infections multiples(resolu,merci egwene) - Page 2

voir m-p :-)

c est ça mon problème!! xp security center a remplacé mon centre de securité xp dans le panneau de configuration.j ai pas de probleme de pop up TANT ET AUSSI LONGTEMPS que je ne dois pas aller y voir quoi que ce soit.
des que je clic dessus,ya un bouclier rouge ayant un x blanc qui s installe dans ma barre des taches.
SI je clic dessus,il m emmène dans un faux centre de sécurité xp,(situé dans mon panneau de configuration)et la,tout semble normal mis a part l onglet ayant rapport a mon antivirus qui est rouge.
LA, si je clic ,je suis redirigé sur le lien en haut de page.

en bref, centre de securité xp est remplacé par windows security center.

en as-tu assé pour un diagnostic?

merci d aider frederix. j suis certain qu on va y arriver.

ok, j edite. merci.

bon,pas d problème.repose toi et moi j attendrai les directives. merci de prendre la relève.

ComboFix 08-08-11.01 - Mario Després 2008-08-19 9:06:02.7 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1505 [GMT -4:00]
Endroit: C:\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mario Després\Bureau\cfscript.txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\WINDOWS\ssconf2.bin
C:\WINDOWS\system32\_scui.cpl
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\ssconf2.bin
C:\WINDOWS\system32\_scui.cpl

.
((((((((((((((((((((((((((((( Fichiers créés 2008-07-19 to 2008-08-19 ))))))))))))))))))))))))))))))))))))
.

2008-08-19 06:15 . 2008-08-19 06:18 <REP> d-------- C:\Program Files\Hawaiian Explorer - Lost Island
2008-08-17 14:56 . 2008-08-17 14:56 <REP> d-------- C:\Program Files\Conduit
2008-08-17 14:55 . 2008-08-17 14:56 <REP> d-------- C:\Program Files\free-downloads.net
2008-08-15 20:23 . 2008-08-15 20:52 <REP> d-------- C:\Program Files\Wild West Quest
2008-08-13 08:53 . 2008-08-13 08:53 <REP> d-------- C:\Documents and Settings\antoine\Application Data\Skinux
2008-08-12 07:15 . 2008-08-12 07:15 2,710,613 --a------ C:\ComboFix.exe
2008-08-11 13:22 . 2008-08-11 13:30 <REP> d-------- C:\d3temp
2008-08-11 11:46 . 2008-08-11 11:46 <REP> d-------- C:\Documents and Settings\Mario Després\Application Data\Skinux
2008-08-10 06:41 . 2008-08-10 06:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Slapdash Games
2008-08-09 15:49 . 2008-08-09 15:49 230,776 --a------ C:\aswclear.exe
2008-08-07 20:41 . 2008-08-13 19:01 <REP> d-------- C:\WINDOWS\SmitfraudFix
2008-08-07 11:04 . 2008-08-07 11:04 <REP> d-------- C:\Program Files\Avira
2008-08-07 11:04 . 2008-08-07 11:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-06 22:06 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-06 22:06 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-06 07:38 . 2008-08-06 07:38 <REP> d-------- C:\Program Files\Sun
2008-08-05 07:04 . 2008-08-05 07:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TheRace_dev
2008-08-03 12:55 . 2008-08-03 12:55 <REP> d-------- C:\Documents and Settings\Mario Després\Application Data\Malwarebytes
2008-08-03 12:55 . 2008-08-03 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-03 11:44 . 2008-08-03 11:45 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-03 10:43 . 2008-08-03 10:43 <REP> d-------- C:\Program Files\Trend Micro
2008-08-02 21:19 . 2008-08-02 21:19 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-02 21:14 . 2008-08-02 21:17 15,083,520 --a------ C:\spybotsd160.exe
2008-08-02 15:58 . 2008-08-02 15:58 <REP> d-------- C:\Documents and Settings\marie josée\Application Data\Skinux
2008-08-02 13:13 . 2008-08-02 13:48 <REP> d-------- C:\Program Files\Fichiers communs\Kodak
2008-08-02 13:06 . 2008-08-02 14:01 <REP> d-------- C:\Program Files\Kodak
2008-08-02 08:10 . 2008-08-02 08:12 <REP> d-------- C:\Program Files\Cactus Bruce and the Corporate Monkeys
2008-08-02 08:03 . 2008-08-02 08:03 <REP> d-------- C:\Program Files\Nemo's Aquarium 3D
2008-08-02 08:03 . 2004-01-30 15:31 3,594,576 --a------ C:\WINDOWS\Nemo's Aquarium 3D Anemonen-Feld.scr
2008-08-02 08:03 . 2004-01-30 15:31 3,494,207 --a------ C:\WINDOWS\Nemo's Aquarium 3D Korallenriff.scr
2008-08-01 20:33 . 2008-08-04 12:20 <REP> d-------- C:\Program Files\The Mystery Of The Crystal Portal
2008-07-30 08:53 . 2008-07-30 08:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\The Revills Games
2008-07-22 09:43 . 2008-07-22 09:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Media Art
2008-07-19 06:33 . 2008-07-19 06:33 <REP> d-------- C:\Documents and Settings\marie josée\Application Data\Gold Casual Games
2008-07-19 06:33 . 2008-07-19 06:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Gold Casual Games

