Espace disque diminuant de plus en plus
Forum Sécurité - Virus : Espace disque diminuant de plus en plus
pour le info.txt:
info.txt logfile of random's system information tool 1.06 2009-09-24 22:42:51
======Uninstall list======
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
abgx360 v1.0.1-->"C:\Program Files\abgx360\uninstall.exe"
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Alcohol 120% (Trial Version)-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Blindwrite suite-->"C:\Program Files\vso\blindwrite\unins000.exe"
BlueSoleil 3.0 Std Release-->MsiExec.exe /X{B174DCA1-D1AF-45B4-976D-87943E4C5957}
Browser Mouse-->C:\Program Files\Browser Mouse\Browser Mouse\1.1\unins005.EXE
BulletProofSoft Youtube Video Grabber 1.0.0.5-->"C:\Program Files\BulletProofSoft.com\Youtube Video Grabber\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESDX6000_CX5900 Guide util.-->C:\Program Files\EPSON\TPMANUAL\ESDX6000_CX5900\USE_G\DOCUNINS.EXE
Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
HijackThis 2.0.2-->"D:\DuriE\HijackThis.exe" /uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
MultiMedia Keyboard 1.1-->C:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\unins002.EXE
Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PSP WIFI Max-->"C:\Program Files\Datel\PSP WIFI Max\unins000.exe"
QuickSFV (Remove only)-->C:\Program Files\QuickSFV\QSFVUNST.EXE C:\Program Files\QuickSFV\
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
ROUTE 66 Safety Camera Update-->C:\Program Files\InstallShield Installation Information\{FB89456A-8EEE-4357-AAE1-1A5A46A974AD}\setup.exe -runfromtemp -l0x040c -removeonly
SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Installer 3.0 (KB884016)-->C:\WINDOWS\$MSI30UninstallMSI30-KB884016$\spuninst\spuninst.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows XP Hotfix (SP1) [See Q312370 for more information]-->C:\WINDOWS\$NtUninstallQ312370$\spuninst\spuninst.exe
Xilisoft YouTube Video Converter-->C:\Program Files\Xilisoft\YouTube Video Converter\Uninstall.exe
ZyDAS IEEE 802.11 b+g Wireless LAN - USB-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{581CE7EA-A30D-0000-1211-088635773309}\Setup.exe" -l0x9
======System event log======
Computer Name: S-3UAHKJIVUG6NN
Event Code: 26
Message: Application popup : : Machine Check:
Record Number: 4188
Source Name: Application Popup
Time Written: 20090727212952.000000+120
Event Type: Informations
User:
Computer Name: S-3UAHKJIVUG6NN
Event Code: 26
Message: Application popup : : Machine Check: Regs
Record Number: 4187
Source Name: Application Popup
Time Written: 20090727212952.000000+120
Event Type: Informations
User:
Computer Name: S-3UAHKJIVUG6NN
Event Code: 26
Message: Application popup : : Machine Check:
Record Number: 4186
Source Name: Application Popup
Time Written: 20090727212952.000000+120
Event Type: Informations
User:
Computer Name: S-3UAHKJIVUG6NN
Event Code: 26
Message: Application popup : : Machine Check: Regs
Record Number: 4185
Source Name: Application Popup
Time Written: 20090727212952.000000+120
Event Type: Informations
User:
Computer Name: S-3UAHKJIVUG6NN
Event Code: 26
Message: Application popup : : Machine Check:
Record Number: 4184
Source Name: Application Popup
Time Written: 20090727212952.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: S-3UAHKJIVUG6NN
Event Code: 1090
Message: Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.
Record Number: 683
Source Name: Userenv
Time Written: 20090511220750.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
Computer Name: S-3UAHKJIVUG6NN
Event Code: 1090
Message: Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.
Record Number: 682
Source Name: Userenv
Time Written: 20090511220336.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
Computer Name: S-3UAHKJIVUG6NN
Event Code: 1090
Message: Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.
Record Number: 681
Source Name: Userenv
Time Written: 20090511203334.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
Computer Name: S-3UAHKJIVUG6NN
Event Code: 1090
Message: Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.
Record Number: 680
Source Name: Userenv
Time Written: 20090511202050.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
Computer Name: S-3UAHKJIVUG6NN
Event Code: 1090
Message: Windows n'a pas pu enregistrer le statut de la session RSoP (Jeu de stratégies résultant). Une tentative de connexion à WMI a échoué. Aucun enregistrement RSoP, ne sera effectué pour cette application de stratégie.
