Win32
Forum Sécurité - Virus : Win32
Bonsoir,
J'ai un virus sur le pc et je ne sais pas comment faire pour le désinstaller. C'est une fenetre qui me revient tout le temps et qui dit que le win 32 a cessé de fonctionner. "Generic Host Process for Win 32 a rencontré un problème et doit fermé" avec une autre fenetre où l'on parle de "svchost.exe qui a fermé".
J'ai trouvé un autre topic sur le même sujet et j'ai installé HijackThis comme demandé. Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:27:00, on 26/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\msudp32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\usb_magr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dwwin.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Documents and Settings\User 7\Mes documents\Téléchargements\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Universal Serial Bus device] usb_magr.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [ms18_word] C:\WINDOWS\system32\ms18_word.exe
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\msudp32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ms18_word] C:\Documents and Settings\User 7\ms18_word.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\msudp32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS1\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS2\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.223 62.251.229.237
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
--
End of file - 7530 bytes
Bonjour,
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Merci beaucoup!
voici les deux rapports:
log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by User 7 at 2009-07-26 01:08:09
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 27 GB (67%) free of 40 GB
Total RAM: 1015 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:08:27, on 26/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\msudp32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\usb_magr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\dwwin.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\User 7\Mes documents\Téléchargements\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\User 7\Mes documents\Téléchargements\User 7.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Universal Serial Bus device] usb_magr.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [ms18_word] C:\WINDOWS\system32\ms18_word.exe
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\msudp32.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ms18_word] C:\Documents and Settings\User 7\ms18_word.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\msudp32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS1\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS2\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.223 62.251.229.237
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
--
End of file - 7840 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-07-19 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"IgfxTray"=C:\WINDOWS\system32\i [2009-07-26 83]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-18 166424]
"Persistence"=C:\WINDOWS\system32\i [2009-07-26 83]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-07-19 198160]
"Universal Serial Bus device"=C:\WINDOWS\usb_magr.exe [2009-07-26 114688]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-07-26 1948440]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"ms18_word"=C:\WINDOWS\system32\ms18_word.exe []
"Microsoft Driver Setup"=C:\WINDOWS\msudp32.exe [2009-07-26 54272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-07-13 414992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\msudp32.exe [2009-07-26 54272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-07-23 1694208]
"ms18_word"=C:\Documents and Settings\User 7\ms18_word.exe []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-26 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-08 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-07-23 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%"="msudp32.exe"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-07-26 21:08:48 ----A---- C:\loadport.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\px.dll
2009-07-26 20:50:40 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-07-26 20:50:40 ----D---- C:\Program Files\DivX
2009-07-26 19:59:15 ----RSH---- C:\WINDOWS\msudp32.exe
2009-07-26 19:59:14 ----A---- C:\WINDOWS\system32\45.exe
2009-07-26 19:01:10 ----A---- C:\WINDOWS\system32\35.exe
2009-07-26 18:58:04 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-26 16:50:51 ----A---- C:\WINDOWS\system32\70.exe
2009-07-26 16:49:19 ----A---- C:\WINDOWS\system32\36.exe
2009-07-26 16:46:10 ----RSH---- C:\WINDOWS\usb_magr.exe
2009-07-26 15:49:32 ----A---- C:\WINDOWS\system32\83.exe
2009-07-26 15:43:10 ----A---- C:\WINDOWS\system32\77.exe
2009-07-26 15:21:09 ----D---- C:\Documents and Settings\User 7\Application Data\Windows Search
2009-07-26 11:09:51 ----SHD---- C:\RECYCLER
2009-07-26 01:08:09 ----D---- C:\rsit
2009-07-26 00:37:28 ----D---- C:\Documents and Settings\User 7\Application Data\Malwarebytes
2009-07-26 00:37:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-26 00:37:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-07-26 00:13:10 ----A---- C:\WINDOWS\loaderb.exe
2009-07-26 00:11:37 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-25 23:28:48 ----A---- C:\fucklol.exe
2009-07-25 19:25:56 ----D---- C:\Documents and Settings\User 7\Application Data\Windows Desktop Search
2009-07-25 19:25:27 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-07-25 19:25:27 ----D---- C:\Program Files\Windows Desktop Search
2009-07-25 19:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-07-25 19:25:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-07-25 18:37:57 ----A---- C:\WINDOWS\system32\Ms12.exe
2009-07-25 16:02:08 ----A---- C:\WINDOWS\nigzss.txt
2009-07-25 13:43:07 ----HD---- C:\$AVG8.VAULT$
2009-07-25 13:34:51 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-07-25 13:34:32 ----D---- C:\Program Files\AVG
2009-07-25 13:34:32 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-07-20 23:24:13 ----A---- C:\WINDOWS\system32\nigzss.txt
2009-07-20 17:36:15 ----A---- C:\WINDOWS\system32\25.exe
2009-07-20 15:32:55 ----RSH---- C:\WINDOWS\usb_mgr.exe
2009-07-20 15:32:51 ----A---- C:\WINDOWS\system32\Ms07.exe
2009-07-20 15:15:05 ----N---- C:\WINDOWS\msdrv32.exe
2009-07-20 15:15:05 ----A---- C:\WINDOWS\logfile32.txt
2009-07-19 22:08:14 ----D---- C:\Documents and Settings\User 7\Application Data\WinRAR
2009-07-19 17:21:38 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-07-19 12:42:11 ----D---- C:\Program Files\Microsoft Works
2009-07-19 12:42:01 ----D---- C:\Program Files\MSBuild
2009-07-19 12:41:47 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-07-19 12:37:29 ----D---- C:\WINDOWS\SHELLNEW
2009-07-19 12:37:11 ----D---- C:\Program Files\Microsoft Office
2009-07-19 12:37:10 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-07-19 12:36:42 ----RHD---- C:\MSOCache
2009-07-18 19:13:09 ----D---- C:\Documents and Settings\User 7\Application Data\vlc
2009-07-18 19:12:30 ----D---- C:\WINDOWS\system32\appmgmt
2009-07-18 19:02:59 ----D---- C:\Program Files\SuperCopier2
2009-07-18 15:55:24 ----D---- C:\Program Files\QuickTime
2009-07-18 15:55:23 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-07-18 15:55:10 ----D---- C:\Program Files\Apple Software Update
2009-07-18 15:55:10 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-07-16 22:16:47 ----D---- C:\Documents and Settings\User 7\Application Data\Mozilla
2009-07-16 22:16:39 ----D---- C:\Program Files\Mozilla Firefox
2009-07-16 22:16:06 ----D---- C:\Program Files\VideoLAN
2009-07-16 21:55:02 ----D---- C:\Documents and Settings\User 7\Application Data\Adobe
2009-07-16 21:52:21 ----D---- C:\Program Files\NOS
2009-07-16 21:52:21 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-07-16 21:48:03 ----D---- C:\Documents and Settings\User 7\Application Data\Macromedia
2009-07-16 21:37:13 ----A---- C:\WINDOWS\Active Setup Log.txt
2009-07-16 21:37:06 ----D---- C:\Menara
2009-07-16 21:33:11 ----A---- C:\WINDOWS\Fast800.ini
2009-07-16 21:33:11 ----A---- C:\WINDOWS\adidsl.ini
2009-07-16 21:32:56 ----A---- C:\WINDOWS\adiras.exe
2009-07-16 21:32:55 ----A---- C:\WINDOWS\system32\ipdetect.exe
2009-07-16 21:32:55 ----A---- C:\WINDOWS\system32\adadix32.dll
2009-07-16 21:32:55 ----A---- C:\WINDOWS\adiras.ini
2009-07-16 21:32:54 ----A---- C:\WINDOWS\system32\coclassfast.dll
2009-07-16 21:32:53 ----A---- C:\WINDOWS\system32\unaddrv.exe
2009-07-16 21:32:53 ----A---- C:\WINDOWS\system32\adadix2k.dll
2009-07-16 21:32:53 ----A---- C:\WINDOWS\system32\adadix16.dll
2009-07-16 21:32:52 ----A---- C:\WINDOWS\autoclk.exe
2009-07-16 21:31:45 ----D---- C:\Program Files\SAGEM
2009-07-16 19:45:22 ----A---- C:\WINDOWS\system32\h323log.txt
2009-07-16 19:44:11 ----A---- C:\WINDOWS\system32\usbui.dll
2009-07-16 19:42:48 ----A---- C:\WINDOWS\imsins.BAK
2009-07-16 19:42:45 ----SHD---- C:\WINDOWS\Installer
2009-07-16 19:42:45 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-07-16 19:42:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-16 19:42:45 ----A---- C:\WINDOWS\ODBCINST.INI
2009-07-16 19:42:41 ----RD---- C:\Program Files
2009-07-16 19:42:41 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-07-16 19:42:41 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-07-16 19:42:41 ----D---- C:\Program Files\Fichiers communs
2009-07-16 19:42:35 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-07-16 19:42:35 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-07-16 19:42:35 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-07-16 19:42:23 ----A---- C:\WINDOWS\system32\irclass.dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-07-16 19:42:20 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-07-16 19:42:20 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-07-16 19:42:19 ----A---- C:\WINDOWS\system32\storprop.dll
2009-07-16 19:42:19 ----A---- C:\WINDOWS\system32\batt.dll
2009-07-16 19:42:19 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-07-16 19:42:14 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-07-16 19:41:58 ----RA---- C:\WINDOWS\SET8.tmp
2009-07-16 19:41:56 ----RA---- C:\WINDOWS\SET4.tmp
2009-07-16 19:41:54 ----RA---- C:\WINDOWS\SET3.tmp
2009-07-16 19:41:50 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-16 19:41:50 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-16 19:41:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-16 19:41:26 ----A---- C:\WINDOWS\setuplog.txt