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-19 13:09 --------- d-----w C:\Program Files\Eye On Network
2008-08-19 13:01 --------- d-----w C:\Program Files\X-masTree
2008-08-19 10:18 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-18 16:18 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\uTorrent
2008-08-17 22:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-17 19:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-15 15:45 --------- d-----w C:\Program Files\GameHouse
2008-08-15 15:45 --------- d-----w C:\Program Files\GameFiesta
2008-08-13 13:51 --------- d-----w C:\Program Files\iWin.com
2008-08-11 15:40 3,870 ----a-w C:\WINDOWS\system32\tmp.reg
2008-08-09 23:27 --------- d-----w C:\Program Files\Zylom Games
2008-08-09 13:25 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Zylom
2008-08-07 15:38 --------- d-----w C:\Program Files\iWin Games
2008-08-06 14:19 --------- d-----w C:\Program Files\Java
2008-08-06 11:45 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-08-05 19:40 --------- d-----w C:\Program Files\Blood Ties
2008-08-04 17:23 --------- d-----w C:\Program Files\Unicorn Castle
2008-08-02 17:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kodak
2008-07-23 17:41 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-07-22 10:51 --------- d-----w C:\Program Files\SuperMarioPac
2008-07-20 00:33 --------- d-----w C:\Documents and Settings\marie josée\Application Data\ForgottenRiddles2
2008-07-15 18:43 --------- d-----w C:\Program Files\RealArcade
2008-07-15 18:42 --------- d-----w C:\Program Files\Oberon Media
2008-07-14 20:05 --------- d-----w C:\Documents and Settings\marie josée\Application Data\EnchantedCavern
2008-07-13 16:49 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\LimeWire
2008-07-12 12:46 --------- d-----w C:\Program Files\Lavasoft
2008-07-12 12:44 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\Lavasoft
2008-07-12 12:42 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-12 12:00 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\AlauxSoft
2008-07-08 22:42 --------- d-----w C:\Program Files\The Pini Society
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-04 12:29 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\Meridian93
2008-07-04 11:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Arkadium
2008-07-02 13:08 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Meridian93
2008-07-02 10:37 --------- d-----w C:\Program Files\Turtix Rescue Adventure
2008-07-01 14:12 --------- d-----w C:\Program Files\Turtix 2 - Rescue Adventures
2008-06-28 14:13 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Ancient Quest of Saqqarah__bfg
2008-06-28 01:21 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Reflexive
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 01:49 --------- d-----w C:\Program Files\The Lost Cases Of Sherlock Holmes
2008-06-20 01:35 --------- d-----w C:\Documents and Settings\marie josée\Application Data\MysteryStudio
2008-06-19 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\SpinTop Games
2008-06-19 00:49 --------- d-----w C:\Documents and Settings\marie josée\Application Data\BigFish
2008-06-19 00:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFish
2008-03-21 07:05 7,407,104 ----a-w C:\Program Files\Limewire PRO 4.17.5.EXE
2008-03-01 12:30 0 ----a-w C:\Program Files\temp01
2007-10-29 15:29 7,467,056 ----a-w C:\Program Files\spybotsd15.exe
2007-01-09 02:14 4,049,311 ----a-w C:\Program Files\liveupdate.exe
2006-12-05 02:07 497 ----a-w C:\Program Files\Raccourci vers lumieres.lnk
2006-12-05 01:58 9,440 ----a-w C:\Program Files\lumieres.zip
2006-11-29 02:35 817 -c--a-w C:\Program Files\recoil.err
2006-08-28 23:39 983,745 ----a-w C:\Program Files\PowerpointImageExtractor.zip
2006-03-07 03:07 31,944 ----a-w C:\Program Files\Uninst.isu
2006-02-03 16:53 243,512 ----a-w C:\Program Files\jre-1_5_0_06-windows-i586-p-iftw.exe
2005-10-29 02:45 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2004-03-11 17:27 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
1999-10-06 21:40 1,765,376 ------w C:\Documents and Settings\Mario Després\SETUPENU.DLL
1999-10-06 21:40 1,765,376 ------w C:\Documents and Settings\Mario Després\SETUPENU.DLL
1999-01-12 21:19 75,776 ----a-w C:\Program Files\messages.dll
1998-11-06 19:50 57,344 ----a-w C:\Program Files\Uninst.dll
1998-11-04 16:41 201,216 ----a-w C:\Program Files\a3dapi.dll
1997-10-09 20:54 30,720 ----a-w C:\Program Files\regsvr32.exe
2008-03-31 16:12 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
2007-10-01 18:17 1,199,508 --sha-w C:\WINDOWS\system32\wbem\mof\good\mirc.exe
2008-03-13 12:08 172 --sha-w C:\WINDOWS\system32\wbem\mof\good\start.bat
2007-09-23 19:05 147 --sha-w C:\WINDOWS\system32\wbem\mof\good\start.reg
2008-03-12 14:56 107 --sha-w C:\WINDOWS\system32\wbem\mof\good\winhelp.vbe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\_detmp.1 -- Not a PE file.
MD5: 814ae959c53770f8e10b763da90da6d8

