive\INSTALL.LOG
Need for Speed Underground 2-->D:\Jeux\NFS underground 2\EAUninstall.exe
Need for Speed™ Carbon-->D:\Jeux\NFS Carbon\EAUninstall.exe
Need for Speed™ Most Wanted-->D:\Jeux\NFS Most Wanted\EAUninstall.exe
Nero 7 Essentials-->MsiExec.exe /I{F87DA817-8D53-42CC-AA45-93A100341036}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Peggle Extreme-->"C:\Program Files\Steam\steam.exe" steam://uninstall/3483
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400
Prince of Persia T2T-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x40c -removeonly
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rayman Raving Rabbids-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{111E336D-30BF-4CD4-8D69-4541732AFB27}\setup.exe" -l0x40c -removeonly
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
RegAlyzer (OpenSBI Edition)-->"C:\Program Files\Safer Networking\RegAlyzer\unins000.exe"
Richard Burns Rally-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92C7D009-A464-4948-A980-7A3E28CB2F49}\setup.exe" -l0x40c
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SimCity 3000-->C:\WINDOWS\IsUn040c.exe -f"d:\jeux\SimCity 3000\Uninst.isu"
Sonic and Knuckles-->D:\Jeux\Sonic\Sonic and Knuckles\Uninstal.exe
Sonic the Hedgehog 3-->D:\Jeux\Sonic\Sonic the Hedgehog 3\Uninstal.exe
Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers-->MsiExec.exe /I{5CC68528-24FF-4DF8-91C9-AF540F98505A}
Sony Ericsson PC Suite 4.006.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x040c -removeonly
Sony Ericsson PC Suite-->MsiExec.exe /I{B192E1BB-98A4-4369-9271-96117A57F546}
SoulSeek 157 NS 13c-->"C:\Program Files\SoulseekNS\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x40c
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Sunbelt Personal Firewall-->MsiExec.exe /X{F61A549E-9C8A-4859-8BFE-2A4A018BBA4A}
Supreme Commander-->C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x040c -removeonly
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Vuze-->C:\Program Files\Vuze\uninstall.exe
WellPhone DirectSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEC7E01-B73C-451D-A366-96978AFD233B}\setup.exe" UNINSTALL
WellPhone-->"C:\Program Files\SmartCom\WellPhone\UnInst32.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
xp-AntiSpy 3.96-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus Free
FW: Sunbelt Personal Firewall
======System event log======
Computer Name: NOUS
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments ""
pour démarrer le serveur :
{0C0A3666-30C9-11D0-8F20-00805F2CD064}
Record Number: 169
Source Name: DCOM
Time Written: 20090331212923.000000+120
Event Type: erreur
User: NOUS\Maison
Computer Name: NOUS
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments ""
pour démarrer le serveur :
{0C0A3666-30C9-11D0-8F20-00805F2CD064}
Record Number: 168
Source Name: DCOM
Time Written: 20090331204125.000000+120
Event Type: erreur
User: NOUS\Maison
Computer Name: NOUS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.
Record Number: 167
Source Name: Service Control Manager
Time Written: 20090331203950.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 166
Source Name: Service Control Manager
Time Written: 20090331203944.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 165
Source Name: Service Control Manager
Time Written: 20090331203944.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: NOUS
Event Code: 1100
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 774
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224020.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 773
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224020.000000+120
Event Type:
User:
Computer Name: NOUS
Event Code: 1100
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 772
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224018.000000+120
Event Type: Informations
User:
Computer Name: NOUS
Event Code: 1102
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 771
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224018.000000+120
Event Type:
User:
Computer Name: NOUS
Event Code: 1100
Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Record Number: 770
Source Name: .NET Runtime Optimization Service
Time Written: 20080910224017.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=4303
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
rapport UsbFix.txt :
############################## [ UsbFix V3.015 # Scan ]
# User : Maison (Administrateurs) # NOUS
# Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 16:39:14 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,13 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (35,99 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Maison"
HKLM_logon: "AltDefaultUserName"="Maison"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: Alcmtr=ALCMTR.EXE
HKLM_Run: EPSON Stylus Photo R240 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
HKLM_Run: AppleSyncNotifier=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKLM_Run: Ad-Watch=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: MS-RAD2=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
HKLM_Run: MS-RADD=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
HKLM_Run: MS-RADE=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
HKLM_Run: MS-RAD7=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
HKLM_Run: MS-RAD6=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
HKLM_Run: MS-RAD5=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
HKLM_Run: MS-RAD4=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
HKLM_Run: MS-RADA=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
HKLM_Run: MS-RAD1=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
HKLM_Run: MS-RAD8=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
HKLM_Run: MS-RAD3=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
HKLM_Run: MS-RADC=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
HKLM_Run: MS-RADF=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
HKLM_Run: MS-RAD9=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
HKLM_Run: MS-RADB=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
HKLM_Run: MS-RAD0=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
HKLM_Run: CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
################## [ Informations ]
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\autorun.inf
Found ! D:\autorun.inf
Found ! M:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
HKCU\Software\Microsoft\....\MountPoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}\Shell\Auto\command
HKCU\Software\Microsoft\....\MountPoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{4c10b0ce-5cd3-11dd-b3d8-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{59681ea4-5ccc-11dd-9370-a45bc3650dbc}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}\Shell\AutoRun\command
################## [ ! Fin du rapport # UsbFix V3.015 ! ]
############################## [ UsbFix V3.015 # Scan ]
# User : Maison (Administrateurs) # NOUS
# Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 16:39:14 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,13 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (35,99 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Maison"
HKLM_logon: "AltDefaultUserName"="Maison"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: Alcmtr=ALCMTR.EXE
HKLM_Run: EPSON Stylus Photo R240 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
HKLM_Run: AppleSyncNotifier=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKLM_Run: Ad-Watch=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: MS-RAD2=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
HKLM_Run: MS-RADD=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
HKLM_Run: MS-RADE=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
HKLM_Run: MS-RAD7=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
HKLM_Run: MS-RAD6=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
HKLM_Run: MS-RAD5=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
HKLM_Run: MS-RAD4=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
HKLM_Run: MS-RADA=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
HKLM_Run: MS-RAD1=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
HKLM_Run: MS-RAD8=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
HKLM_Run: MS-RAD3=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
HKLM_Run: MS-RADC=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
HKLM_Run: MS-RADF=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
HKLM_Run: MS-RAD9=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
HKLM_Run: MS-RADB=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
HKLM_Run: MS-RAD0=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
HKLM_Run: CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
################## [ Informations ]
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\autorun.inf
Found ! D:\autorun.inf
Found ! M:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
HKCU\Software\Microsoft\....\MountPoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}\Shell\Auto\command
HKCU\Software\Microsoft\....\MountPoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{4c10b0ce-5cd3-11dd-b3d8-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{59681ea4-5ccc-11dd-9370-a45bc3650dbc}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}\Shell\AutoRun\command
################## [ ! Fin du rapport # UsbFix V3.015 ! ]
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
############################## [ UsbFix V3.015 # Cleaning ]
# User : Maison (Administrateurs) # NOUS
# Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 16:58:38 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,13 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (35,99 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! C:\autorun.inf
Deleted ! D:\autorun.inf
Deleted ! M:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ Listing des fichiers présent ]
[01/05/2009 16:57|--a------|47061] - C:\aaw7boot.log
[12/02/2009 17:15|--a------|0] - C:\AILog.txt
[28/07/2008 19:11|--a------|0] - C:\AUTOEXEC.BAT
[03/04/2009 17:45|-r-hs----|224] - C:\boot.ini
[28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
[28/07/2008 19:11|--a------|0] - C:\CONFIG.SYS
[28/07/2008 19:11|-rahs----|0] - C:\IO.SYS
[28/07/2008 19:11|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[30/04/2009 19:36|--a------|251] - C:\rapport_clean.txt
[30/04/2009 19:36|--a------|98] - C:\resultat_clean.txt
[30/04/2009 19:36|--a------|7540460] - C:\upload_moi_NOUS.tar.gz
[01/05/2009 17:01|--a------|3302] - C:\UsbFix.txt
[22/04/2009 23:51|--a------|15260] - M:\58a.jpg
[29/03/2009 22:46|--a------|1039415] - M:\734848.pdf
[19/04/2009 20:35|--a------|219568] - M:\carnavaldeveniseenorlj5.jpg
[22/04/2009 23:33|--a------|1139974] - M:\homme-de-dos.jpg
[13/04/2009 20:42|--a------|25088] - M:\Les 4 ‚tapes d.doc
[30/03/2009 12:53|--a------|46034] - M:\Lettre pr‚sident.pdf
[30/03/2009 00:17|--a------|21292] - M:\n1330067033_239634_1658.jpg
[30/03/2009 12:56|--a------|16224] - M:\PY0006Y_chap_5_corriges_exos_1-2-3-7.pdf
[30/03/2009 12:56|--a------|39427] - M:\PY0006Y_chap_5_variables_ordinales.pdf
################## [ Vaccination ]
# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# M:\autorun.inf -> Folder created by UsbFix.
################## [ Cracks / Keygens / Serials ]
C:\Documents and Settings\Maison\Bureau\mirror_s_edge_patch_v1.01_multi-langues_273164.exe
################## [ ! Fin du rapport # UsbFix V3.015 ! ]
1/
Désinstalle les programmes suivants :
- Java 6 Update 11
- Java 6 Update 7
- UsbFix
Mets à jour Java.
Mets à jour Internet Explorer.
2/
Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
- Java 6 Update 11
- Java 6 Update 7
- UsbFix
2/
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Je n'utilise pas internet explorer mais mozilla (qui est à jour) donc je ne pense pas qu'il soit nécessaire de le mettre à jour. Ensuite spybot semble avoir vacciné les appli de mozilla et IE. Sinon j'ai bien supprimé Java 6 upd 11 & upd 7 et je viens de le mettre à jour.