2009-07-16 19:41:22 ----SHD---- C:\System Volume Information
2009-07-16 19:41:22 ----D---- C:\Documents and Settings
2009-07-16 19:40:42 ----SH---- C:\boot.ini
2009-07-16 19:35:06 ----RSD---- C:\WINDOWS\Fonts
2009-07-16 19:35:06 ----RD---- C:\WINDOWS\Web
2009-07-16 19:35:06 ----HD---- C:\WINDOWS\inf
2009-07-16 19:35:06 ----D---- C:\WINDOWS\WinSxS
2009-07-16 19:35:06 ----D---- C:\WINDOWS\twain_32
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Temp
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\wins
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\wbem
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\usmt
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\spool
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\ShellExt
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\Setup
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\ras
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\PreInstall
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\oobe
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\npp
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\mui
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\inetsrv
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\IME
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\icsxml
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\ias
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\fr-fr
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\fr
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\export
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\drivers
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\dhcp
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\config
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\bits
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\3com_dmi
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\3076
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\2052
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1054
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1042
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1041
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1037
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1036
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1033
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1031
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1028
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1025
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system
2009-07-16 19:35:06 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-16 19:35:06 ----D---- C:\WINDOWS\security
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Resources
2009-07-16 19:35:06 ----D---- C:\WINDOWS\repair
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Provisioning
2009-07-16 19:35:06 ----D---- C:\WINDOWS\PeerNet
2009-07-16 19:35:06 ----D---- C:\WINDOWS\pchealth
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Network Diagnostic
2009-07-16 19:35:06 ----D---- C:\WINDOWS\mui
2009-07-16 19:35:06 ----D---- C:\WINDOWS\msapps
2009-07-16 19:35:06 ----D---- C:\WINDOWS\msagent
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Media
2009-07-16 19:35:06 ----D---- C:\WINDOWS\l2schemas
2009-07-16 19:35:06 ----D---- C:\WINDOWS\java
2009-07-16 19:35:06 ----D---- C:\WINDOWS\ime
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Help
2009-07-16 19:35:06 ----D---- C:\WINDOWS\ehome
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Driver Cache
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Debug
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Cursors
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Connection Wizard
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Config
2009-07-16 19:35:06 ----D---- C:\WINDOWS\AppPatch
2009-07-16 19:35:06 ----D---- C:\WINDOWS\addins
2009-07-16 19:35:06 ----D---- C:\WINDOWS
2009-07-16 18:30:38 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-07-16 18:28:21 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-07-16 18:27:48 ----A---- C:\WINDOWS\system32\NETw5r32.dll
2009-07-16 18:27:47 ----A---- C:\WINDOWS\system32\NETw5c32.dll
2009-07-16 18:26:16 ----D---- C:\Program Files\Broadcom
2009-07-16 18:25:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-07-16 18:25:36 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igxprd32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igldev32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxtray.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxpers.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxext.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxexps.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\hccutils.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\iglicd32.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxress.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxpph.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxdo.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxdev.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxCoIn_v4859.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\hkcmd.exe
2009-07-16 18:23:12 ----D---- C:\WINDOWS\system32\Lang
2009-07-16 18:23:12 ----A---- C:\WINDOWS\system32\igxpun.exe
2009-07-16 18:23:12 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-07-16 18:22:38 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-07-16 18:22:37 ----D---- C:\Program Files\Intel
2009-07-16 18:22:37 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-07-16 18:22:22 ----D---- C:\Intel
2009-07-16 18:20:02 ----D---- C:\Program Files\NetWaiting
2009-07-16 18:20:00 ----D---- C:\Documents and Settings\User 7\Application Data\InstallShield
2009-07-16 18:19:57 ----D---- C:\Program Files\CONEXANT
2009-07-16 18:17:01 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-07-16 18:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-07-16 18:16:45 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-16 18:16:45 ----D---- C:\Program Files\Hewlett-Packard
2009-07-16 18:16:40 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-07-16 18:16:32 ----D---- C:\SWSetup
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagX7.dll
2009-07-16 18:14:53 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2009-07-16 18:14:45 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2009-07-16 18:14:20 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-07-16 18:14:19 ----D---- C:\Program Files\Ahead
2009-07-16 18:12:31 ----D---- C:\Program Files\WinRar
2009-07-16 18:12:14 ----A---- C:\WINDOWS\system32\unrar.dll
2009-07-16 18:12:01 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-07-16 18:12:01 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-07-16 18:12:01 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-07-16 18:12:00 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-07-16 18:11:53 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-07-16 18:11:53 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-07-16 18:11:51 ----D---- C:\Program Files\K-Lite Codec Pack
2009-07-16 18:11:18 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-07-16 18:11:14 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-07-16 18:11:14 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-07-16 18:11:13 ----D---- C:\Program Files\Real
2009-07-16 18:11:13 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-07-16 18:11:13 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-07-16 18:11:13 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-07-16 18:11:11 ----D---- C:\Program Files\Fichiers communs\Real
2009-07-16 18:11:10 ----D---- C:\Documents and Settings\User 7\Application Data\Real
2009-07-16 18:10:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-07-16 18:10:17 ----D---- C:\Program Files\MSN Messenger
2009-07-16 18:09:25 ----D---- C:\Program Files\ESET
2009-07-16 18:09:25 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-07-16 18:09:07 ----A---- C:\WINDOWS\system32\javaws.exe
2009-07-16 18:09:07 ----A---- C:\WINDOWS\system32\javaw.exe
2009-07-16 18:09:07 ----A---- C:\WINDOWS\system32\java.exe
2009-07-16 18:08:48 ----D---- C:\Program Files\Java
2009-07-16 18:08:46 ----D---- C:\Program Files\Fichiers communs\Java
2009-07-16 18:08:42 ----D---- C:\Documents and Settings\User 7\Application Data\Sun
2009-07-16 18:08:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-07-16 18:07:59 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-07-16 18:07:59 ----D---- C:\Program Files\Adobe
2009-07-16 18:07:25 ----A---- C:\WINDOWS\ODBC.INI
2009-07-16 18:07:20 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-07-16 18:05:58 ----D---- C:\Program Files\Microsoft Visual Studio
2009-07-16 18:03:28 ----A---- C:\WPI_Log.txt
2009-07-16 17:54:14 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2009-07-16 17:54:14 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2009-07-16 17:54:14 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2009-07-16 17:54:11 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbda3.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbda2.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbda1.dll
2009-07-16 17:54:09 ----A---- C:\WINDOWS\system32\kbdusa.dll
2009-07-16 17:54:06 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2009-07-16 17:54:01 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2009-07-16 17:53:15 ----D---- C:\Documents and Settings\User 7\Application Data\Identities
2009-07-16 17:53:12 ----HD---- C:\Program Files\Uninstall Information
2009-07-16 17:52:54 ----D---- C:\WINDOWS\DriverPacks
2009-07-16 17:52:46 ----N---- C:\Documents and Settings\User 7\Application Data\desktop.ini
2009-07-16 17:52:46 ----D---- C:\Documents and Settings\User 7\Application Data\Microsoft
2009-07-16 17:52:12 ----D---- C:\WINDOWS\Prefetch
2009-07-16 17:52:11 ----SD---- C:\WINDOWS\system32\Microsoft
2009-07-16 17:52:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-16 17:50:30 ----D---- C:\Program Files\MSXML 6.0
2009-07-16 17:50:20 ----D---- C:\Program Files\MSXML 4.0
2009-07-16 17:50:16 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-16 17:50:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-07-16 17:50:04 ----A---- C:\WINDOWS\control.ini
2009-07-16 17:50:04 ----A---- C:\AUTOEXEC.BAT
2009-07-16 17:49:56 ----A---- C:\WINDOWS\OEWABLog.txt
2009-07-16 17:49:54 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-07-16 17:49:53 ----D---- C:\WINDOWS\system32\dllcache
2009-07-16 17:49:09 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-07-16 17:49:06 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-07-16 17:49:02 ----HD---- C:\Program Files\WindowsUpdate