C:\WINDOWS\_detmp.2 -- Unable to find file version info.
MD5: 4a4718e2b4d65c0e6e93a066d55d449c

---- Directory of C:\d3temp ----

2008-08-11 13:22 176218 --a------ C:\d3temp\bubles-804.wav

Re,

Le rapport de Combofix était incomplet, peux-tu me le poster stp ?

Et j'ai oublié un fichier à supprimer.

Téléchargez ATF Cleaner sur votre Bureau.

• Faites un double clic sur ATF-Cleaner.exe pour lancer le programme.
• Cliquez sur Select All situé en bas de la liste.
• Cliquez sur le bouton Empty Selected.

Si vous utilisez le navigateur Firefox, faites aussi ceci :

• Cliquez sur Firefox en haut et choisissez Select All dans la liste.
• Cliquez sur le bouton Empty Selected.
• NOTE : Si vous désirez conserver vos mots de passe enregistrés, cliquez sur No dans le message d'avertissement.

Si vous utilisez le navigateur Opera, faites aussi ceci :

• Cliquez sur Opera en haut et choisissez Select All dans la liste.
• Fermez TOUS les navigateurs Internet (très important).
• Cliquez sur le bouton Empty Selected.
• NOTE : Si vous désirez conserver vos mots de passe enregistrés, cliquez sur No dans le message d'avertissement.

Cliquez sur Exit dans le menu principal pour fermer le programme.

Et ensuite redémarre le PC et poste-moi un nouveau rapports HijackThis.