Résultat du scanne :
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2063
Windows 5.1.2600 Service Pack 2
01/05/2009 17:15:38
mbam-log-2009-05-01 (17-15-38).txt
Type de recherche: Examen rapide
Eléments examinés: 83067
Temps écoulé: 3 minute(s), 32 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Résultat du scanne :
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2063
Windows 5.1.2600 Service Pack 2
01/05/2009 17:15:38
mbam-log-2009-05-01 (17-15-38).txt
Type de recherche: Examen rapide
Eléments examinés: 83067
Temps écoulé: 3 minute(s), 32 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 19:37:06
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 25 GB (23%) free of 110 GB
Total RAM: 2047 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:25, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 8061 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"MS-RAD2"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs []
"MS-RADD"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs []
"MS-RADE"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs []
"MS-RAD7"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs []
"MS-RAD6"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs []
"MS-RAD5"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs []
"MS-RAD4"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs []
"MS-RADA"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs []
"MS-RAD1"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs []
"MS-RAD8"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs []
"MS-RAD3"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs []
"MS-RADC"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs []
"MS-RADF"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs []
"MS-RAD9"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs []
"MS-RADB"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs []
"MS-RAD0"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs []
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD0]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad599.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD1]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad7CC.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD2]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radB9E.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD3]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad24D.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD4]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad871.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD5]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad9F8.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD6]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad0F0.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD7]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad80A.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD8]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad6BD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD9]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radD83.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADA]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radE86.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADB]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad7\rad200.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADC]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad2DD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADD]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad941.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADE]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad233.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADF]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radE76.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"NBService"=3
"iPod Service"=3
"MDM"=2
"ATI Smart"=2
"a2free"=2
"a2AntiDialer"=2
"usnjsvc"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=2
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*![:D]( ":D")
isabled:SplinterCell4"
"D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
"D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
"D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
"D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*![:D]( ":D")
isabled:ActOfWar"
"D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled![:p]( ":p")
eggle Extreme"
"D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
"D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - O:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd0BE.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd980.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd4F7.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd61A.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdC4F.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd3BF.vbs
======List of files/folders created in the last 1 months======
2009-05-01 17:01:53 ----RASHD---- C:\autorun.inf
2009-05-01 16:37:50 ----D---- C:\UsbFix
2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
2009-05-01 16:24:25 ----D---- C:\rsit
2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
======List of files/folders modified in the last 1 months======
2009-05-01 19:37:15 ----D---- C:\WINDOWS\Prefetch
2009-05-01 19:35:37 ----D---- C:\Program Files\Mozilla Firefox
2009-05-01 19:34:39 ----D---- C:\WINDOWS\Temp
2009-05-01 17:26:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-01 17:16:21 ----SHD---- C:\WINDOWS\Installer
2009-05-01 17:16:17 ----D---- C:\Program Files\Java
2009-05-01 17:16:16 ----D---- C:\Program Files\Fichiers communs
2009-05-01 17:16:08 ----D---- C:\WINDOWS\system32
2009-05-01 16:24:31 ----RD---- C:\Program Files
2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
2009-04-29 16:18:52 ----D---- C:\Azureus
2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-28 13:45:52 ----D---- C:\WINDOWS
2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-27 14:23:58 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-26 19:52:18 ----D---- C:\Jeux
2009-04-26 19:48:01 ----D---- C:\dossier de partages
2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
2009-04-25 19:32:52 ----D---- C:\Incomplete
2009-04-25 19:32:45 ----D---- C:\Limewire
2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-19 12:06:00 ----D---- C:\iTunes music
2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
2009-04-03 17:45:53 ----RSH---- C:\boot.ini
2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 aevt6pi1;aevt6pi1; C:\WINDOWS\system32\drivers\aevt6pi1.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Run by Maison at 2009-05-01 19:37:06
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 25 GB (23%) free of 110 GB
Total RAM: 2047 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:25, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 8061 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"MS-RAD2"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs []
"MS-RADD"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs []
"MS-RADE"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs []
"MS-RAD7"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs []
"MS-RAD6"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs []
"MS-RAD5"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs []
"MS-RAD4"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs []
"MS-RADA"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs []
"MS-RAD1"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs []
"MS-RAD8"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs []
"MS-RAD3"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs []
"MS-RADC"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs []
"MS-RADF"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs []
"MS-RAD9"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs []
"MS-RADB"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs []
"MS-RAD0"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs []
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD0]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad599.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD1]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad7CC.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD2]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radB9E.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD3]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad24D.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD4]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad871.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD5]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad9F8.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD6]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad0F0.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD7]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad80A.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD8]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad6BD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD9]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radD83.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADA]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radE86.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADB]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad7\rad200.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADC]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad2DD.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADD]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad941.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADE]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad233.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADF]
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radE76.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"NBService"=3
"iPod Service"=3
"MDM"=2
"ATI Smart"=2
"a2free"=2
"a2AntiDialer"=2
"usnjsvc"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=2
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*
isabled:SplinterCell4""D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
"D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
"D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
"D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*
isabled:ActOfWar""D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled
eggle Extreme""D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
"D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - O:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd0BE.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd980.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd4F7.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd61A.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdC4F.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd3BF.vbs
======List of files/folders created in the last 1 months======
2009-05-01 17:01:53 ----RASHD---- C:\autorun.inf
2009-05-01 16:37:50 ----D---- C:\UsbFix
2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
2009-05-01 16:24:25 ----D---- C:\rsit
2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
======List of files/folders modified in the last 1 months======
2009-05-01 19:37:15 ----D---- C:\WINDOWS\Prefetch
2009-05-01 19:35:37 ----D---- C:\Program Files\Mozilla Firefox
2009-05-01 19:34:39 ----D---- C:\WINDOWS\Temp
2009-05-01 17:26:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-01 17:16:21 ----SHD---- C:\WINDOWS\Installer
2009-05-01 17:16:17 ----D---- C:\Program Files\Java
2009-05-01 17:16:16 ----D---- C:\Program Files\Fichiers communs
2009-05-01 17:16:08 ----D---- C:\WINDOWS\system32
2009-05-01 16:24:31 ----RD---- C:\Program Files
2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
2009-04-29 16:18:52 ----D---- C:\Azureus
2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-28 13:45:52 ----D---- C:\WINDOWS
2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-27 14:23:58 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-26 19:52:18 ----D---- C:\Jeux
2009-04-26 19:48:01 ----D---- C:\dossier de partages
2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
2009-04-25 19:32:52 ----D---- C:\Incomplete
2009-04-25 19:32:45 ----D---- C:\Limewire
2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-19 12:06:00 ----D---- C:\iTunes music
2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
2009-04-03 17:45:53 ----RSH---- C:\boot.ini
2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 aevt6pi1;aevt6pi1; C:\WINDOWS\system32\drivers\aevt6pi1.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Refais l'option 2 d'UsbFix avec la nouvelle version qui vient de sortir :
http://sd-1.archive-host.com/membres/up/127028005715545...
http://sd-1.archive-host.com/membres/up/127028005715545...
J'ai joint le rapport. Usnfix à découvert la petite mrd sur mon MP3 mais c'est nettoyé cependant je viens de découvrir avec une folle joie ![:pt1cable:]( ":pt1cable:")
que l'ordi portable de la maison et maintenant touché. Je vais utiliser les mêmes procédure que vous m'avez donné
############################## [ UsbFix V3.016 # Cleaning ]
# User : Maison (Administrateurs) # NOUS
# Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 20:32:53 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,48 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (36,33 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 896,29 Mo (6,38 Mo free) [O'CONNELL] # FAT32
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! F:\MSd61A.vbs
Deleted ! F:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ Listing des fichiers présent ]
[01/05/2009 20:32|--a------|48181] - C:\aaw7boot.log
[12/02/2009 17:15|--a------|0] - C:\AILog.txt
[28/07/2008 19:11|--a------|0] - C:\AUTOEXEC.BAT
[03/04/2009 17:45|-r-hs----|224] - C:\boot.ini
[28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
[28/07/2008 19:11|--a------|0] - C:\CONFIG.SYS
[28/07/2008 19:11|-rahs----|0] - C:\IO.SYS
[28/07/2008 19:11|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[30/04/2009 19:36|--a------|251] - C:\rapport_clean.txt
[30/04/2009 19:36|--a------|98] - C:\resultat_clean.txt
[30/04/2009 19:36|--a------|7540460] - C:\upload_moi_NOUS.tar.gz
[01/05/2009 20:36|--a------|3343] - C:\UsbFix.txt
[16/04/2009 09:07|--a------|1618] - F:\BOOTEX.LOG
[22/04/2009 23:51|--a------|15260] - M:\58a.jpg
[29/03/2009 22:46|--a------|1039415] - M:\734848.pdf
[19/04/2009 20:35|--a------|219568] - M:\carnavaldeveniseenorlj5.jpg
[22/04/2009 23:33|--a------|1139974] - M:\homme-de-dos.jpg
[13/04/2009 20:42|--a------|25088] - M:\Les 4 ‚tapes d.doc
[30/03/2009 12:53|--a------|46034] - M:\Lettre pr‚sident.pdf
[30/03/2009 00:17|--a------|21292] - M:\n1330067033_239634_1658.jpg
[30/03/2009 12:56|--a------|16224] - M:\PY0006Y_chap_5_corriges_exos_1-2-3-7.pdf
[30/03/2009 12:56|--a------|39427] - M:\PY0006Y_chap_5_variables_ordinales.pdf
################## [ Vaccination ]
# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# M:\autorun.inf -> Folder created by UsbFix.