2009-07-16 17:49:01 ----D---- C:\Program Files\Services en ligne
2009-07-16 17:48:46 ----D---- C:\WINDOWS\system32\DirectX
2009-07-16 17:48:22 ----A---- C:\WINDOWS\system32\atrace.dll
2009-07-16 17:48:19 ----A---- C:\WINDOWS\system32\desktop.ini
2009-07-16 17:48:19 ----A---- C:\WINDOWS\desktop.ini
2009-07-16 17:48:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-07-16 17:48:10 ----A---- C:\WINDOWS\system32\acctres.dll
2009-07-16 17:48:09 ----D---- C:\Program Files\Fichiers communs\Services
2009-07-16 17:48:07 ----SD---- C:\WINDOWS\Tasks
2009-07-16 17:48:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-07-16 17:48:06 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-07-16 17:48:01 ----D---- C:\WINDOWS\srchasst
2009-07-16 17:48:00 ----D---- C:\WINDOWS\system32\Macromed
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wups.dll
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-07-16 17:47:50 ----D---- C:\Program Files\Movie Maker
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-07-16 17:47:41 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-07-16 17:47:41 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-07-16 17:47:40 ----D---- C:\WINDOWS\system32\Restore
2009-07-16 17:47:40 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-07-16 17:47:40 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-07-16 17:47:40 ----A---- C:\WINDOWS\system32\srclient.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\ils.dll
2009-07-16 17:47:38 ----A---- C:\WINDOWS\system32\msconf.dll
2009-07-16 17:47:36 ----D---- C:\Program Files\NetMeeting
2009-07-16 17:47:35 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-07-16 17:47:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-07-16 17:47:34 ----A---- C:\WINDOWS\system32\inetres.dll
2009-07-16 17:47:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-07-16 17:47:31 ----D---- C:\Program Files\Outlook Express
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\mstask.dll
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-07-16 17:47:30 ----A---- C:\WINDOWS\system32\isign32.dll
2009-07-16 17:47:30 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-07-16 17:47:24 ----D---- C:\Program Files\Fichiers communs\System
2009-07-16 17:46:53 ----D---- C:\Program Files\ComPlus Applications
2009-07-16 17:46:53 ----A---- C:\WINDOWS\vbaddin.ini
2009-07-16 17:46:53 ----A---- C:\WINDOWS\vb.ini
2009-07-16 17:46:51 ----D---- C:\WINDOWS\Registration
2009-07-16 17:46:49 ----D---- C:\Program Files\Online Services
2009-07-16 17:46:45 ----D---- C:\Program Files\Windows Media Connect 2
2009-07-16 17:46:44 ----D---- C:\Program Files\Windows Media Player
2009-07-16 17:46:44 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-07-16 17:46:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-16 17:46:43 ----D---- C:\WINDOWS\wbem
2009-07-16 17:46:43 ----D---- C:\WINDOWS\Offline Web Pages
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\winfxdocobj.exe
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-07-16 17:46:42 ----D---- C:\Program Files\Internet Explorer
2009-07-16 17:46:40 ----D---- C:\Program Files\Messenger
2009-07-16 17:46:36 ----D---- C:\Program Files\MSN Gaming Zone
2009-07-16 17:46:36 ----A---- C:\WINDOWS\system32\write.exe
2009-07-16 17:46:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\winchat.exe
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\hticons.dll
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\avwav.dll
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-07-16 17:46:20 ----A---- C:\WINDOWS\system32\getuname.dll
2009-07-16 17:46:20 ----A---- C:\WINDOWS\system32\charmap.exe
2009-07-16 17:46:20 ----A---- C:\WINDOWS\system32\calc.exe
2009-07-16 17:46:19 ----A---- C:\WINDOWS\system32\winmine.exe
2009-07-16 17:46:19 ----A---- C:\WINDOWS\system32\sol.exe
2009-07-16 17:46:19 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tskill.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tscon.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\shadow.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\reset.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\regini.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\freecell.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\msg.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\logoff.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-07-16 17:46:15 ----A---- C:\WINDOWS\system32\stclient.dll
2009-07-16 17:46:15 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-07-16 17:46:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-07-16 17:45:56 ----D---- C:\Program Files\MSN
2009-07-16 17:45:55 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-07-16 17:45:55 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-07-16 17:45:54 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-07-16 17:45:54 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-07-16 17:45:53 ----D---- C:\Program Files\Windows NT
2009-07-16 17:45:53 ----A---- C:\WINDOWS\system32\spider.exe
2009-07-16 17:45:53 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-07-16 17:45:53 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-07-16 17:45:52 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-07-16 17:45:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-07-16 17:45:52 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-07-16 17:45:50 ----D---- C:\WINDOWS\system32\MsDtc
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-07-16 17:45:48 ----D---- C:\WINDOWS\system32\Com
2009-07-16 17:45:48 ----A---- C:\WINDOWS\system32\colbact.dll
2009-07-16 17:45:48 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-07-16 17:45:48 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-07-16 17:45:47 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-07-16 17:45:47 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-07-16 17:45:47 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-07-16 17:45:46 ----A---- C:\WINDOWS\system32\comuid.dll
2009-07-16 17:45:46 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2009-07-19 12:37:44 ----A---- C:\WINDOWS\win.ini
2009-07-16 19:42:40 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-26 335752]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-26 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-25 108552]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-06-24 127497]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2007-02-12 625664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-20 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-20 209664]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-08 5776864]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-06-26 3630080]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-20 730112]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []
S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
S2 ws2_32sik;ws2_32sik; \??\C:\WINDOWS\system32\drivers\ws2_32sik.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-07-23 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-07-23 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\USER7~1\LOCALS~1\Temp\mc21.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-26 298776]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
-----------------EOF-----------------
Et info:
info.txt logfile of random's system information tool 1.06 2009-07-26 01:08:31
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Analyseur MSXML 6.0-->MsiExec.exe /I{5903C48B-E953-47B8-A651-B9222C483057}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Carte réseau local sans fil 802.11 Broadcom-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -ICpV30D5a.INF
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_SprtHD5m\UIU32m.exe -U -ISprtHD5m.inf
HijackThis 2.0.2-->"C:\Documents and Settings\User 7\Mes documents\Téléchargements\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Quick Launch Buttons 6.40 F1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\Setup.exe -runfromtemp -l0x040c -removeonly uninst
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 3.8.5 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.5.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRar\uninstall.exe
Securitycenter WMI appears to be broken
======System event log======
Computer Name: USER-A11BE4542C
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 284
Source Name: Service Control Manager
Time Written: 20090719123406.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: USER-A11BE4542C
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 283
Source Name: Service Control Manager
Time Written: 20090719123406.000000+120
Event Type: Informations
User:
Computer Name: USER-A11BE4542C
Event Code: 7000
Message: Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 282
Source Name: Service Control Manager
Time Written: 20090719123405.000000+120
Event Type: erreur
User:
Computer Name: USER-A11BE4542C
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.
Record Number: 281
Source Name: EventLog
Time Written: 20090719123359.000000+120
Event Type: Informations
User:
Computer Name: USER-A11BE4542C
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.
Record Number: 280
Source Name: EventLog
Time Written: 20090719123359.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: USER-A11BE4542C
Event Code: 1000
Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 5
Source Name: LoadPerf
Time Written: 20090716174650.000000+120
Event Type: Informations
User:
Computer Name: USER-A11BE4542C
Event Code: 1000
Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 4
Source Name: LoadPerf
Time Written: 20090716174648.000000+120
Event Type: Informations
User:
Computer Name: USER-A11BE4542C
Event Code: 1000
Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 3
Source Name: LoadPerf
Time Written: 20090716174531.000000+120
Event Type: Informations
User:
Computer Name: USER-A11BE4542C
Event Code: 1000
Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 2
Source Name: LoadPerf
Time Written: 20090716174528.000000+120
Event Type: Informations
User:
Computer Name: USER-A11BE4542C
Event Code: 1000
Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 1
Source Name: LoadPerf
Time Written: 20090716174527.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel
"PROCESSOR_REVISION"=0e0c
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"KTD"=C:\WINDOWS\DriverPacks
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
-----------------EOF-----------------
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
- Télécharge ComboFix (sUBs) sur ton Bureau.
- Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
- Il va te demander d'installer la console de récupération : accepte.
- Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Je pense qu'il sait planter ... ça fait un bout temps qu'il est coincé sur les fichiers qu'il a supprimé ... C'est normal?! ils ont dit 10 minutes max 20 minutes si la machine a un soucis graaave! :s
Attends encore un peu.
Redémarre ton PC si ça a planté.
ok je le fais tout de suite.
C'est fait et j'ai relancé ComboFix.
Voici le rapport:
ComboFix 09-07-24.01 - User 7 26/07/2009 2:04.2.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1015.605 [GMT 2:00]
Running from: c:\documents and settings\User 7\Mes documents\Téléchargements\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
c:\program files\SuperCopier2\SC2Hook.dll
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\NetworkService\Application Data\bcrypt.html
c:\documents and settings\User 7\Application Data\bcrypt.html
C:\fucklol.exe
C:\loadport.exe
c:\windows\system32\25.exe
c:\windows\system32\35.exe
c:\windows\system32\36.exe
c:\windows\system32\45.exe
c:\windows\system32\70.exe
c:\windows\system32\77.exe
c:\windows\system32\83.exe
c:\windows\system32\e
c:\windows\system32\i
.
((((((((((((((((((((((((( Files Created from 2009-06-26 to 2009-07-26 )))))))))))))))))))))))))))))))
.
2009-07-26 18:50 . 2009-07-26 18:50 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-07-26 18:07 . 2009-07-26 18:07 54272 ----a-w- c:\windows\system32\35.scr
2009-07-26 17:59 . 2009-07-26 17:59 54272 --sh--r- c:\windows\msudp32.exe
2009-07-26 17:43 . 2009-07-26 17:43 54272 ----a-w- c:\windows\system32\71.scr
2009-07-26 16:28 . 2009-07-26 16:28 54272 ----a-w- c:\windows\system32\75.scr
2009-07-26 14:46 . 2009-07-26 14:46 114688 --sh--r- c:\windows\usb_magr.exe
2009-07-26 13:56 . 2009-07-25 22:55 54272 ----a-w- c:\windows\system32\06.scr
2009-07-26 13:21 . 2009-07-26 13:21 -------- d-----w- c:\documents and settings\User 7\Application Data\Windows Search
2009-07-26 06:17 . 2009-07-25 11:34 1437464 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-07-26 06:17 . 2009-07-25 11:34 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-26 06:17 . 2009-07-25 11:34 755992 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avginet.dll
2009-07-26 06:17 . 2009-07-25 11:34 587032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgiproxy.exe
2009-07-25 23:18 . 2009-07-25 23:18 54272 ----a-w- c:\windows\system32\61.scr
2009-07-25 23:08 . 2009-07-25 23:08 -------- d-----w- C:\rsit
2009-07-25 22:37 . 2009-07-25 22:37 -------- d-----w- c:\documents and settings\User 7\Application Data\Malwarebytes
2009-07-25 22:37 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-25 22:37 . 2009-07-25 22:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-25 22:37 . 2009-07-25 22:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-25 22:37 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-25 22:13 . 2009-07-25 23:25 24915 ----a-w- c:\windows\loaderb.exe
2009-07-25 17:25 . 2009-07-25 17:25 -------- d-----w- c:\documents and settings\User 7\Local Settings\Application Data\Identities
2009-07-25 17:25 . 2009-07-25 17:25 -------- d-----w- c:\documents and settings\User 7\Application Data\Windows Desktop Search
2009-07-25 17:25 . 2009-07-25 17:25 -------- d-----w- c:\program files\Windows Desktop Search
2009-07-25 17:25 . 2009-07-25 17:25 -------- d-----w- c:\windows\system32\GroupPolicy
2009-07-25 17:24 . 2008-03-07 16:56 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2009-07-25 17:24 . 2008-03-07 16:56 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2009-07-25 17:24 . 2008-03-07 16:56 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2009-07-25 16:37 . 2009-07-25 16:38 79872 ----a-w- c:\windows\system32\Ms12.exe
2009-07-25 11:43 . 2009-07-25 21:51 -------- d--h--w- C:\$AVG8.VAULT$
2009-07-25 11:34 . 2009-07-26 06:20 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-25 11:34 . 2009-07-25 11:34 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-07-25 11:34 . 2009-07-25 11:34 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-07-25 11:34 . 2009-07-26 06:20 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-25 11:34 . 2009-07-26 06:20 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-07-25 11:34 . 2009-07-26 15:35 -------- d-----w- c:\windows\system32\drivers\Avg
2009-07-25 11:34 . 2009-07-26 09:38 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-07-25 11:34 . 2009-07-25 11:34 -------- d-----w- c:\program files\AVG
2009-07-22 14:06 . 2009-07-22 14:06 -------- d-----w- c:\documents and settings\User 7\Local Settings\Application Data\ESET
2009-07-20 21:33 . 2009-07-20 21:33 55296 ----a-w- c:\windows\system32\37.scr
2009-07-20 14:45 . 2009-07-20 14:45 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-07-20 13:32 . 2009-07-25 14:02 80896 --sh--r- c:\windows\usb_mgr.exe
2009-07-20 13:32 . 2009-07-26 18:59 114688 ----a-w- c:\windows\system32\Ms07.exe
2009-07-20 13:15 . 2009-07-20 13:15 55296 ------w- c:\windows\msdrv32.exe
2009-07-20 13:15 . 2009-07-20 13:15 55296 ----a-w- c:\windows\system32\15.scr
2009-07-19 15:21 . 2009-07-19 15:21 -------- d-----w- c:\program files\Fichiers communs\xing shared
2009-07-19 10:42 . 2009-07-19 10:42 -------- d-----w- c:\program files\Microsoft Works
2009-07-19 10:42 . 2009-07-19 10:42 -------- d-----w- c:\program files\MSBuild
2009-07-19 10:37 . 2009-07-19 10:41 -------- d-----w- c:\windows\SHELLNEW
2009-07-19 10:37 . 2009-07-19 10:37 -------- d-----w- c:\documents and settings\User 7\Local Settings\Application Data\Microsoft Help
2009-07-19 10:37 . 2009-07-19 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-19 10:36 . 2009-07-19 10:36 -------- d--h--r- C:\MSOCache
2009-07-18 17:13 . 2009-07-25 18:07 -------- d-----w- c:\documents and settings\User 7\Application Data\vlc
2009-07-18 17:02 . 2009-07-26 00:04 -------- d-----w- c:\program files\SuperCopier2
2009-07-18 13:55 . 2009-07-18 13:55 -------- d-----w- c:\program files\QuickTime
2009-07-18 13:55 . 2009-07-18 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-18 13:55 . 2009-07-18 13:55 -------- d-----w- c:\documents and settings\User 7\Local Settings\Application Data\Apple
2009-07-18 13:55 . 2009-07-18 13:55 -------- d-----w- c:\program files\Apple Software Update
2009-07-18 13:55 . 2009-07-18 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-18 13:54 . 2009-07-18 13:54 -------- d-----w- c:\documents and settings\User 7\Local Settings\Application Data\Apple Computer
2009-07-16 20:16 . 2009-07-16 20:16 0 ----a-w- c:\windows\nsreg.dat
2009-07-16 20:16 . 2009-07-16 20:16 -------- d-----w- c:\documents and settings\User 7\Local Settings\Application Data\Mozilla
2009-07-16 20:16 . 2009-07-16 20:16 -------- d-----w- c:\program files\VideoLAN
2009-07-16 19:52 . 2009-07-16 19:54 1914000 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
2009-07-16 19:52 . 2009-07-16 20:18 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-16 19:52 . 2009-07-16 20:18 -------- d-----w- c:\program files\NOS
2009-07-16 19:48 . 2009-07-16 19:48 -------- d-----w- c:\documents and settings\User 7\Contacts
2009-07-16 19:37 . 2009-07-16 19:37 -------- d-----w- C:\Menara
2009-07-16 19:32 . 2009-07-16 19:32 -------- d-----w- c:\windows\system32\drivers\Drivers
2009-07-16 19:32 . 2004-01-28 14:42 1531904 ----a-w- c:\windows\adiras.exe
2009-07-16 19:32 . 2003-06-24 12:55 127497 ----a-w- c:\windows\system32\drivers\adiusbaw.sys
2009-07-16 19:32 . 2002-05-09 14:12 155648 ----a-w- c:\windows\system32\adadix32.dll
2009-07-16 19:32 . 2001-07-27 12:25 127456 ----a-w- c:\windows\system32\ipdetect.exe
2009-07-16 19:32 . 2002-11-15 12:33 126976 ----a-w- c:\windows\system32\coclassfast.dll
2009-07-16 19:32 . 2003-07-17 15:48 46167 ----a-w- c:\windows\system32\drivers\adildr.sys