Et dis-moi où tu en es de tes problèmes.

et voila le dernier hijachthis.merci.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:42, on 2008-08-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eye On Network\Eye On Network.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\DOCUME~1\MARIOD~1\LOCALS~1\Temp\bwgo0000e762.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Eye On Network] C:\Program Files\Eye On Network\Eye On Network.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///CProgram%20Files/Hawaiian%20Explorer%20-%20Lost%20Island/Images/stg_drm.ocx
O16 - DPF: {255B1372-180C-4A22-A02D-1D4AB65F6AC2} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} -
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/control [...] oader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5274281718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) -
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///CProgram%20Files/Little%20Shop%20-%20Road%20Trip/Images/armhelper.ocx
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by108fd.bay108.hotmail.msn. [...] Atchmt.ocx
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9496 bytes

ComboFix 08-08-19.02 - Mario Després 2008-08-20 13:33:52.11 - NTFSx86
Endroit: C:\Documents and Settings\Mario Després\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mario Després\Bureau\cfscript.txt

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\DOCUME~1\MARIOD~1\LOCALS~1\temp\bwgo000251ee.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\d3temp
C:\d3temp\bubles-804.wav
.
---- Previous Run -------
.
C:\WINDOWS\jestertb.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AVFLT
-------\Legacy_BLACK
-------\Legacy_BOONTY_GAMES
-------\Legacy_FADPU16E
-------\Legacy_NVTVSND
-------\Legacy_SIWIO
-------\Service_AvFlt
-------\Service_black
-------\Service_Boonty Games
-------\Service_Fadpu16E
-------\Service_nvtvSND
-------\Service_SIWIO


((((((((((((((((((((((((((((( Fichiers créés 2008-07-20 to 2008-08-20 ))))))))))))))))))))))))))))))))))))
.

2008-08-19 06:15 . 2008-08-19 06:18 <REP> d-------- C:\Program Files\Hawaiian Explorer - Lost Island
2008-08-17 14:56 . 2008-08-17 14:56 <REP> d-------- C:\Program Files\Conduit
2008-08-17 14:55 . 2008-08-17 14:56 <REP> d-------- C:\Program Files\free-downloads.net
2008-08-15 20:23 . 2008-08-15 20:52 <REP> d-------- C:\Program Files\Wild West Quest
2008-08-13 08:53 . 2008-08-13 08:53 <REP> d-------- C:\Documents and Settings\antoine\Application Data\Skinux
2008-08-11 11:46 . 2008-08-11 11:46 <REP> d-------- C:\Documents and Settings\Mario Després\Application Data\Skinux
2008-08-10 06:41 . 2008-08-10 06:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Slapdash Games
2008-08-09 15:49 . 2008-08-09 15:49 230,776 --a------ C:\aswclear.exe
2008-08-07 20:41 . 2008-08-13 19:01 <REP> d-------- C:\WINDOWS\SmitfraudFix
2008-08-07 11:04 . 2008-08-07 11:04 <REP> d-------- C:\Program Files\Avira
2008-08-07 11:04 . 2008-08-07 11:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-06 22:06 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-06 22:06 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-06 07:38 . 2008-08-06 07:38 <REP> d-------- C:\Program Files\Sun
2008-08-05 07:04 . 2008-08-05 07:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TheRace_dev
2008-08-03 12:55 . 2008-08-03 12:55 <REP> d-------- C:\Documents and Settings\Mario Després\Application Data\Malwarebytes
2008-08-03 12:55 . 2008-08-03 12:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-03 11:44 . 2008-08-03 11:45 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-03 10:43 . 2008-08-03 10:43 <REP> d-------- C:\Program Files\Trend Micro
2008-08-02 21:19 . 2008-08-02 21:19 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-02 21:14 . 2008-08-02 21:17 15,083,520 --a------ C:\spybotsd160.exe
2008-08-02 15:58 . 2008-08-02 15:58 <REP> d-------- C:\Documents and Settings\marie josée\Application Data\Skinux
2008-08-02 13:13 . 2008-08-02 13:48 <REP> d-------- C:\Program Files\Fichiers communs\Kodak
2008-08-02 13:06 . 2008-08-02 14:01 <REP> d-------- C:\Program Files\Kodak
2008-08-02 08:10 . 2008-08-02 08:12 <REP> d-------- C:\Program Files\Cactus Bruce and the Corporate Monkeys
2008-08-02 08:03 . 2008-08-02 08:03 <REP> d-------- C:\Program Files\Nemo's Aquarium 3D
2008-08-02 08:03 . 2004-01-30 15:31 3,594,576 --a------ C:\WINDOWS\Nemo's Aquarium 3D Anemonen-Feld.scr
2008-08-02 08:03 . 2004-01-30 15:31 3,494,207 --a------ C:\WINDOWS\Nemo's Aquarium 3D Korallenriff.scr
2008-08-01 20:33 . 2008-08-04 12:20 <REP> d-------- C:\Program Files\The Mystery Of The Crystal Portal
2008-07-30 08:53 . 2008-07-30 08:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\The Revills Games
2008-07-22 09:43 . 2008-07-22 09:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Media Art