################## [ Cracks / Keygens / Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.016 ! ]
que l'ordi portable de la maison et maintenant touché. Je vais utiliser les mêmes procédure que vous m'avez donné ############################## [ UsbFix V3.016 # Cleaning ]
# User : Maison (Administrateurs) # NOUS
# Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 20:32:53 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,48 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (36,33 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 896,29 Mo (6,38 Mo free) [O'CONNELL] # FAT32
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! F:\MSd61A.vbs
Deleted ! F:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ Listing des fichiers présent ]
[01/05/2009 20:32|--a------|48181] - C:\aaw7boot.log
[12/02/2009 17:15|--a------|0] - C:\AILog.txt
[28/07/2008 19:11|--a------|0] - C:\AUTOEXEC.BAT
[03/04/2009 17:45|-r-hs----|224] - C:\boot.ini
[28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
[28/07/2008 19:11|--a------|0] - C:\CONFIG.SYS
[28/07/2008 19:11|-rahs----|0] - C:\IO.SYS
[28/07/2008 19:11|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[30/04/2009 19:36|--a------|251] - C:\rapport_clean.txt
[30/04/2009 19:36|--a------|98] - C:\resultat_clean.txt
[30/04/2009 19:36|--a------|7540460] - C:\upload_moi_NOUS.tar.gz
[01/05/2009 20:36|--a------|3343] - C:\UsbFix.txt
[16/04/2009 09:07|--a------|1618] - F:\BOOTEX.LOG
[22/04/2009 23:51|--a------|15260] - M:\58a.jpg
[29/03/2009 22:46|--a------|1039415] - M:\734848.pdf
[19/04/2009 20:35|--a------|219568] - M:\carnavaldeveniseenorlj5.jpg
[22/04/2009 23:33|--a------|1139974] - M:\homme-de-dos.jpg
[13/04/2009 20:42|--a------|25088] - M:\Les 4 ‚tapes d.doc
[30/03/2009 12:53|--a------|46034] - M:\Lettre pr‚sident.pdf
[30/03/2009 00:17|--a------|21292] - M:\n1330067033_239634_1658.jpg
[30/03/2009 12:56|--a------|16224] - M:\PY0006Y_chap_5_corriges_exos_1-2-3-7.pdf
[30/03/2009 12:56|--a------|39427] - M:\PY0006Y_chap_5_variables_ordinales.pdf
################## [ Vaccination ]
# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# M:\autorun.inf -> Folder created by UsbFix.
################## [ Cracks / Keygens / Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.016 ! ]
Tout les périphériques de la maison qui ont touché l'ordinateur, que l'on ne désinfectait pas, sont infectés, c'est hallucinant. Je suis en train de nettoyer tout les périphériques et le PC "non désinfecté" en ce moment avec UsbFix. Cependant en lisant le rapport de l'ordinateur "non désinfecté" du scanner de UsbFix je crois que ce dernier et à l'origine du problème car là UsbFix a trouvé des fichiers registre infecté contrairement à l'ordinateur que l'on désinfectait.
Je vous glisse le rapport de l'ordinateur infecté dés que je peux
Je vous glisse le rapport de l'ordinateur infecté dés que je peux
Voici le tout dernier rapport de l'ordinateur que l'on ne désinfectait pas. C'est dommage il n'y apparait pas les fichiers registre qui étaient touché au précédent scanner. Je pense mettre débarrassé de cette chose. Si il y a d'autre chose à savoir ou des conseils à propos de ce trucvirus spy je suis prenneur =)
############################## [ UsbFix V3.016 # Cleaning ]
# User : Maison (Administrateurs) # VOUS
# Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 21:11:41 | 01/05/2009
# Mobile AMD Sempron(tm) Processor 3500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1861 T
# C:\ # Disque fixe local # 74,52 Go (53,26 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# F:\ # Disque amovible # 7,42 Go (3,84 Go free) [CATHERINE] # FAT32
# G:\ # Disque amovible # 927,77 Mo (655,73 Mo free) [WALKMAN] # FAT32
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! G:\MSd???.vbs
Deleted ! G:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ Listing des fichiers présent ]
[11/04/2009 21:20|--a------|0] - C:\AUTOEXEC.BAT
[11/04/2009 23:23|-r-hs----|212] - C:\boot.ini
[28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
[11/04/2009 21:20|--a------|0] - C:\CONFIG.SYS
[11/04/2009 21:20|-rahs----|0] - C:\IO.SYS
[11/04/2009 21:20|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[11/04/2009 23:23|--ah-----|268] - C:\sqmdata00.sqm
[20/04/2009 13:31|--ah-----|268] - C:\sqmdata01.sqm
[21/04/2009 22:56|--ah-----|268] - C:\sqmdata02.sqm
[23/04/2009 19:47|--ah-----|268] - C:\sqmdata03.sqm
[23/04/2009 19:51|--ah-----|268] - C:\sqmdata04.sqm
[23/04/2009 19:53|--ah-----|268] - C:\sqmdata05.sqm
[23/04/2009 23:13|--ah-----|268] - C:\sqmdata06.sqm
[24/04/2009 19:25|--ah-----|268] - C:\sqmdata07.sqm
[11/04/2009 23:23|--ah-----|244] - C:\sqmnoopt00.sqm
[20/04/2009 13:31|--ah-----|244] - C:\sqmnoopt01.sqm
[21/04/2009 22:56|--ah-----|244] - C:\sqmnoopt02.sqm
[23/04/2009 19:47|--ah-----|244] - C:\sqmnoopt03.sqm
[23/04/2009 19:51|--ah-----|244] - C:\sqmnoopt04.sqm
[23/04/2009 19:53|--ah-----|244] - C:\sqmnoopt05.sqm
[23/04/2009 23:13|--ah-----|244] - C:\sqmnoopt06.sqm
[24/04/2009 19:25|--ah-----|244] - C:\sqmnoopt07.sqm
[01/05/2009 21:17|--a------|3613] - C:\UsbFix.txt
[01/05/2009 20:17|--a------|702837] - E:\UsbFix.exe
[17/10/2063 23:15|---------|0] - F:\.metadata_never_index
[16/03/2008 20:39|--ah-----|4194304] - G:\STDBSTR.DAT
[16/03/2008 20:39|--ah-----|40] - G:\STDBSTR.IDX
[16/03/2008 20:39|--ah-----|1900544] - G:\STDBDATA.DAT
[16/03/2008 20:39|--ah-----|4] - G:\STDBDATA.IDX
[16/03/2008 20:39|--ah-----|560512] - G:\RAMLIST.DAT
[16/03/2008 20:39|--ah-----|40040] - G:\playqueue.dat
[16/03/2008 20:39|--ah-----|927] - G:\SETSTOR.DAT
[20/03/2008 10:19|---hs----|1052672] - G:\STSTORE.HDS
[20/03/2008 10:19|---hs----|1052672] - G:\SSTORE.HDS
################## [ Vaccination ]
# C:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# G:\autorun.inf -> Folder created by UsbFix.
################## [ Cracks / Keygens / Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.016 ! ]
############################## [ UsbFix V3.016 # Cleaning ]
# User : Maison (Administrateurs) # VOUS
# Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 21:11:41 | 01/05/2009
# Mobile AMD Sempron(tm) Processor 3500+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1861 T
# C:\ # Disque fixe local # 74,52 Go (53,26 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# F:\ # Disque amovible # 7,42 Go (3,84 Go free) [CATHERINE] # FAT32
# G:\ # Disque amovible # 927,77 Mo (655,73 Mo free) [WALKMAN] # FAT32
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
################## [ Fichiers # Dossiers infectieux ]
Deleted ! G:\MSd???.vbs
Deleted ! G:\autorun.inf
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ Listing des fichiers présent ]
[11/04/2009 21:20|--a------|0] - C:\AUTOEXEC.BAT
[11/04/2009 23:23|-r-hs----|212] - C:\boot.ini
[28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
[11/04/2009 21:20|--a------|0] - C:\CONFIG.SYS
[11/04/2009 21:20|-rahs----|0] - C:\IO.SYS
[11/04/2009 21:20|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[11/04/2009 23:23|--ah-----|268] - C:\sqmdata00.sqm
[20/04/2009 13:31|--ah-----|268] - C:\sqmdata01.sqm
[21/04/2009 22:56|--ah-----|268] - C:\sqmdata02.sqm
[23/04/2009 19:47|--ah-----|268] - C:\sqmdata03.sqm
[23/04/2009 19:51|--ah-----|268] - C:\sqmdata04.sqm
[23/04/2009 19:53|--ah-----|268] - C:\sqmdata05.sqm
[23/04/2009 23:13|--ah-----|268] - C:\sqmdata06.sqm
[24/04/2009 19:25|--ah-----|268] - C:\sqmdata07.sqm
[11/04/2009 23:23|--ah-----|244] - C:\sqmnoopt00.sqm
[20/04/2009 13:31|--ah-----|244] - C:\sqmnoopt01.sqm
[21/04/2009 22:56|--ah-----|244] - C:\sqmnoopt02.sqm
[23/04/2009 19:47|--ah-----|244] - C:\sqmnoopt03.sqm
[23/04/2009 19:51|--ah-----|244] - C:\sqmnoopt04.sqm
[23/04/2009 19:53|--ah-----|244] - C:\sqmnoopt05.sqm
[23/04/2009 23:13|--ah-----|244] - C:\sqmnoopt06.sqm
[24/04/2009 19:25|--ah-----|244] - C:\sqmnoopt07.sqm
[01/05/2009 21:17|--a------|3613] - C:\UsbFix.txt
[01/05/2009 20:17|--a------|702837] - E:\UsbFix.exe
[17/10/2063 23:15|---------|0] - F:\.metadata_never_index
[16/03/2008 20:39|--ah-----|4194304] - G:\STDBSTR.DAT
[16/03/2008 20:39|--ah-----|40] - G:\STDBSTR.IDX
[16/03/2008 20:39|--ah-----|1900544] - G:\STDBDATA.DAT
[16/03/2008 20:39|--ah-----|4] - G:\STDBDATA.IDX
[16/03/2008 20:39|--ah-----|560512] - G:\RAMLIST.DAT
[16/03/2008 20:39|--ah-----|40040] - G:\playqueue.dat
[16/03/2008 20:39|--ah-----|927] - G:\SETSTOR.DAT
[20/03/2008 10:19|---hs----|1052672] - G:\STSTORE.HDS
[20/03/2008 10:19|---hs----|1052672] - G:\SSTORE.HDS
################## [ Vaccination ]
# C:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# G:\autorun.inf -> Folder created by UsbFix.
################## [ Cracks / Keygens / Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.016 ! ]
Ceci est le tout dernier rapport UsbFix de l'ordinateur que l'on désinfectait. Il confirme bien que tout est bon =) Merci de l'aide!