Record Number: 679
Source Name: Userenv
Time Written: 20090511185552.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
pour le log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by slipknot at 2009-09-24 22:42:45
Microsoft Windows XP Professionnel
System drive C: has 45 MB (0%) free of 20 GB
Total RAM: 1791 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:48, on 24/09/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
C:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\KbdAp32A.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Vuze\Azureus.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\DuriE\RSIT.exe
D:\DuriE\slipknot.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\KbdAp32A.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_SA9.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - C:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/down [...] leId=29223
O17 - HKLM\System\CCS\Services\Tcpip\..\{484E44DF-7673-4AF4-8E84-9DFDC9665097}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{66513F57-CA50-4CB7-8E0C-D219C73199B7}: NameServer = 80.10.246.1 81.253.149.2
O20 - AppInit_DLLs: c:\windows\system32\leyahitu.dll c:\windows\system32\supohere.dll c:\windows\system32\gobazani.dll c:\windows\system32\yafukesi.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 6667 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-04-25 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-04-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-08-28 847900]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2002-10-25 4239360]
"nwiz"=nwiz.exe /install []
"LWBMOUSE"=C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE [2001-11-20 356352]
"LWBKEYBOARD"=C:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\KbdAp32A.exe [2002-04-02 371200]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]
"WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-04-25 148888]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-05-10 180269]
"EPSON Stylus DX6000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE [2006-02-13 131072]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
ZDWLan Utility.lnk - C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\leyahitu.dll c:\windows\system32\supohere.dll c:\windows\system32\gobazani.dll c:\windows\system32\yafukesi.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\System32\leyahitu.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-09-24 22:42:45 ----D---- C:\rsit
2009-09-24 17:36:31 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\Malwarebytes
2009-09-24 17:36:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-24 17:36:24 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-09-24 01:02:02 ----D---- C:\Program Files\CCleaner
2009-09-13 19:22:37 ----A---- C:\WINDOWS\System32\aswBoot.exe
2009-09-13 19:22:34 ----D---- C:\Program Files\Alwil Software
2009-09-13 19:15:35 ----D---- C:\WINDOWS\LastGood
2009-09-11 23:56:52 ----A---- C:\WINDOWS\System32\VB6STKIT.DLL
2009-09-11 23:33:28 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\Xilisoft Corporation
2009-09-08 19:02:54 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\InfraRecorder
2009-09-08 18:50:08 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\Macromedia
2009-09-08 18:45:52 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\Adobe
2009-09-08 18:45:34 ----SD---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\Microsoft
2009-09-08 18:45:33 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\Azureus
2009-09-08 03:48:18 ----D---- C:\Documents and Settings\slipknot.S-3UAHKJIVUG6NN\Application Data\WinRAR
======List of files/folders modified in the last 1 months======
2009-09-24 21:05:57 ----D---- C:\WINDOWS\Temp
2009-09-24 21:02:55 ----D---- C:\WINDOWS\Prefetch
2009-09-24 21:02:17 ----D---- C:\Program Files\Wanadoo
2009-09-24 21:01:49 ----D---- C:\WINDOWS
2009-09-24 21:01:46 ----D---- C:\WINDOWS\Debug
2009-09-24 21:01:34 ----D---- C:\WINDOWS\system32
2009-09-24 21:01:34 ----D---- C:\Program Files\S-3UAHKJIVUG6NN
2009-09-24 21:00:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-24 19:54:55 ----A---- C:\WINDOWS\winhelp.ini
2009-09-24 19:54:53 ----RD---- C:\Program Files
2009-09-24 17:36:26 ----D---- C:\WINDOWS\System32\drivers
2009-09-24 17:33:42 ----A---- C:\WINDOWS\winamp.ini
2009-09-24 01:27:42 ----SHD---- C:\WINDOWS\Installer
2009-09-24 01:27:42 ----D---- C:\WINDOWS\Help
2009-09-24 01:02:59 ----D---- C:\WINDOWS\Minidump
2009-09-23 19:10:13 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-22 18:06:40 ----D---- C:\Program Files\FlashFXP
2009-09-22 01:34:38 ----D---- C:\Nouveau dossier
2009-09-21 16:52:07 ----D---- C:\My Music
2009-09-18 18:55:07 ----D---- C:\Program Files\MegaLink
2009-09-17 22:20:50 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt
2009-09-17 22:20:50 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2009-09-15 17:44:21 ----D---- C:\WINDOWS\System32\config
2009-09-15 17:37:40 ----D---- C:\Program Files\Vuze
2009-09-13 21:06:02 ----D---- C:\WINDOWS\System32\CatRoot2
2009-09-13 19:15:37 ----HD---- C:\WINDOWS\inf
2009-09-08 21:08:04 ----D---- C:\Program Files\abgx360
2009-09-08 19:01:20 ----D---- C:\Documents and Settings
2009-09-08 18:28:58 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2009-08-17 51376]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-16 16512]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2009-08-17 94160]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-12-26 15440]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2009-08-17 23152]
R3 axvdkbus;axvdkbus; C:\WINDOWS\System32\DRIVERS\axvdkbus.sys [2003-02-25 8672]
R3 axvodka;axvodka; C:\WINDOWS\System32\DRIVERS\axvodka.sys [2003-03-10 102400]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [2006-11-22 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [2006-11-22 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [2006-11-22 18320]
R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\System32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-10-25 1177658]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-23 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2002-04-22 27648]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-28 5888]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-04-01 19072]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-04-01 51584]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2001-08-28 15616]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-28 21760]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys [2006-11-22 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-11-22 44304]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S2 EZUSB;Cypress General Purpose USB Driver (ezusb.sys); C:\WINDOWS\System32\Drivers\ezusb.sys [2003-04-04 12297]
S2 EZUSBDEV;Cypress General Purpose USB Driver w/ Keil Monitor (ezusb.sys); C:\WINDOWS\System32\Drivers\ezusb.sys [2003-04-04 12297]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2006-11-22 33936]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2001-08-17 16256]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2001-08-17 4992]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2001-08-17 83712]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2001-08-17 8064]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCANDIS5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2001-08-17 10752]
S3 Smport;Smport; \??\C:\WINDOWS\System32\Smport.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2001-08-17 14592]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-17 24960]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2001-08-17 24832]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2001-08-17 13824]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2001-08-17 18560]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys [2005-08-17 330240]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2006-11-30 117520]
R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-04-25 152984]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-10-25 65536]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
-----------------EOF-----------------
et voila jèspère que sa va taider. 