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-20 17:37 --------- d-----w C:\Program Files\Eye On Network
2008-08-20 17:16 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\uTorrent
2008-08-19 13:01 --------- d-----w C:\Program Files\X-masTree
2008-08-19 10:18 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-17 22:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-17 19:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-15 15:45 --------- d-----w C:\Program Files\GameHouse
2008-08-15 15:45 --------- d-----w C:\Program Files\GameFiesta
2008-08-13 13:51 --------- d-----w C:\Program Files\iWin.com
2008-08-11 15:40 3,870 ----a-w C:\WINDOWS\system32\tmp.reg
2008-08-09 23:27 --------- d-----w C:\Program Files\Zylom Games
2008-08-09 13:25 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Zylom
2008-08-07 15:38 --------- d-----w C:\Program Files\iWin Games
2008-08-06 14:19 --------- d-----w C:\Program Files\Java
2008-08-06 11:45 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-08-05 19:40 --------- d-----w C:\Program Files\Blood Ties
2008-08-04 17:23 --------- d-----w C:\Program Files\Unicorn Castle
2008-08-02 17:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kodak
2008-07-23 17:41 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-07-22 10:51 --------- d-----w C:\Program Files\SuperMarioPac
2008-07-20 00:33 --------- d-----w C:\Documents and Settings\marie josée\Application Data\ForgottenRiddles2
2008-07-19 10:33 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Gold Casual Games
2008-07-19 10:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Gold Casual Games
2008-07-15 18:43 --------- d-----w C:\Program Files\RealArcade
2008-07-15 18:42 --------- d-----w C:\Program Files\Oberon Media
2008-07-14 20:05 --------- d-----w C:\Documents and Settings\marie josée\Application Data\EnchantedCavern
2008-07-13 16:49 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\LimeWire
2008-07-12 12:46 --------- d-----w C:\Program Files\Lavasoft
2008-07-12 12:44 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\Lavasoft
2008-07-12 12:42 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-12 12:00 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\AlauxSoft
2008-07-08 22:42 --------- d-----w C:\Program Files\The Pini Society
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-04 12:29 --------- d-----w C:\Documents and Settings\Mario Després\Application Data\Meridian93
2008-07-04 11:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Arkadium
2008-07-02 13:08 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Meridian93
2008-07-02 10:37 --------- d-----w C:\Program Files\Turtix Rescue Adventure
2008-07-01 14:12 --------- d-----w C:\Program Files\Turtix 2 - Rescue Adventures
2008-06-28 14:13 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Ancient Quest of Saqqarah__bfg
2008-06-28 01:21 --------- d-----w C:\Documents and Settings\marie josée\Application Data\Reflexive
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 01:49 --------- d-----w C:\Program Files\The Lost Cases Of Sherlock Holmes
2008-06-20 01:35 --------- d-----w C:\Documents and Settings\marie josée\Application Data\MysteryStudio
2008-03-21 07:05 7,407,104 ----a-w C:\Program Files\Limewire PRO 4.17.5.EXE
2008-03-01 12:30 0 ----a-w C:\Program Files\temp01
2007-10-29 15:29 7,467,056 ----a-w C:\Program Files\spybotsd15.exe
2007-01-09 02:14 4,049,311 ----a-w C:\Program Files\liveupdate.exe
2006-12-05 02:07 497 ----a-w C:\Program Files\Raccourci vers lumieres.lnk
2006-12-05 01:58 9,440 ----a-w C:\Program Files\lumieres.zip
2006-11-29 02:35 817 -c--a-w C:\Program Files\recoil.err
2006-08-28 23:39 983,745 ----a-w C:\Program Files\PowerpointImageExtractor.zip
2006-03-07 03:07 31,944 ----a-w C:\Program Files\Uninst.isu
2006-02-03 16:53 243,512 ----a-w C:\Program Files\jre-1_5_0_06-windows-i586-p-iftw.exe
2005-10-29 02:45 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2004-03-11 17:27 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
1999-10-06 21:40 1,765,376 ------w C:\Documents and Settings\Mario Després\SETUPENU.DLL
1999-10-06 21:40 1,765,376 ------w C:\Documents and Settings\Mario Després\SETUPENU.DLL
1999-01-12 21:19 75,776 ----a-w C:\Program Files\messages.dll
1998-11-06 19:50 57,344 ----a-w C:\Program Files\Uninst.dll
1998-11-04 16:41 201,216 ----a-w C:\Program Files\a3dapi.dll
1997-10-09 20:54 30,720 ----a-w C:\Program Files\regsvr32.exe
2008-03-31 16:12 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
2007-10-01 18:17 1,199,508 --sha-w C:\WINDOWS\system32\wbem\mof\good\mirc.exe
2008-03-13 12:08 172 --sha-w C:\WINDOWS\system32\wbem\mof\good\start.bat
2007-09-23 19:05 147 --sha-w C:\WINDOWS\system32\wbem\mof\good\start.reg
2008-03-12 14:56 107 --sha-w C:\WINDOWS\system32\wbem\mof\good\winhelp.vbe
.