Je vais m'atteler maintenant à l'autre PC qui normalement vient d'être décontaminé
############################## [ UsbFix V3.016 # Scan ]
# User : Maison (Administrateurs) # NOUS
# Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 21:25:07 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,5 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (36,33 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 896,29 Mo (6,39 Mo free) [O'CONNELL] # FAT32
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
HKCU_Main: "Window Title"=""
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"=""
HKLM_logon: "AltDefaultUserName"="Maison"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: Alcmtr=ALCMTR.EXE
HKLM_Run: EPSON Stylus Photo R240 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
HKLM_Run: AppleSyncNotifier=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKLM_Run: Ad-Watch=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
################## [ Informations ]
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# M:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# N:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ ! Fin du rapport # UsbFix V3.016 ! ]
Je vais m'atteler maintenant à l'autre PC qui normalement vient d'être décontaminé
############################## [ UsbFix V3.016 # Scan ]
# User : Maison (Administrateurs) # NOUS
# Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 21:25:07 | 01/05/2009
# AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
# FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T
# C:\ # Disque fixe local # 107,42 Go (24,5 Go free) # NTFS
# D:\ # Disque fixe local # 125,45 Go (36,33 Go free) [Disque local] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 896,29 Mo (6,39 Mo free) [O'CONNELL] # FAT32
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque CD-ROM
# L:\ # Disque amovible
# M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
# N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
# Z:\ # Disque amovible
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
HKCU_Main: "Window Title"=""
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"=""
HKLM_logon: "AltDefaultUserName"="Maison"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: Alcmtr=ALCMTR.EXE
HKLM_Run: EPSON Stylus Photo R240 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
HKLM_Run: AppleSyncNotifier=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKLM_Run: Ad-Watch=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
################## [ Informations ]
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# M:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# N:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
# -> Not Found !
################## [ ! Fin du rapport # UsbFix V3.016 ! ]
Pour finir le PC qu'on désinfectait :
1/
Désinstalle HijackThis.
Télécharge ToolsCleaner2 sur ton Bureau.
Double-clique sur ToolsCleaner2.exe pour le lancer.
Clique sur Recherche et laisse le scan agir.
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options Facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
Télécharge et installe CCleaner Slim.
Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).
3/
Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.
==Prévention==
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
Si tu estimes que ton problème est résolu :
---> Ajoute maintenant [Résolu] au titre. Pour cela :
Clique, dans ton premier message, sur le bouton Editer ![]()
.
Rajoute la mention [Résolu] devant le titre.
Clique ensuite sur Valider votre message.
Sois plus vigilant(e) sur Internet![;)]( ";)")
1/
2/
3/
==Prévention==
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
Si tu estimes que ton problème est résolu :
---> Ajoute maintenant [Résolu] au titre. Pour cela :
.Sois plus vigilant(e) sur Internet
Rapport de l'ordinateur désinfecté
Je poste celui de l'ordinateur "non désinfecté" dans quelques minutes
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 21:41:18
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 25 GB (23%) free of 110 GB
Total RAM: 2047 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:41:33, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Jeux\Dead Space\Dead Space.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 6569 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-01 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-01 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"NBService"=3
"iPod Service"=3
"MDM"=2
"ATI Smart"=2
"a2free"=2
"a2AntiDialer"=2
"usnjsvc"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=2
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*![:D]( ":D")
isabled:SplinterCell4"
"D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
"D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
"D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
"D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*![:D]( ":D")
isabled:ActOfWar"
"D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled![:p]( ":p")
eggle Extreme"
"D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
"D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\javaws.exe
2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\javaw.exe
2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\java.exe
2009-05-01 21:08:18 ----A---- C:\UsbFix.txt
2009-05-01 19:48:08 ----D---- C:\Program Files\EClean
2009-05-01 19:46:41 ----D---- C:\Program Files\BeClean
2009-05-01 17:01:53 ----RASHD---- C:\autorun.inf
2009-05-01 16:37:50 ----D---- C:\UsbFix
2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
2009-05-01 16:24:25 ----D---- C:\rsit
2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
======List of files/folders modified in the last 1 months======
2009-05-01 21:41:27 ----D---- C:\WINDOWS\Prefetch
2009-05-01 21:38:25 ----D---- C:\WINDOWS\Temp
2009-05-01 21:38:22 ----D---- C:\WINDOWS\system32
2009-05-01 21:38:03 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-05-01 21:38:01 ----SHD---- C:\WINDOWS\Installer
2009-05-01 20:36:42 ----D---- C:\Program Files\Mozilla Firefox
2009-05-01 20:31:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-01 19:56:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-01 19:48:08 ----RD---- C:\Program Files
2009-05-01 17:16:17 ----D---- C:\Program Files\Java
2009-05-01 17:16:16 ----D---- C:\Program Files\Fichiers communs
2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
2009-04-29 16:18:52 ----D---- C:\Azureus
2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-28 13:45:52 ----D---- C:\WINDOWS
2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-27 14:23:58 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-26 19:52:18 ----D---- C:\Jeux
2009-04-26 19:48:01 ----D---- C:\dossier de partages
2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
2009-04-25 19:32:52 ----D---- C:\Incomplete
2009-04-25 19:32:45 ----D---- C:\Limewire
2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-19 12:06:00 ----D---- C:\iTunes music
2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
2009-04-03 17:45:53 ----RSH---- C:\boot.ini
2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 a76j3wh6;a76j3wh6; C:\WINDOWS\system32\drivers\a76j3wh6.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-01 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Je poste celui de l'ordinateur "non désinfecté" dans quelques minutes
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 21:41:18
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 25 GB (23%) free of 110 GB
Total RAM: 2047 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:41:33, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Jeux\Dead Space\Dead Space.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 6569 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-01 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-01 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"NBService"=3
"iPod Service"=3
"MDM"=2
"ATI Smart"=2
"a2free"=2
"a2AntiDialer"=2
"usnjsvc"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"gusvc"=2
C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*
isabled:SplinterCell4""D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
"D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
"D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
"D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*
isabled:ActOfWar""D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled
eggle Extreme""D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
"D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\javaws.exe
2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\javaw.exe
2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\java.exe
2009-05-01 21:08:18 ----A---- C:\UsbFix.txt
2009-05-01 19:48:08 ----D---- C:\Program Files\EClean
2009-05-01 19:46:41 ----D---- C:\Program Files\BeClean
2009-05-01 17:01:53 ----RASHD---- C:\autorun.inf
2009-05-01 16:37:50 ----D---- C:\UsbFix
2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
2009-05-01 16:24:25 ----D---- C:\rsit
2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
======List of files/folders modified in the last 1 months======
2009-05-01 21:41:27 ----D---- C:\WINDOWS\Prefetch
2009-05-01 21:38:25 ----D---- C:\WINDOWS\Temp
2009-05-01 21:38:22 ----D---- C:\WINDOWS\system32
2009-05-01 21:38:03 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-05-01 21:38:01 ----SHD---- C:\WINDOWS\Installer
2009-05-01 20:36:42 ----D---- C:\Program Files\Mozilla Firefox
2009-05-01 20:31:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-01 19:56:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-01 19:48:08 ----RD---- C:\Program Files
2009-05-01 17:16:17 ----D---- C:\Program Files\Java
2009-05-01 17:16:16 ----D---- C:\Program Files\Fichiers communs
2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
2009-04-29 16:18:52 ----D---- C:\Azureus
2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-28 13:45:52 ----D---- C:\WINDOWS
2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-27 14:23:58 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-26 19:52:18 ----D---- C:\Jeux
2009-04-26 19:48:01 ----D---- C:\dossier de partages
2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
2009-04-25 19:32:52 ----D---- C:\Incomplete
2009-04-25 19:32:45 ----D---- C:\Limewire
2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-19 12:06:00 ----D---- C:\iTunes music
2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
2009-04-03 17:45:53 ----RSH---- C:\boot.ini
2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 a76j3wh6;a76j3wh6; C:\WINDOWS\system32\drivers\a76j3wh6.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-01 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Rapport Ordinateur non désinfecté
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 21:46:09
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 55 GB (71%) free of 76 GB
Total RAM: 767 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:30, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\System32\svchost.exe
E:\VIRUS SPY VACCINATION\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [BisonInst0402] C:\WINDOWS\BR040286.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 6080 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-11 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-12 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-12 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"ACU"=C:\Program Files\Atheros\ACU.exe [2005-01-31 253952]
"BisonInst0402"=C:\WINDOWS\BR040286.exe [2007-05-08 53248]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-04-11 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-25 516440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-12 148888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-03-27 24103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"MDM"=2
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-04-11 10520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-19 240128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-05-01 21:42:40 ----D---- C:\Program Files\trend micro
2009-05-01 21:42:38 ----D---- C:\rsit
2009-05-01 21:11:17 ----A---- C:\UsbFix.txt
2009-05-01 21:05:07 ----D---- C:\Documents and Settings\Maison\Application Data\Malwarebytes
2009-05-01 21:04:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 21:04:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-05-01 21:00:18 ----RASHD---- C:\autorun.inf
2009-04-29 20:02:55 ----D---- C:\WINDOWS\Sun