2009-07-16 19:32 . 2002-08-15 16:36 135168 ----a-w- c:\windows\system32\unaddrv.exe
2009-07-16 19:32 . 2001-02-09 08:43 4981 ----a-w- c:\windows\system32\adadix2k.dll
2009-07-16 19:32 . 2001-02-08 09:05 46892 ----a-w- c:\windows\system32\adadix16.dll
2009-07-16 19:32 . 2003-01-30 06:48 143360 ----a-w- c:\windows\autoclk.exe
2009-07-16 19:32 . 2001-05-24 15:24 22395 ----a-w- c:\windows\system32\drivers\fpga.bin
2009-07-16 19:31 . 2009-07-16 19:31 -------- d-----w- c:\program files\SAGEM
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-26 18:51 . 2009-07-26 18:50 -------- d-----w- c:\program files\DivX
2009-07-25 21:49 . 2001-10-02 23:21 58814 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-25 21:49 . 2001-10-02 23:21 393574 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-19 16:42 . 2009-07-16 15:53 83400 ----a-w- c:\documents and settings\User 7\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-19 15:21 . 2009-07-16 16:11 -------- d-----w- c:\program files\Fichiers communs\Real
2009-07-19 15:21 . 2009-07-16 16:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-18 12:40 . 2009-07-16 15:49 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-16 19:45 . 2009-07-16 19:32 23 ----a-w- c:\windows\system32\drivers\adidsl.cfg
2009-07-16 19:32 . 2009-07-16 16:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-16 19:31 . 2009-07-16 16:16 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-07-16 16:26 . 2009-07-16 16:26 -------- d-----w- c:\program files\Broadcom
2009-07-16 16:25 . 2009-07-16 16:25 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-16 16:25 . 2009-07-16 16:25 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2009-07-16 16:25 . 2009-07-16 16:16 -------- d-----w- c:\program files\Hewlett-Packard
2009-07-16 16:22 . 2009-07-16 16:22 -------- d-----w- c:\program files\Intel
2009-07-16 16:20 . 2009-07-16 16:20 -------- d-----w- c:\program files\NetWaiting
2009-07-16 16:20 . 2009-07-16 16:19 -------- d-----w- c:\program files\CONEXANT
2009-07-16 16:20 . 2009-07-16 16:20 -------- d-----w- c:\documents and settings\User 7\Application Data\InstallShield
2009-07-16 16:14 . 2009-07-16 16:14 -------- d-----w- c:\program files\Ahead
2009-07-16 16:14 . 2009-07-16 16:14 -------- d-----w- c:\program files\Fichiers communs\Ahead
2009-07-16 16:12 . 2009-07-16 16:11 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-16 16:11 . 2009-07-16 16:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-16 16:11 . 2009-07-16 16:11 -------- d-----w- c:\program files\Real
2009-07-16 16:10 . 2009-07-16 16:10 -------- d-----w- c:\program files\MSN Messenger
2009-07-16 16:09 . 2009-07-16 16:09 -------- d-----w- c:\program files\ESET
2009-07-16 16:09 . 2009-07-16 16:09 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-07-16 16:09 . 2009-07-16 16:08 -------- d-----w- c:\program files\Java
2009-07-16 16:08 . 2009-07-16 16:08 -------- d-----w- c:\program files\Fichiers communs\Java
2009-07-16 16:08 . 2009-07-16 16:07 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-07-16 15:50 . 2009-07-16 15:50 -------- d-----w- c:\program files\MSXML 6.0
2009-07-16 15:50 . 2009-07-16 15:50 -------- d-----w- c:\program files\MSXML 4.0
2009-07-16 15:49 . 2009-07-16 15:49 -------- d-----w- c:\program files\Services en ligne
2009-07-16 15:46 . 2009-07-16 15:46 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-16 15:46 . 2009-07-16 15:46 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-01 21:03 . 2009-07-26 18:51 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-05-01 21:03 . 2009-07-26 18:51 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-05-01 21:03 . 2009-07-26 18:51 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-05-01 21:03 . 2009-07-26 18:51 129784 ------w- c:\windows\system32\pxafs.dll
2009-05-01 21:03 . 2009-07-26 18:51 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-05-01 21:03 . 2009-07-26 18:51 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-07-19 09:05 . 2009-07-16 20:16 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2007-07-23 19:08 360704 90671A9A8F189262BE5224C497C2E0C7 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2007-07-23 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-18 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-18 137752]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-07-19 198160]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-26 1948440]
"Microsoft Driver Setup"="c:\windows\msudp32.exe" [2009-07-26 54272]
"Universal Serial Bus device"="usb_magr.exe" - c:\windows\usb_magr.exe [2009-07-26 114688]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2007-07-23 124928]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Microsoft Driver Setup"="c:\windows\msudp32.exe" [2009-07-26 54272]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-7-16 962661]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-26 06:20 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%"= msudp32.exe
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [25/07/2009 13:34 12552]
R0 iastor75;iastor75;c:\windows\system32\drivers\iaStor75.sys [26/07/2007 17:33 304920]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [25/07/2009 13:34 335752]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25/07/2009 13:34 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [25/07/2009 13:34 298776]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [16/07/2009 18:26 193840]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [26/07/2009 00:37 38160]
--- Other Services/Drivers In Memory ---
*Deregistered* - mchInjDrv
.
Contents of the 'Scheduled Tasks' folder
2009-07-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FF - ProfilePath - c:\documents and settings\User 7\Application Data\Mozilla\Firefox\Profiles\otfskajz.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.humour.com/index.php?a=1
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess" );
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35" );
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35" );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~" );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror" );
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json" );
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-26 02:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\USER7~1\LOCALS~1\Temp\mc21.tmp"
.
Completion time: 2009-07-26 2:08
ComboFix-quarantined-files.txt 2009-07-26 00:08
Pre-Run: 32 435 720 192 octets libres
Post-Run: 32 447 016 960 octets libres
308
- Menu Démarrer > Exécuter > Tape combofix /u et valide.
- Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
- Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
- Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
- Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
- Sélectionne Exécuter un examen rapide.
- Clique sur Rechercher. L'analyse démarre.
- A la fin de l'analyse, un message s'affiche :
| Citation : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés. |
- Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
- Ferme tes navigateurs.
- Si des malwares ont été détectés, clique sur Afficher les résultats.
- Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
- MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
Quand j'ai exécuté combofix /u et valide le pc s'est planté et j'ai du le redémarré avant de lancer MBAM. A noter aussi que j'ai une petite fenetre de Generic Host qui est sorti en pleine analyse de MBAM et que je viens de fermer (Ne pas envoyer le rapport).
Voici le rapport généré:
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2502
Windows 5.1.2600 Service Pack 2
26/07/2009 02:29:37
mbam-log-2009-07-26 (02-29-37).txt
Type de recherche: Examen rapide
Eléments examinés: 81949
Temps écoulé: 4 minute(s), 23 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
- Refais un scan RSIT et poste le rapport log.