2009-04-28 20:24:59 ----D---- C:\WINDOWS\CSC
2009-04-28 20:24:52 ----A---- C:\WINDOWS\ntbtlog.txt
2009-04-23 20:00:33 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2009-04-23 19:59:40 ----A---- C:\WINDOWS\Alcmtr.exe
2009-04-23 19:47:30 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2009-04-23 19:46:44 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-04-21 18:40:02 ----A---- C:\WINDOWS\system32\idecoiins.dll
2009-04-21 18:40:02 ----A---- C:\WINDOWS\system32\idecoi.dll
2009-04-21 18:39:49 ----A---- C:\WINDOWS\system32\SET16.tmp
2009-04-21 18:38:29 ----D---- C:\WINDOWS\tiinst
2009-04-16 14:52:33 ----D---- C:\WINDOWS\system32\LogFiles
2009-04-15 20:31:44 ----D---- C:\Documents and Settings\Maison\Application Data\Apple Computer
2009-04-15 20:31:30 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-04-15 20:29:35 ----D---- C:\Program Files\iPod
2009-04-15 20:29:32 ----D---- C:\Program Files\iTunes
2009-04-15 20:29:32 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-15 20:29:19 ----D---- C:\Program Files\Bonjour
2009-04-15 20:29:11 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-04-15 20:28:38 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-12 11:57:37 ----D---- C:\WINDOWS\system32\Adobe
2009-04-12 11:56:57 ----D---- C:\Program Files\QuickTime
2009-04-12 11:56:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-04-12 11:56:42 ----D---- C:\Program Files\Apple Software Update
2009-04-12 11:56:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\java.exe
2009-04-12 11:55:49 ----D---- C:\Program Files\Java
2009-04-12 11:51:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-04-12 11:50:43 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-04-12 11:50:43 ----D---- C:\Program Files\Adobe
2009-04-12 11:47:28 ----D---- C:\Documents and Settings\Maison\Application Data\Mozilla
2009-04-12 11:42:38 ----D---- C:\WINDOWS\system32\appmgmt
2009-04-12 00:12:08 ----D---- C:\Documents and Settings\Maison\Application Data\Macromedia
2009-04-12 00:12:07 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-12 00:08:42 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-04-12 00:04:55 ----D---- C:\Documents and Settings\Maison\Application Data\Sun
2009-04-11 23:50:31 ----D---- C:\Program Files\NOS
2009-04-11 23:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-04-11 23:38:47 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-04-11 23:14:46 ----A---- C:\WINDOWS\system32\h323log.txt
2009-04-11 23:12:02 ----D---- C:\Program Files\MSN Messenger
2009-04-11 23:09:55 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-04-11 23:09:55 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-04-11 23:08:44 ----A---- C:\WINDOWS\system32\usbui.dll
2009-04-11 23:07:46 ----D---- C:\Temp (à supprimer)
2009-04-11 23:07:36 ----A---- C:\WINDOWS\imsins.BAK
2009-04-11 23:07:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-11 23:07:33 ----SHD---- C:\WINDOWS\Installer
2009-04-11 23:07:33 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-04-11 23:07:33 ----A---- C:\WINDOWS\ODBCINST.INI
2009-04-11 23:07:29 ----RD---- C:\Program Files
2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs
2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-04-11 23:07:23 ----D---- C:\programmes
2009-04-11 23:07:22 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\irclass.dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-04-11 23:07:15 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-04-11 23:07:15 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-04-11 23:07:15 ----A---- C:\WINDOWS\system32\batt.dll
2009-04-11 23:07:14 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-04-11 23:07:13 ----A---- C:\WINDOWS\system32\storprop.dll
2009-04-11 23:07:05 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-04-11 23:07:02 ----RA---- C:\WINDOWS\SET8.tmp
2009-04-11 23:07:00 ----RA---- C:\WINDOWS\SET4.tmp
2009-04-11 23:06:58 ----RA---- C:\WINDOWS\SET3.tmp
2009-04-11 23:06:53 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-11 23:06:53 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-11 23:06:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-04-11 23:06:30 ----A---- C:\WINDOWS\setuplog.txt
2009-04-11 23:06:27 ----D---- C:\Documents and Settings
2009-04-11 23:06:26 ----SHD---- C:\System Volume Information
2009-04-11 23:05:32 ----RSH---- C:\boot.ini
2009-04-11 23:01:21 ----D---- C:\_Photos
2009-04-11 23:01:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-11 23:01:12 ----RSD---- C:\WINDOWS\Fonts
2009-04-11 23:01:12 ----RD---- C:\WINDOWS\Web
2009-04-11 23:01:12 ----HD---- C:\WINDOWS\inf
2009-04-11 23:01:12 ----D---- C:\WINDOWS\WinSxS
2009-04-11 23:01:12 ----D---- C:\WINDOWS\twain_32
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Temp
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\wins
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\wbem
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\usmt
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\spool
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ShellExt
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\Setup
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ras
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\oobe
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\npp
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\mui
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\inetsrv
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\IME
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\icsxml
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ias
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\export
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\drivers
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\dhcp
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\config
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\3com_dmi
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\3076
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\2052
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1054
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1042
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1041
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1037
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1036
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1033
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1031
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1028
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1025
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system
2009-04-11 23:01:12 ----D---- C:\WINDOWS\security
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Resources
2009-04-11 23:01:12 ----D---- C:\WINDOWS\repair
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Provisioning
2009-04-11 23:01:12 ----D---- C:\WINDOWS\PeerNet
2009-04-11 23:01:12 ----D---- C:\WINDOWS\pchealth
2009-04-11 23:01:12 ----D---- C:\WINDOWS\mui
2009-04-11 23:01:12 ----D---- C:\WINDOWS\msapps
2009-04-11 23:01:12 ----D---- C:\WINDOWS\msagent
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Media
2009-04-11 23:01:12 ----D---- C:\WINDOWS\java
2009-04-11 23:01:12 ----D---- C:\WINDOWS\ime
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Help
2009-04-11 23:01:12 ----D---- C:\WINDOWS\ehome
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Driver Cache
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Debug
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Cursors
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Connection Wizard
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Config
2009-04-11 23:01:12 ----D---- C:\WINDOWS\AppPatch
2009-04-11 23:01:12 ----D---- C:\WINDOWS\addins
2009-04-11 23:01:12 ----D---- C:\WINDOWS
2009-04-11 23:00:27 ----D---- C:\_Musique
2009-04-11 23:00:26 ----D---- C:\documents sav
2009-04-11 23:00:24 ----D---- C:\_data
2009-04-11 23:00:21 ----D---- C:\_Christian
2009-04-11 23:00:18 ----D---- C:\_Catherine
2009-04-11 23:00:18 ----D---- C:\_Adm
2009-04-11 22:55:37 ----D---- C:\WINDOWS\pss
2009-04-11 22:47:14 ----SHD---- C:\RECYCLER
2009-04-11 22:46:40 ----D---- C:\Documents and Settings\Maison\Application Data\Skype
2009-04-11 22:46:21 ----RD---- C:\Program Files\Skype
2009-04-11 22:46:14 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-04-11 22:39:50 ----D---- C:\Program Files\Sunbelt Software
2009-04-11 22:29:44 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-11 22:29:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-11 22:25:19 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-04-11 22:25:11 ----D---- C:\Program Files\Lavasoft
2009-04-11 22:25:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-04-11 22:13:01 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-04-11 22:12:39 ----D---- C:\Program Files\AVG
2009-04-11 22:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-04-11 22:10:10 ----D---- C:\Documents and Settings\Maison\Application Data\vlc
2009-04-11 22:09:34 ----D---- C:\NVIDIA
2009-04-11 22:08:24 ----D---- C:\Program Files\VideoLAN
2009-04-11 21:57:15 ----A---- C:\WINDOWS\ODBC.INI
2009-04-11 21:57:11 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-04-11 21:56:33 ----D---- C:\Program Files\Microsoft.NET
2009-04-11 21:55:44 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-04-11 21:55:39 ----D---- C:\Program Files\Microsoft Works
2009-04-11 21:55:33 ----D---- C:\Program Files\Microsoft Visual Studio
2009-04-11 21:55:09 ----D---- C:\WINDOWS\SHELLNEW
2009-04-11 21:54:45 ----D---- C:\Program Files\Microsoft Office
2009-04-11 21:52:33 ----D---- C:\Program Files\Mozilla Firefox
2009-04-11 21:44:41 ----D---- C:\WINDOWS\system32\Lang
2009-04-11 21:39:47 ----A---- C:\WINDOWS\Setup.INI
2009-04-11 21:38:31 ----D---- C:\WINDOWS\BisonC07
2009-04-11 21:38:27 ----A---- C:\WINDOWS\system32\BisonR07.dll
2009-04-11 21:38:27 ----A---- C:\WINDOWS\M3000Twn.ini
2009-04-11 21:38:26 ----A---- C:\WINDOWS\BR040286.exe
2009-04-11 21:38:11 ----D---- C:\Documents and Settings\Maison\Application Data\InstallShield
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\Wendy-918-NewDriDate-50316
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\T60H918_01_4.0.0.14001_50323_Acer_SVID_1025
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\4.0.0.167
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\4.0.0.14001
2009-04-11 21:37:37 ----D---- C:\WINDOWS\Options
2009-04-11 21:37:34 ----A---- C:\WINDOWS\system32\results.txt
2009-04-11 21:37:34 ----A---- C:\WINDOWS\system32\acs.exe
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\wgapi.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\wcapi.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\athcfg11res.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\athcfg11.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\AegisI5.exe
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\AegisE5.dll
2009-04-11 21:37:29 ----D---- C:\Program Files\Atheros
2009-04-11 21:37:17 ----D---- C:\temp
2009-04-11 21:36:47 ----D---- C:\Program Files\DIFX
2009-04-11 21:36:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-11 21:36:02 ----N---- C:\WINDOWS\system32\nvuide.exe
2009-04-11 21:35:45 ----A---- C:\WINDOWS\system32\nvusmb.exe
2009-04-11 21:35:33 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-04-11 21:34:21 ----A---- C:\WINDOWS\system32\ChCfg.exe
2009-04-11 21:34:01 ----D---- C:\WINDOWS\system32\RTCOM
2009-04-11 21:33:26 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-04-11 21:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-04-11 21:33:22 ----A---- C:\WINDOWS\SoundMan.exe
2009-04-11 21:33:22 ----A---- C:\WINDOWS\SkyTel.exe
2009-04-11 21:33:22 ----A---- C:\WINDOWS\RtlUpd.exe
2009-04-11 21:33:21 ----A---- C:\WINDOWS\RTLCPL.exe
2009-04-11 21:33:19 ----A---- C:\WINDOWS\RTHDCPL.exe
2009-04-11 21:33:19 ----A---- C:\WINDOWS\MicCal.exe
2009-04-11 21:33:18 ----D---- C:\Program Files\Realtek
2009-04-11 21:33:18 ----A---- C:\WINDOWS\alcwzrd.exe
2009-04-11 21:33:17 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-11 21:33:12 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-04-11 21:32:27 ----D---- C:\WINDOWS\nview
2009-04-11 21:32:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-04-11 21:32:19 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-04-11 21:32:11 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-04-11 21:29:38 ----D---- C:\Documents and Settings\Maison\Application Data\Identities
2009-04-11 21:29:37 ----HD---- C:\Program Files\Uninstall Information
2009-04-11 21:29:31 ----ASH---- C:\Documents and Settings\Maison\Application Data\desktop.ini
2009-04-11 21:29:30 ----SD---- C:\Documents and Settings\Maison\Application Data\Microsoft
2009-04-11 21:26:08 ----D---- C:\WINDOWS\SoftwareDistribution
2009-04-11 21:26:07 ----D---- C:\WINDOWS\Prefetch
2009-04-11 21:26:06 ----SD---- C:\WINDOWS\system32\Microsoft
2009-04-11 21:26:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-11 21:20:35 ----D---- C:\WINDOWS\system32\xircom
2009-04-11 21:20:35 ----D---- C:\Program Files\xerox
2009-04-11 21:20:35 ----D---- C:\Program Files\microsoft frontpage
2009-04-11 21:20:17 ----A---- C:\WINDOWS\control.ini
2009-04-11 21:20:17 ----A---- C:\AUTOEXEC.BAT
2009-04-11 21:20:03 ----A---- C:\WINDOWS\OEWABLog.txt
2009-04-11 21:19:59 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-04-11 21:19:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-11 21:19:12 ----RD---- C:\WINDOWS\Offline Web Pages
2009-04-11 21:19:12 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-04-11 21:19:06 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-04-11 21:19:02 ----HD---- C:\Program Files\WindowsUpdate
2009-04-11 21:18:58 ----D---- C:\Program Files\Services en ligne
2009-04-11 21:18:43 ----D---- C:\WINDOWS\system32\DirectX
2009-04-11 21:18:25 ----A---- C:\WINDOWS\system32\atrace.dll
2009-04-11 21:18:22 ----A---- C:\WINDOWS\system32\desktop.ini
2009-04-11 21:18:22 ----A---- C:\WINDOWS\desktop.ini
2009-04-11 21:18:16 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-04-11 21:18:15 ----A---- C:\WINDOWS\system32\acctres.dll
2009-04-11 21:18:14 ----D---- C:\Program Files\Fichiers communs\Services
2009-04-11 21:18:12 ----SD---- C:\WINDOWS\Tasks
2009-04-11 21:18:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-04-11 21:18:11 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-04-11 21:18:07 ----D---- C:\WINDOWS\srchasst
2009-04-11 21:18:06 ----D---- C:\WINDOWS\system32\Macromed
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wups.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-04-11 21:17:58 ----D---- C:\Program Files\Movie Maker
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-04-11 21:17:51 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-04-11 21:17:51 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-04-11 21:17:50 ----D---- C:\WINDOWS\system32\Restore
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srclient.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\ils.dll
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\msconf.dll
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-04-11 21:17:46 ----D---- C:\Program Files\NetMeeting
2009-04-11 21:17:46 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-04-11 21:17:46 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-04-11 21:17:45 ----A---- C:\WINDOWS\system32\inetres.dll
2009-04-11 21:17:45 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-04-11 21:17:43 ----D---- C:\Program Files\Outlook Express
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\mstask.dll
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\isign32.dll
2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-04-11 21:17:37 ----D---- C:\Program Files\Fichiers communs\System
2009-04-11 21:17:30 ----D---- C:\Program Files\Internet Explorer
2009-04-11 21:16:56 ----D---- C:\Program Files\ComPlus Applications
2009-04-11 21:16:54 ----A---- C:\WINDOWS\vbaddin.ini
2009-04-11 21:16:54 ----A---- C:\WINDOWS\vb.ini
2009-04-11 21:16:49 ----D---- C:\WINDOWS\Registration
2009-04-11 21:16:41 ----D---- C:\Program Files\Windows Media Player
2009-04-11 21:16:41 ----D---- C:\Program Files\Online Services
2009-04-11 21:16:35 ----D---- C:\Program Files\Messenger
2009-04-11 21:16:31 ----D---- C:\Program Files\MSN Gaming Zone
2009-04-11 21:16:31 ----A---- C:\WINDOWS\system32\write.exe
2009-04-11 21:16:24 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-04-11 21:16:24 ----A---- C:\WINDOWS\system32\hticons.dll
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\winchat.exe
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avwav.dll
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\winmine.exe
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\sol.exe
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\getuname.dll
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\charmap.exe
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\calc.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tskill.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tscon.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\shadow.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\reset.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\freecell.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\regini.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\msg.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\logoff.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\stclient.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-04-11 21:16:13 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-04-11 21:16:09 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-04-11 21:15:58 ----D---- C:\Program Files\MSN
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-04-11 21:15:56 ----D---- C:\Program Files\Windows NT
2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\spider.exe
2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-04-11 21:15:53 ----D---- C:\WINDOWS\system32\MsDtc
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-04-11 21:15:52 ----D---- C:\WINDOWS\system32\Com
2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\colbact.dll
2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\comuid.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-04-11 21:15:50 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-04-11 20:36:43 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-04-11 20:36:42 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2009-04-11 20:36:42 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2009-04-11 20:36:40 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2009-04-11 20:36:40 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2009-04-11 20:36:39 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2009-04-11 20:36:39 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2009-04-11 20:36:38 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2009-04-11 20:36:38 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2009-04-11 20:36:36 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2009-04-11 20:36:35 ----A---- C:\WINDOWS\system32\nvwrses.dll
2009-04-11 20:36:35 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2009-04-11 20:36:33 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-04-11 20:36:30 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-04-11 20:36:30 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-04-11 20:36:18 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-04-11 20:36:17 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-04-11 20:36:16 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-04-11 20:36:16 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-04-11 20:36:15 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-04-11 20:36:13 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-04-11 20:36:13 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-04-11 20:36:12 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-04-11 20:36:11 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-04-11 20:36:11 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-04-11 20:36:10 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-04-11 20:36:09 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-04-11 20:36:09 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-04-11 20:36:08 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-04-11 20:36:08 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-04-11 20:36:07 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-04-11 20:36:06 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-04-11 20:36:05 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-04-11 20:36:04 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-04-11 20:36:04 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-04-11 20:36:03 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-04-11 20:36:02 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-04-11 20:36:01 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-04-11 20:36:01 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-04-11 20:36:00 ----A---- C:\WINDOWS\system32\nview.dll
2009-04-11 20:35:59 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2009-04-11 20:35:51 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-04-11 20:35:45 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-04-11 20:35:45 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-04-11 20:35:43 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-04-11 20:35:43 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-04-11 20:35:41 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-04-11 20:35:40 ----A---- C:\WINDOWS\system32\keystone.exe
2009-04-11 20:26:34 ----A---- C:\WINDOWS\system32\fdco_l2052.dll
2009-04-11 20:26:34 ----A---- C:\WINDOWS\system32\fdco_l1046.dll
2009-04-11 20:26:33 ----A---- C:\WINDOWS\system32\fdco_l1042.dll
2009-04-11 20:26:33 ----A---- C:\WINDOWS\system32\fdco_l1041.dll
2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1040.dll
2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1036.dll
2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1034.dll
2009-04-11 20:26:31 ----A---- C:\WINDOWS\system32\fdco_l1031.dll
2009-04-11 20:26:31 ----A---- C:\WINDOWS\system32\fdco_l1028.dll
2009-04-11 20:26:30 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2009-04-11 20:26:16 ----A---- C:\WINDOWS\system32\NVCOI.DLL
======List of files/folders modified in the last 1 months======
2009-04-11 23:23:15 ----A---- C:\WINDOWS\win.ini
2009-04-11 23:23:15 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-04-11 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-04-11 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-11 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-11 17801]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
R3 Cam5607;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonC07.sys [2007-08-06 761640]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-11 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-12 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-25 953168]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maison at 2009-05-01 21:46:09
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 55 GB (71%) free of 76 GB
Total RAM: 767 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:30, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\System32\svchost.exe
E:\VIRUS SPY VACCINATION\RSIT.exe
C:\Program Files\trend micro\Maison.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [BisonInst0402] C:\WINDOWS\BR040286.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
--
End of file - 6080 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-11 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-12 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-12 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"ACU"=C:\Program Files\Atheros\ACU.exe [2005-01-31 253952]
"BisonInst0402"=C:\WINDOWS\BR040286.exe [2007-05-08 53248]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-04-11 1932568]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-25 516440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-12 148888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-03-27 24103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3
"MDM"=2
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-04-11 10520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-19 240128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoFind"=
"NoFolderOptions"=
"NoRun"=
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogOff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-05-01 21:42:40 ----D---- C:\Program Files\trend micro
2009-05-01 21:42:38 ----D---- C:\rsit
2009-05-01 21:11:17 ----A---- C:\UsbFix.txt
2009-05-01 21:05:07 ----D---- C:\Documents and Settings\Maison\Application Data\Malwarebytes
2009-05-01 21:04:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-01 21:04:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-05-01 21:00:18 ----RASHD---- C:\autorun.inf