le voilà:
Logfile of random's system information tool 1.06 (written by random/random)
Run by User 7 at 2009-07-26 02:44:10
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 31 GB (77%) free of 40 GB
Total RAM: 1015 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:44:37, on 26/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\msudp32.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\usb_magr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\User 7\Mes documents\Téléchargements\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\User 7\Mes documents\Téléchargements\User 7.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Universal Serial Bus device] usb_magr.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\msudp32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\msudp32.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS1\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.237 62.251.229.223
O17 - HKLM\System\CS2\Services\Tcpip\..\{069DF5BF-E274-4B55-9244-21C06801CDDD}: NameServer = 62.251.229.223 62.251.229.237
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
--
End of file - 6934 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-07-19 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-18 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-18 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-18 137752]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-07-19 198160]
"Universal Serial Bus device"=C:\WINDOWS\usb_magr.exe [2009-07-26 114688]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-07-26 1948440]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Microsoft Driver Setup"=C:\WINDOWS\msudp32.exe [2009-07-26 54272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\msudp32.exe [2009-07-26 54272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-07-23 1694208]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-26 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-08 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-07-23 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%"="msudp32.exe"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-07-26 20:51:10 ----N---- C:\WINDOWS\system32\px.dll
2009-07-26 20:50:40 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-07-26 20:50:40 ----D---- C:\Program Files\DivX
2009-07-26 19:59:15 ----RSH---- C:\WINDOWS\msudp32.exe
2009-07-26 18:58:04 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-26 16:46:10 ----RSH---- C:\WINDOWS\usb_magr.exe
2009-07-26 15:21:09 ----D---- C:\Documents and Settings\User 7\Application Data\Windows Search
2009-07-26 02:24:04 ----D---- C:\WINDOWS\system32\xircom
2009-07-26 02:24:04 ----D---- C:\Program Files\xerox
2009-07-26 02:24:04 ----D---- C:\Program Files\microsoft frontpage
2009-07-26 02:18:08 ----A---- C:\Bug.txt
2009-07-26 02:18:05 ----A---- C:\WINDOWS\system32\cmd.execf
2009-07-26 02:17:57 ----D---- C:\32788R22FWJFW
2009-07-26 02:09:35 ----A---- C:\loadport.exe
2009-07-26 02:08:37 ----D---- C:\WINDOWS\temp
2009-07-26 02:08:36 ----A---- C:\ComboFix.txt
2009-07-26 02:03:50 ----SD---- C:\ComboFix
2009-07-26 01:26:31 ----A---- C:\WINDOWS\NIRCMD.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\zip.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\SWSC.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\SWREG.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\sed.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\PEV.exe
2009-07-26 01:26:30 ----A---- C:\WINDOWS\grep.exe
2009-07-26 01:25:53 ----D---- C:\WINDOWS\ERDNT
2009-07-26 01:18:55 ----D---- C:\Qoobox
2009-07-26 01:08:09 ----D---- C:\rsit
2009-07-26 00:37:28 ----D---- C:\Documents and Settings\User 7\Application Data\Malwarebytes
2009-07-26 00:37:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-26 00:37:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-07-26 00:13:10 ----A---- C:\WINDOWS\loaderb.exe
2009-07-26 00:11:37 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-25 19:25:56 ----D---- C:\Documents and Settings\User 7\Application Data\Windows Desktop Search
2009-07-25 19:25:27 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-07-25 19:25:27 ----D---- C:\Program Files\Windows Desktop Search
2009-07-25 19:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-07-25 19:25:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-07-25 18:37:57 ----A---- C:\WINDOWS\system32\Ms12.exe
2009-07-25 16:02:08 ----A---- C:\WINDOWS\nigzss.txt
2009-07-25 13:43:07 ----HD---- C:\$AVG8.VAULT$
2009-07-25 13:34:51 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-07-25 13:34:32 ----D---- C:\Program Files\AVG
2009-07-25 13:34:32 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-07-20 23:24:13 ----A---- C:\WINDOWS\system32\nigzss.txt
2009-07-20 15:32:55 ----RSH---- C:\WINDOWS\usb_mgr.exe
2009-07-20 15:32:51 ----A---- C:\WINDOWS\system32\Ms07.exe
2009-07-20 15:15:05 ----N---- C:\WINDOWS\msdrv32.exe
2009-07-20 15:15:05 ----A---- C:\WINDOWS\logfile32.txt
2009-07-19 22:08:14 ----D---- C:\Documents and Settings\User 7\Application Data\WinRAR
2009-07-19 17:21:38 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-07-19 12:42:11 ----D---- C:\Program Files\Microsoft Works
2009-07-19 12:42:01 ----D---- C:\Program Files\MSBuild
2009-07-19 12:41:47 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-07-19 12:37:29 ----D---- C:\WINDOWS\SHELLNEW
2009-07-19 12:37:11 ----D---- C:\Program Files\Microsoft Office
2009-07-19 12:37:10 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-07-19 12:36:42 ----RHD---- C:\MSOCache
2009-07-18 19:13:09 ----D---- C:\Documents and Settings\User 7\Application Data\vlc
2009-07-18 19:12:30 ----D---- C:\WINDOWS\system32\appmgmt
2009-07-18 19:02:59 ----D---- C:\Program Files\SuperCopier2
2009-07-18 15:55:24 ----D---- C:\Program Files\QuickTime
2009-07-18 15:55:23 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-07-18 15:55:10 ----D---- C:\Program Files\Apple Software Update
2009-07-18 15:55:10 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-07-16 22:16:47 ----D---- C:\Documents and Settings\User 7\Application Data\Mozilla
2009-07-16 22:16:39 ----D---- C:\Program Files\Mozilla Firefox
2009-07-16 22:16:06 ----D---- C:\Program Files\VideoLAN
2009-07-16 21:55:02 ----D---- C:\Documents and Settings\User 7\Application Data\Adobe
2009-07-16 21:52:21 ----D---- C:\Program Files\NOS
2009-07-16 21:52:21 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-07-16 21:48:03 ----D---- C:\Documents and Settings\User 7\Application Data\Macromedia
2009-07-16 21:37:13 ----A---- C:\WINDOWS\Active Setup Log.txt
2009-07-16 21:37:06 ----D---- C:\Menara
2009-07-16 21:33:11 ----A---- C:\WINDOWS\Fast800.ini
2009-07-16 21:33:11 ----A---- C:\WINDOWS\adidsl.ini
2009-07-16 21:32:56 ----A---- C:\WINDOWS\adiras.exe
2009-07-16 21:32:55 ----A---- C:\WINDOWS\system32\ipdetect.exe
2009-07-16 21:32:55 ----A---- C:\WINDOWS\system32\adadix32.dll
2009-07-16 21:32:55 ----A---- C:\WINDOWS\adiras.ini
2009-07-16 21:32:54 ----A---- C:\WINDOWS\system32\coclassfast.dll
2009-07-16 21:32:53 ----A---- C:\WINDOWS\system32\unaddrv.exe
2009-07-16 21:32:53 ----A---- C:\WINDOWS\system32\adadix2k.dll
2009-07-16 21:32:53 ----A---- C:\WINDOWS\system32\adadix16.dll
2009-07-16 21:32:52 ----A---- C:\WINDOWS\autoclk.exe
2009-07-16 21:31:45 ----D---- C:\Program Files\SAGEM
2009-07-16 19:45:22 ----A---- C:\WINDOWS\system32\h323log.txt
2009-07-16 19:44:11 ----A---- C:\WINDOWS\system32\usbui.dll
2009-07-16 19:42:48 ----A---- C:\WINDOWS\imsins.BAK
2009-07-16 19:42:45 ----SHD---- C:\WINDOWS\Installer
2009-07-16 19:42:45 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-07-16 19:42:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-16 19:42:45 ----A---- C:\WINDOWS\ODBCINST.INI
2009-07-16 19:42:41 ----RD---- C:\Program Files
2009-07-16 19:42:41 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-07-16 19:42:41 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-07-16 19:42:41 ----D---- C:\Program Files\Fichiers communs
2009-07-16 19:42:35 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-07-16 19:42:35 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-07-16 19:42:35 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-07-16 19:42:33 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-07-16 19:42:31 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-07-16 19:42:29 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-07-16 19:42:28 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-07-16 19:42:27 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-07-16 19:42:23 ----A---- C:\WINDOWS\system32\irclass.dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-07-16 19:42:22 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-07-16 19:42:20 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-07-16 19:42:20 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-07-16 19:42:19 ----A---- C:\WINDOWS\system32\storprop.dll
2009-07-16 19:42:19 ----A---- C:\WINDOWS\system32\batt.dll
2009-07-16 19:42:19 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-07-16 19:42:14 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-07-16 19:41:58 ----RA---- C:\WINDOWS\SET8.tmp
2009-07-16 19:41:56 ----RA---- C:\WINDOWS\SET4.tmp
2009-07-16 19:41:54 ----RA---- C:\WINDOWS\SET3.tmp
2009-07-16 19:41:50 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-16 19:41:50 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-16 19:41:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-16 19:41:26 ----A---- C:\WINDOWS\setuplog.txt
2009-07-16 19:41:22 ----SHD---- C:\System Volume Information
2009-07-16 19:41:22 ----D---- C:\Documents and Settings
2009-07-16 19:40:42 ----SH---- C:\boot.ini
2009-07-16 19:35:06 ----RSD---- C:\WINDOWS\Fonts
2009-07-16 19:35:06 ----RD---- C:\WINDOWS\Web
2009-07-16 19:35:06 ----HD---- C:\WINDOWS\inf
2009-07-16 19:35:06 ----D---- C:\WINDOWS\WinSxS
2009-07-16 19:35:06 ----D---- C:\WINDOWS\twain_32
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\wins
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\wbem
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\usmt
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\spool
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\ShellExt
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\Setup
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\ras
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\PreInstall
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\oobe
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\npp