2009-04-29 20:02:55 ----D---- C:\WINDOWS\Sun
2009-04-28 20:24:59 ----D---- C:\WINDOWS\CSC
2009-04-28 20:24:52 ----A---- C:\WINDOWS\ntbtlog.txt
2009-04-23 20:00:33 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2009-04-23 19:59:40 ----A---- C:\WINDOWS\Alcmtr.exe
2009-04-23 19:47:30 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2009-04-23 19:46:44 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-04-21 18:40:02 ----A---- C:\WINDOWS\system32\idecoiins.dll
2009-04-21 18:40:02 ----A---- C:\WINDOWS\system32\idecoi.dll
2009-04-21 18:39:49 ----A---- C:\WINDOWS\system32\SET16.tmp
2009-04-21 18:38:29 ----D---- C:\WINDOWS\tiinst
2009-04-16 14:52:33 ----D---- C:\WINDOWS\system32\LogFiles
2009-04-15 20:31:44 ----D---- C:\Documents and Settings\Maison\Application Data\Apple Computer
2009-04-15 20:31:30 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-04-15 20:29:35 ----D---- C:\Program Files\iPod
2009-04-15 20:29:32 ----D---- C:\Program Files\iTunes
2009-04-15 20:29:32 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-15 20:29:19 ----D---- C:\Program Files\Bonjour
2009-04-15 20:29:11 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-04-15 20:28:38 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-12 11:57:37 ----D---- C:\WINDOWS\system32\Adobe
2009-04-12 11:56:57 ----D---- C:\Program Files\QuickTime
2009-04-12 11:56:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-04-12 11:56:42 ----D---- C:\Program Files\Apple Software Update
2009-04-12 11:56:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\java.exe
2009-04-12 11:55:49 ----D---- C:\Program Files\Java
2009-04-12 11:51:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-04-12 11:50:43 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-04-12 11:50:43 ----D---- C:\Program Files\Adobe
2009-04-12 11:47:28 ----D---- C:\Documents and Settings\Maison\Application Data\Mozilla
2009-04-12 11:42:38 ----D---- C:\WINDOWS\system32\appmgmt
2009-04-12 00:12:08 ----D---- C:\Documents and Settings\Maison\Application Data\Macromedia
2009-04-12 00:12:07 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
2009-04-12 00:08:42 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-04-12 00:04:55 ----D---- C:\Documents and Settings\Maison\Application Data\Sun
2009-04-11 23:50:31 ----D---- C:\Program Files\NOS
2009-04-11 23:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-04-11 23:38:47 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-04-11 23:14:46 ----A---- C:\WINDOWS\system32\h323log.txt
2009-04-11 23:12:02 ----D---- C:\Program Files\MSN Messenger
2009-04-11 23:09:55 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-04-11 23:09:55 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-04-11 23:08:44 ----A---- C:\WINDOWS\system32\usbui.dll
2009-04-11 23:07:46 ----D---- C:\Temp (à supprimer)
2009-04-11 23:07:36 ----A---- C:\WINDOWS\imsins.BAK
2009-04-11 23:07:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-11 23:07:33 ----SHD---- C:\WINDOWS\Installer
2009-04-11 23:07:33 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-04-11 23:07:33 ----A---- C:\WINDOWS\ODBCINST.INI
2009-04-11 23:07:29 ----RD---- C:\Program Files
2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs
2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-04-11 23:07:23 ----D---- C:\programmes
2009-04-11 23:07:22 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\irclass.dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-04-11 23:07:15 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-04-11 23:07:15 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-04-11 23:07:15 ----A---- C:\WINDOWS\system32\batt.dll
2009-04-11 23:07:14 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-04-11 23:07:13 ----A---- C:\WINDOWS\system32\storprop.dll
2009-04-11 23:07:05 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-04-11 23:07:02 ----RA---- C:\WINDOWS\SET8.tmp
2009-04-11 23:07:00 ----RA---- C:\WINDOWS\SET4.tmp
2009-04-11 23:06:58 ----RA---- C:\WINDOWS\SET3.tmp
2009-04-11 23:06:53 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-11 23:06:53 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-11 23:06:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-04-11 23:06:30 ----A---- C:\WINDOWS\setuplog.txt
2009-04-11 23:06:27 ----D---- C:\Documents and Settings
2009-04-11 23:06:26 ----SHD---- C:\System Volume Information
2009-04-11 23:05:32 ----RSH---- C:\boot.ini
2009-04-11 23:01:21 ----D---- C:\_Photos
2009-04-11 23:01:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-11 23:01:12 ----RSD---- C:\WINDOWS\Fonts
2009-04-11 23:01:12 ----RD---- C:\WINDOWS\Web
2009-04-11 23:01:12 ----HD---- C:\WINDOWS\inf
2009-04-11 23:01:12 ----D---- C:\WINDOWS\WinSxS
2009-04-11 23:01:12 ----D---- C:\WINDOWS\twain_32
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Temp
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\wins
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\wbem
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\usmt
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\spool
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ShellExt
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\Setup
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ras
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\oobe
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\npp
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\mui
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\inetsrv
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\IME
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\icsxml
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ias
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\export
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\drivers
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\dhcp
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\config
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\3com_dmi
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\3076
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\2052
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1054
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1042
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1041
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1037
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1036
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1033
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1031
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1028
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1025
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32
2009-04-11 23:01:12 ----D---- C:\WINDOWS\system
2009-04-11 23:01:12 ----D---- C:\WINDOWS\security
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Resources
2009-04-11 23:01:12 ----D---- C:\WINDOWS\repair
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Provisioning
2009-04-11 23:01:12 ----D---- C:\WINDOWS\PeerNet
2009-04-11 23:01:12 ----D---- C:\WINDOWS\pchealth
2009-04-11 23:01:12 ----D---- C:\WINDOWS\mui
2009-04-11 23:01:12 ----D---- C:\WINDOWS\msapps
2009-04-11 23:01:12 ----D---- C:\WINDOWS\msagent
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Media
2009-04-11 23:01:12 ----D---- C:\WINDOWS\java
2009-04-11 23:01:12 ----D---- C:\WINDOWS\ime
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Help
2009-04-11 23:01:12 ----D---- C:\WINDOWS\ehome
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Driver Cache
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Debug
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Cursors
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Connection Wizard
2009-04-11 23:01:12 ----D---- C:\WINDOWS\Config
2009-04-11 23:01:12 ----D---- C:\WINDOWS\AppPatch
2009-04-11 23:01:12 ----D---- C:\WINDOWS\addins
2009-04-11 23:01:12 ----D---- C:\WINDOWS
2009-04-11 23:00:27 ----D---- C:\_Musique
2009-04-11 23:00:26 ----D---- C:\documents sav
2009-04-11 23:00:24 ----D---- C:\_data
2009-04-11 23:00:21 ----D---- C:\_Christian
2009-04-11 23:00:18 ----D---- C:\_Catherine
2009-04-11 23:00:18 ----D---- C:\_Adm
2009-04-11 22:55:37 ----D---- C:\WINDOWS\pss
2009-04-11 22:47:14 ----SHD---- C:\RECYCLER
2009-04-11 22:46:40 ----D---- C:\Documents and Settings\Maison\Application Data\Skype
2009-04-11 22:46:21 ----RD---- C:\Program Files\Skype
2009-04-11 22:46:14 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-04-11 22:39:50 ----D---- C:\Program Files\Sunbelt Software
2009-04-11 22:29:44 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-11 22:29:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-11 22:25:19 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-04-11 22:25:11 ----D---- C:\Program Files\Lavasoft
2009-04-11 22:25:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-04-11 22:13:01 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-04-11 22:12:39 ----D---- C:\Program Files\AVG
2009-04-11 22:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-04-11 22:10:10 ----D---- C:\Documents and Settings\Maison\Application Data\vlc
2009-04-11 22:09:34 ----D---- C:\NVIDIA
2009-04-11 22:08:24 ----D---- C:\Program Files\VideoLAN
2009-04-11 21:57:15 ----A---- C:\WINDOWS\ODBC.INI
2009-04-11 21:57:11 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-04-11 21:56:33 ----D---- C:\Program Files\Microsoft.NET
2009-04-11 21:55:44 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-04-11 21:55:39 ----D---- C:\Program Files\Microsoft Works
2009-04-11 21:55:33 ----D---- C:\Program Files\Microsoft Visual Studio
2009-04-11 21:55:09 ----D---- C:\WINDOWS\SHELLNEW
2009-04-11 21:54:45 ----D---- C:\Program Files\Microsoft Office
2009-04-11 21:52:33 ----D---- C:\Program Files\Mozilla Firefox
2009-04-11 21:44:41 ----D---- C:\WINDOWS\system32\Lang
2009-04-11 21:39:47 ----A---- C:\WINDOWS\Setup.INI
2009-04-11 21:38:31 ----D---- C:\WINDOWS\BisonC07
2009-04-11 21:38:27 ----A---- C:\WINDOWS\system32\BisonR07.dll
2009-04-11 21:38:27 ----A---- C:\WINDOWS\M3000Twn.ini
2009-04-11 21:38:26 ----A---- C:\WINDOWS\BR040286.exe
2009-04-11 21:38:11 ----D---- C:\Documents and Settings\Maison\Application Data\InstallShield
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\Wendy-918-NewDriDate-50316
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\T60H918_01_4.0.0.14001_50323_Acer_SVID_1025
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\4.0.0.167
2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\4.0.0.14001
2009-04-11 21:37:37 ----D---- C:\WINDOWS\Options
2009-04-11 21:37:34 ----A---- C:\WINDOWS\system32\results.txt
2009-04-11 21:37:34 ----A---- C:\WINDOWS\system32\acs.exe
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\wgapi.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\wcapi.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\athcfg11res.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\athcfg11.dll
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\AegisI5.exe
2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\AegisE5.dll
2009-04-11 21:37:29 ----D---- C:\Program Files\Atheros
2009-04-11 21:37:17 ----D---- C:\temp
2009-04-11 21:36:47 ----D---- C:\Program Files\DIFX
2009-04-11 21:36:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-11 21:36:02 ----N---- C:\WINDOWS\system32\nvuide.exe
2009-04-11 21:35:45 ----A---- C:\WINDOWS\system32\nvusmb.exe
2009-04-11 21:35:33 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-04-11 21:34:21 ----A---- C:\WINDOWS\system32\ChCfg.exe
2009-04-11 21:34:01 ----D---- C:\WINDOWS\system32\RTCOM
2009-04-11 21:33:26 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-04-11 21:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-04-11 21:33:22 ----A---- C:\WINDOWS\SoundMan.exe
2009-04-11 21:33:22 ----A---- C:\WINDOWS\SkyTel.exe
2009-04-11 21:33:22 ----A---- C:\WINDOWS\RtlUpd.exe
2009-04-11 21:33:21 ----A---- C:\WINDOWS\RTLCPL.exe
2009-04-11 21:33:19 ----A---- C:\WINDOWS\RTHDCPL.exe
2009-04-11 21:33:19 ----A---- C:\WINDOWS\MicCal.exe
2009-04-11 21:33:18 ----D---- C:\Program Files\Realtek
2009-04-11 21:33:18 ----A---- C:\WINDOWS\alcwzrd.exe
2009-04-11 21:33:17 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-11 21:33:12 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-04-11 21:32:27 ----D---- C:\WINDOWS\nview
2009-04-11 21:32:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-04-11 21:32:19 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-04-11 21:32:11 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-04-11 21:29:38 ----D---- C:\Documents and Settings\Maison\Application Data\Identities