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\mui
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\inetsrv
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\IME
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\icsxml
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\ias
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\fr-fr
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\fr
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\export
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\drivers
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\dhcp
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\config
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\bits
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\3com_dmi
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\3076
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\2052
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1054
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1042
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1041
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1037
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1036
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1033
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1031
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1028
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32\1025
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system32
2009-07-16 19:35:06 ----D---- C:\WINDOWS\system
2009-07-16 19:35:06 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-16 19:35:06 ----D---- C:\WINDOWS\security
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Resources
2009-07-16 19:35:06 ----D---- C:\WINDOWS\repair
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Provisioning
2009-07-16 19:35:06 ----D---- C:\WINDOWS\PeerNet
2009-07-16 19:35:06 ----D---- C:\WINDOWS\pchealth
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Network Diagnostic
2009-07-16 19:35:06 ----D---- C:\WINDOWS\mui
2009-07-16 19:35:06 ----D---- C:\WINDOWS\msapps
2009-07-16 19:35:06 ----D---- C:\WINDOWS\msagent
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Media
2009-07-16 19:35:06 ----D---- C:\WINDOWS\l2schemas
2009-07-16 19:35:06 ----D---- C:\WINDOWS\java
2009-07-16 19:35:06 ----D---- C:\WINDOWS\ime
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Help
2009-07-16 19:35:06 ----D---- C:\WINDOWS\ehome
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Driver Cache
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Debug
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Cursors
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Connection Wizard
2009-07-16 19:35:06 ----D---- C:\WINDOWS\Config
2009-07-16 19:35:06 ----D---- C:\WINDOWS\AppPatch
2009-07-16 19:35:06 ----D---- C:\WINDOWS\addins
2009-07-16 19:35:06 ----D---- C:\WINDOWS
2009-07-16 18:30:38 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-07-16 18:28:21 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-07-16 18:27:48 ----A---- C:\WINDOWS\system32\NETw5r32.dll
2009-07-16 18:27:47 ----A---- C:\WINDOWS\system32\NETw5c32.dll
2009-07-16 18:26:16 ----D---- C:\Program Files\Broadcom
2009-07-16 18:25:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-07-16 18:25:36 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-07-16 18:25:19 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igxprd32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igldev32.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxtray.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxpers.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxext.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxexps.dll
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2009-07-16 18:23:14 ----A---- C:\WINDOWS\system32\hccutils.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\iglicd32.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxress.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxpph.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxdo.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxdev.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\igfxCoIn_v4859.dll
2009-07-16 18:23:13 ----A---- C:\WINDOWS\system32\hkcmd.exe
2009-07-16 18:23:12 ----D---- C:\WINDOWS\system32\Lang
2009-07-16 18:23:12 ----A---- C:\WINDOWS\system32\igxpun.exe
2009-07-16 18:23:12 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-07-16 18:22:38 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-07-16 18:22:37 ----D---- C:\Program Files\Intel
2009-07-16 18:22:37 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-07-16 18:22:22 ----D---- C:\Intel
2009-07-16 18:20:02 ----D---- C:\Program Files\NetWaiting
2009-07-16 18:20:00 ----D---- C:\Documents and Settings\User 7\Application Data\InstallShield
2009-07-16 18:19:57 ----D---- C:\Program Files\CONEXANT
2009-07-16 18:17:01 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-07-16 18:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-07-16 18:16:45 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-16 18:16:45 ----D---- C:\Program Files\Hewlett-Packard
2009-07-16 18:16:40 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-07-16 18:16:32 ----D---- C:\SWSetup
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2009-07-16 18:14:53 ----N---- C:\WINDOWS\system32\ImagX7.dll
2009-07-16 18:14:53 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2009-07-16 18:14:45 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2009-07-16 18:14:20 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-07-16 18:14:19 ----D---- C:\Program Files\Ahead
2009-07-16 18:12:31 ----D---- C:\Program Files\WinRar
2009-07-16 18:12:14 ----A---- C:\WINDOWS\system32\unrar.dll
2009-07-16 18:12:01 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-07-16 18:12:01 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-07-16 18:12:01 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-07-16 18:12:00 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-07-16 18:11:53 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-07-16 18:11:53 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-07-16 18:11:51 ----D---- C:\Program Files\K-Lite Codec Pack
2009-07-16 18:11:18 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-07-16 18:11:14 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-07-16 18:11:14 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-07-16 18:11:13 ----D---- C:\Program Files\Real
2009-07-16 18:11:13 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-07-16 18:11:13 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-07-16 18:11:13 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-07-16 18:11:11 ----D---- C:\Program Files\Fichiers communs\Real
2009-07-16 18:11:10 ----D---- C:\Documents and Settings\User 7\Application Data\Real
2009-07-16 18:10:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-07-16 18:10:17 ----D---- C:\Program Files\MSN Messenger
2009-07-16 18:09:25 ----D---- C:\Program Files\ESET
2009-07-16 18:09:25 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-07-16 18:09:07 ----A---- C:\WINDOWS\system32\javaws.exe
2009-07-16 18:09:07 ----A---- C:\WINDOWS\system32\javaw.exe
2009-07-16 18:09:07 ----A---- C:\WINDOWS\system32\java.exe
2009-07-16 18:08:48 ----D---- C:\Program Files\Java
2009-07-16 18:08:46 ----D---- C:\Program Files\Fichiers communs\Java
2009-07-16 18:08:42 ----D---- C:\Documents and Settings\User 7\Application Data\Sun
2009-07-16 18:08:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-07-16 18:07:59 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-07-16 18:07:59 ----D---- C:\Program Files\Adobe
2009-07-16 18:07:25 ----A---- C:\WINDOWS\ODBC.INI
2009-07-16 18:07:20 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-07-16 18:05:58 ----D---- C:\Program Files\Microsoft Visual Studio
2009-07-16 18:03:28 ----A---- C:\WPI_Log.txt
2009-07-16 17:54:14 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2009-07-16 17:54:14 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2009-07-16 17:54:14 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2009-07-16 17:54:13 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2009-07-16 17:54:12 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2009-07-16 17:54:11 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbda3.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbda2.dll
2009-07-16 17:54:09 ----RA---- C:\WINDOWS\system32\kbda1.dll
2009-07-16 17:54:09 ----A---- C:\WINDOWS\system32\kbdusa.dll
2009-07-16 17:54:06 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2009-07-16 17:54:01 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2009-07-16 17:54:01 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2009-07-16 17:53:15 ----D---- C:\Documents and Settings\User 7\Application Data\Identities
2009-07-16 17:53:12 ----HD---- C:\Program Files\Uninstall Information
2009-07-16 17:52:54 ----D---- C:\WINDOWS\DriverPacks
2009-07-16 17:52:46 ----N---- C:\Documents and Settings\User 7\Application Data\desktop.ini
2009-07-16 17:52:46 ----D---- C:\Documents and Settings\User 7\Application Data\Microsoft
2009-07-16 17:52:12 ----D---- C:\WINDOWS\Prefetch
2009-07-16 17:52:11 ----SD---- C:\WINDOWS\system32\Microsoft
2009-07-16 17:52:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-16 17:50:30 ----D---- C:\Program Files\MSXML 6.0
2009-07-16 17:50:20 ----D---- C:\Program Files\MSXML 4.0
2009-07-16 17:50:16 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-16 17:50:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-07-16 17:50:04 ----A---- C:\WINDOWS\control.ini
2009-07-16 17:50:04 ----A---- C:\AUTOEXEC.BAT
2009-07-16 17:49:56 ----A---- C:\WINDOWS\OEWABLog.txt
2009-07-16 17:49:54 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-07-16 17:49:53 ----D---- C:\WINDOWS\system32\dllcache
2009-07-16 17:49:09 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-07-16 17:49:06 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-07-16 17:49:02 ----HD---- C:\Program Files\WindowsUpdate
2009-07-16 17:49:01 ----D---- C:\Program Files\Services en ligne
2009-07-16 17:48:46 ----D---- C:\WINDOWS\system32\DirectX
2009-07-16 17:48:22 ----A---- C:\WINDOWS\system32\atrace.dll
2009-07-16 17:48:19 ----A---- C:\WINDOWS\system32\desktop.ini
2009-07-16 17:48:19 ----A---- C:\WINDOWS\desktop.ini
2009-07-16 17:48:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-07-16 17:48:10 ----A---- C:\WINDOWS\system32\acctres.dll
2009-07-16 17:48:09 ----D---- C:\Program Files\Fichiers communs\Services