2009-04-11 21:29:37 ----HD---- C:\Program Files\Uninstall Information
2009-04-11 21:29:31 ----ASH---- C:\Documents and Settings\Maison\Application Data\desktop.ini
2009-04-11 21:29:30 ----SD---- C:\Documents and Settings\Maison\Application Data\Microsoft
2009-04-11 21:26:08 ----D---- C:\WINDOWS\SoftwareDistribution
2009-04-11 21:26:07 ----D---- C:\WINDOWS\Prefetch
2009-04-11 21:26:06 ----SD---- C:\WINDOWS\system32\Microsoft
2009-04-11 21:26:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-11 21:20:35 ----D---- C:\WINDOWS\system32\xircom
2009-04-11 21:20:35 ----D---- C:\Program Files\xerox
2009-04-11 21:20:35 ----D---- C:\Program Files\microsoft frontpage
2009-04-11 21:20:17 ----A---- C:\WINDOWS\control.ini
2009-04-11 21:20:17 ----A---- C:\AUTOEXEC.BAT
2009-04-11 21:20:03 ----A---- C:\WINDOWS\OEWABLog.txt
2009-04-11 21:19:59 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-04-11 21:19:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-11 21:19:12 ----RD---- C:\WINDOWS\Offline Web Pages
2009-04-11 21:19:12 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-04-11 21:19:06 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-04-11 21:19:02 ----HD---- C:\Program Files\WindowsUpdate
2009-04-11 21:18:58 ----D---- C:\Program Files\Services en ligne
2009-04-11 21:18:43 ----D---- C:\WINDOWS\system32\DirectX
2009-04-11 21:18:25 ----A---- C:\WINDOWS\system32\atrace.dll
2009-04-11 21:18:22 ----A---- C:\WINDOWS\system32\desktop.ini
2009-04-11 21:18:22 ----A---- C:\WINDOWS\desktop.ini
2009-04-11 21:18:16 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-04-11 21:18:15 ----A---- C:\WINDOWS\system32\acctres.dll
2009-04-11 21:18:14 ----D---- C:\Program Files\Fichiers communs\Services
2009-04-11 21:18:12 ----SD---- C:\WINDOWS\Tasks
2009-04-11 21:18:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-04-11 21:18:11 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-04-11 21:18:07 ----D---- C:\WINDOWS\srchasst
2009-04-11 21:18:06 ----D---- C:\WINDOWS\system32\Macromed
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wups.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-04-11 21:17:58 ----D---- C:\Program Files\Movie Maker
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-04-11 21:17:51 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-04-11 21:17:51 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-04-11 21:17:50 ----D---- C:\WINDOWS\system32\Restore
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srclient.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\ils.dll
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\msconf.dll
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-04-11 21:17:46 ----D---- C:\Program Files\NetMeeting
2009-04-11 21:17:46 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-04-11 21:17:46 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-04-11 21:17:45 ----A---- C:\WINDOWS\system32\inetres.dll
2009-04-11 21:17:45 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-04-11 21:17:43 ----D---- C:\Program Files\Outlook Express
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\mstask.dll
2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\isign32.dll
2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-04-11 21:17:37 ----D---- C:\Program Files\Fichiers communs\System
2009-04-11 21:17:30 ----D---- C:\Program Files\Internet Explorer
2009-04-11 21:16:56 ----D---- C:\Program Files\ComPlus Applications
2009-04-11 21:16:54 ----A---- C:\WINDOWS\vbaddin.ini
2009-04-11 21:16:54 ----A---- C:\WINDOWS\vb.ini
2009-04-11 21:16:49 ----D---- C:\WINDOWS\Registration
2009-04-11 21:16:41 ----D---- C:\Program Files\Windows Media Player
2009-04-11 21:16:41 ----D---- C:\Program Files\Online Services
2009-04-11 21:16:35 ----D---- C:\Program Files\Messenger
2009-04-11 21:16:31 ----D---- C:\Program Files\MSN Gaming Zone
2009-04-11 21:16:31 ----A---- C:\WINDOWS\system32\write.exe
2009-04-11 21:16:24 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-04-11 21:16:24 ----A---- C:\WINDOWS\system32\hticons.dll
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\winchat.exe
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avwav.dll
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\winmine.exe
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\sol.exe
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\getuname.dll
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\charmap.exe
2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\calc.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tskill.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tscon.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\shadow.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\reset.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\freecell.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\regini.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\msg.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\logoff.exe
2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\stclient.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-04-11 21:16:13 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-04-11 21:16:09 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-04-11 21:15:58 ----D---- C:\Program Files\MSN
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-04-11 21:15:56 ----D---- C:\Program Files\Windows NT
2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\spider.exe
2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-04-11 21:15:53 ----D---- C:\WINDOWS\system32\MsDtc
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-04-11 21:15:52 ----D---- C:\WINDOWS\system32\Com
2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\colbact.dll
2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\comuid.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-04-11 21:15:50 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-04-11 20:36:43 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-04-11 20:36:42 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2009-04-11 20:36:42 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2009-04-11 20:36:40 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2009-04-11 20:36:40 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2009-04-11 20:36:39 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2009-04-11 20:36:39 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2009-04-11 20:36:38 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2009-04-11 20:36:38 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2009-04-11 20:36:36 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2009-04-11 20:36:35 ----A---- C:\WINDOWS\system32\nvwrses.dll
2009-04-11 20:36:35 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2009-04-11 20:36:33 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-04-11 20:36:30 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-04-11 20:36:30 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-04-11 20:36:18 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-04-11 20:36:17 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-04-11 20:36:16 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-04-11 20:36:16 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-04-11 20:36:15 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-04-11 20:36:13 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-04-11 20:36:13 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-04-11 20:36:12 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-04-11 20:36:11 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-04-11 20:36:11 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-04-11 20:36:10 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-04-11 20:36:09 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-04-11 20:36:09 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-04-11 20:36:08 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-04-11 20:36:08 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-04-11 20:36:07 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-04-11 20:36:06 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-04-11 20:36:05 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-04-11 20:36:04 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-04-11 20:36:04 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-04-11 20:36:03 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-04-11 20:36:02 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-04-11 20:36:01 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-04-11 20:36:01 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-04-11 20:36:00 ----A---- C:\WINDOWS\system32\nview.dll
2009-04-11 20:35:59 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2009-04-11 20:35:51 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-04-11 20:35:45 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-04-11 20:35:45 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-04-11 20:35:43 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-04-11 20:35:43 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-04-11 20:35:41 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-04-11 20:35:40 ----A---- C:\WINDOWS\system32\keystone.exe
2009-04-11 20:26:34 ----A---- C:\WINDOWS\system32\fdco_l2052.dll
2009-04-11 20:26:34 ----A---- C:\WINDOWS\system32\fdco_l1046.dll
2009-04-11 20:26:33 ----A---- C:\WINDOWS\system32\fdco_l1042.dll
2009-04-11 20:26:33 ----A---- C:\WINDOWS\system32\fdco_l1041.dll
2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1040.dll
2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1036.dll
2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1034.dll
2009-04-11 20:26:31 ----A---- C:\WINDOWS\system32\fdco_l1031.dll
2009-04-11 20:26:31 ----A---- C:\WINDOWS\system32\fdco_l1028.dll
2009-04-11 20:26:30 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2009-04-11 20:26:16 ----A---- C:\WINDOWS\system32\NVCOI.DLL
======List of files/folders modified in the last 1 months======
2009-04-11 23:23:15 ----A---- C:\WINDOWS\win.ini
2009-04-11 23:23:15 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-04-11 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-04-11 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-11 108552]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-11 17801]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
R3 Cam5607;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonC07.sys [2007-08-06 761640]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-11 298264]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-12 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-25 953168]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\rapport_clean.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\rapport_clean.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\UsbFix: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimé !
Fichiers temporaires nettoyés !
--> Recherche:
C:\rapport_clean.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\rapport_clean.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\UsbFix: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimé !
Fichiers temporaires nettoyés !
[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\rapport_clean.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\rapport_clean.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\UsbFix: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimé !
Fichiers temporaires nettoyés !
--> Recherche:
C:\rapport_clean.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: trouvé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\rapport_clean.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Maison\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: supprimé !
C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\UsbFix: ERREUR DE SUPPRESSION !!
C:\Rsit: supprimé !
Fichiers temporaires nettoyés !
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumFenetre intempestive internet explorer résolu
- ForumProbleme yahoo search
- ForumSupprimer processus d'installation windows xp
- ForumProblème résolution windows 7
- ForumVirus trojan startpage résolu
- ForumDrivers stockage de masse
- ForumProbleme spyware ou malware ou virus
- ForumWindows live messenger résolu
- ForumAlerte de sécurité windows virus
- ForumEliminer security warning virus résolu
- Voir plus