2009-07-16 17:48:07 ----SD---- C:\WINDOWS\Tasks
2009-07-16 17:48:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-07-16 17:48:06 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-07-16 17:48:01 ----D---- C:\WINDOWS\srchasst
2009-07-16 17:48:00 ----D---- C:\WINDOWS\system32\Macromed
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-07-16 17:47:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wups.dll
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-07-16 17:47:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-07-16 17:47:55 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-07-16 17:47:50 ----D---- C:\Program Files\Movie Maker
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-07-16 17:47:46 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-07-16 17:47:41 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-07-16 17:47:41 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-07-16 17:47:40 ----D---- C:\WINDOWS\system32\Restore
2009-07-16 17:47:40 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-07-16 17:47:40 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-07-16 17:47:40 ----A---- C:\WINDOWS\system32\srclient.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-07-16 17:47:39 ----A---- C:\WINDOWS\system32\ils.dll
2009-07-16 17:47:38 ----A---- C:\WINDOWS\system32\msconf.dll
2009-07-16 17:47:36 ----D---- C:\Program Files\NetMeeting
2009-07-16 17:47:35 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-07-16 17:47:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-07-16 17:47:34 ----A---- C:\WINDOWS\system32\inetres.dll
2009-07-16 17:47:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-07-16 17:47:31 ----D---- C:\Program Files\Outlook Express
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\mstask.dll
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-07-16 17:47:31 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-07-16 17:47:30 ----A---- C:\WINDOWS\system32\isign32.dll
2009-07-16 17:47:30 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-07-16 17:47:24 ----D---- C:\Program Files\Fichiers communs\System
2009-07-16 17:46:53 ----D---- C:\Program Files\ComPlus Applications
2009-07-16 17:46:53 ----A---- C:\WINDOWS\vbaddin.ini
2009-07-16 17:46:53 ----A---- C:\WINDOWS\vb.ini
2009-07-16 17:46:51 ----D---- C:\WINDOWS\Registration
2009-07-16 17:46:49 ----D---- C:\Program Files\Online Services
2009-07-16 17:46:45 ----D---- C:\Program Files\Windows Media Connect 2
2009-07-16 17:46:44 ----D---- C:\Program Files\Windows Media Player
2009-07-16 17:46:44 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-07-16 17:46:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-16 17:46:43 ----D---- C:\WINDOWS\wbem
2009-07-16 17:46:43 ----D---- C:\WINDOWS\Offline Web Pages
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\winfxdocobj.exe
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-07-16 17:46:43 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-07-16 17:46:42 ----D---- C:\Program Files\Internet Explorer
2009-07-16 17:46:40 ----D---- C:\Program Files\Messenger
2009-07-16 17:46:36 ----D---- C:\Program Files\MSN Gaming Zone
2009-07-16 17:46:36 ----A---- C:\WINDOWS\system32\write.exe
2009-07-16 17:46:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\winchat.exe
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\hticons.dll
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\avwav.dll
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-07-16 17:46:27 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-07-16 17:46:20 ----A---- C:\WINDOWS\system32\getuname.dll
2009-07-16 17:46:20 ----A---- C:\WINDOWS\system32\charmap.exe
2009-07-16 17:46:20 ----A---- C:\WINDOWS\system32\calc.exe
2009-07-16 17:46:19 ----A---- C:\WINDOWS\system32\winmine.exe
2009-07-16 17:46:19 ----A---- C:\WINDOWS\system32\sol.exe
2009-07-16 17:46:19 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tskill.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\tscon.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\shadow.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\reset.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\regini.exe
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-07-16 17:46:18 ----A---- C:\WINDOWS\system32\freecell.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\msg.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\logoff.exe
2009-07-16 17:46:17 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-07-16 17:46:16 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-07-16 17:46:15 ----A---- C:\WINDOWS\system32\stclient.dll
2009-07-16 17:46:15 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-07-16 17:46:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-07-16 17:45:56 ----D---- C:\Program Files\MSN
2009-07-16 17:45:55 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-07-16 17:45:55 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-07-16 17:45:54 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-07-16 17:45:54 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-07-16 17:45:53 ----D---- C:\Program Files\Windows NT
2009-07-16 17:45:53 ----A---- C:\WINDOWS\system32\spider.exe
2009-07-16 17:45:53 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-07-16 17:45:53 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-07-16 17:45:52 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-07-16 17:45:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-07-16 17:45:52 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-07-16 17:45:51 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-07-16 17:45:50 ----D---- C:\WINDOWS\system32\MsDtc
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-07-16 17:45:50 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-07-16 17:45:49 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-07-16 17:45:48 ----D---- C:\WINDOWS\system32\Com
2009-07-16 17:45:48 ----A---- C:\WINDOWS\system32\colbact.dll
2009-07-16 17:45:48 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-07-16 17:45:48 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-07-16 17:45:47 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-07-16 17:45:47 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-07-16 17:45:47 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-07-16 17:45:46 ----A---- C:\WINDOWS\system32\comuid.dll
2009-07-16 17:45:46 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-07-16 17:45:39 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2009-07-26 02:07:34 ----A---- C:\WINDOWS\system.ini
2009-07-19 12:37:44 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-26 335752]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-26 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-25 108552]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-06-24 127497]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2007-02-12 625664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-20 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-20 209664]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-08 5776864]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-06-26 3630080]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-20 730112]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 catchme;catchme; \??\C:\DOCUME~1\USER7~1\LOCALS~1\Temp\catchme.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-07-23 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-07-23 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\USER7~1\LOCALS~1\Temp\mc21.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-26 298776]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
-----------------EOF-----------------
- Télécharge OTM (OldTimer) sur ton Bureau.
- Double-clique sur OTM.exe afin de le lancer.
- Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
|
- Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
- Clique maintenant sur le bouton MoveIt! puis ferme OTM.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
- Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Une fenetre Generic host Process for win32 vient de sortir encore! :s :s :s
Files moved on Reboot...
C:\WINDOWS\logfile32.txt moved successfully.
Registry entries deleted on Reboot...
Tu peux quand même faire la procédure.
J'ai du la refaire le pc s'est encore planté. voici le rapport:
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver mchInjDrv not found.
Service\Driver key mchInjDrv deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\%windir% not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\\Microsoft Driver Setup not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Universal Serial Bus device not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Driver Setup not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\logfile32.txt not found.
File/Folder C:\WINDOWS\msdrv32.exe not found.
File/Folder C:\WINDOWS\system32\Ms07.exe not found.
File/Folder C:\WINDOWS\usb_mgr.exe not found.
File/Folder C:\WINDOWS\system32\nigzss.txt not found.
File/Folder C:\WINDOWS\nigzss.txt not found.
File/Folder C:\WINDOWS\system32\Ms12.exe not found.
File/Folder C:\WINDOWS\loaderb.exe not found.
File/Folder C:\loadport.exe not found.
File/Folder C:\WINDOWS\usb_magr.exe not found.
File/Folder C:\WINDOWS\msudp32.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: User 7
->Temp folder emptied: 15268906 bytes
->Temporary Internet Files folder emptied: 1415734 bytes
->FireFox cache emptied: 32799420 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114013 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 49,24 mb
OTM by OldTimer - Version 3.0.0.5 log created on 07262009_030643
Files moved on Reboot...
Registry entries deleted on Reboot...
As-tu une archive dans C:\_OTM\MovedFiles\ ?
Si oui, envoie-la moi sur destrio5@free.fr
Oui, c'est fait.
Merci énormément pour tout le temps que tu m'as consacré! Merci pour ta disponibilité, pour ta rapidité et pour ta réactivité! 
Je laisse tout ce que j'ai installé?! ou je dois les supprimer et les désinstaller?
Merci encore une fois!
L'archive ne contient pas les fichiers infectés. Tant pis.
- Désinstalle Java 6 Update 5.
- Mets à jour Java.
- Mets à jour Adobe Reader.
- Refais un scan RSIT et poste le rapport log.
Je désintalle Java 6 update 5 d'où?! :$
Panneau de configuration > Ajout/Suppression de programmes.
C'est en cours! Merci encore une fois!
C'est fait! Je redémarre! 
Il y a 2995 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