((((((((((((((((((((((((((((( snapshot_2008-08-19_19.12.05.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-08-18 19:40:39 147,608 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-08-20 17:24:38 147,608 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "C:\Program Files\free-downloads.net\tbfree.dll" [2008-02-14 14:54 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 14:54 1555480 --a------ C:\Program Files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "C:\Program Files\free-downloads.net\tbfree.dll" [2008-02-14 14:54 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "C:\Program Files\free-downloads.net\tbfree.dll" [2008-02-14 14:54 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 08:00 15360]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-03-14 07:55 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43 8466432]
"Eye On Network"="C:\Program Files\Eye On Network\Eye On Network.exe" [2003-09-13 13:47 1553920]
"DiscWizardMonitor.exe"="C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2007-08-21 11:15 1192336]
"AcronisTimounterMonitor"="C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe" [2007-08-21 11:17 1966128]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe" [2007-08-20 19:20 148760]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 17:35 32768]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43 81920]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37 217088]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47 458752]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12 49152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-11-11 15:07 90112 C:\WINDOWS\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 08:00 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
CoreCenter.lnk - C:\Program Files\MSI\Core Center\CoreCenter.exe [2007-07-02 17:56:45 840704]
Kodak software updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]
Logiciel Kodak EasyShare.lnk - F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-05-10 07:15:28 282624]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"msacm.g723"= g723.acm
"vidc.I263"= I263_32.drv
"vidc.MJPG"= m3jpeg32.dll
"vidc.dmb1"= m3jpeg32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlackICE PC Protection.lnk]
backup=C:\WINDOWS\pss\BlackICE PC Protection.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Kodak software updater.lnk]
backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mario Després^Menu Démarrer^Programmes^Démarrage^Enregistrement d'un produit Joint Operations Typhoon Rising.lnk]
backup=C:\WINDOWS\pss\Enregistrement d'un produit Joint Operations Typhoon Rising.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDSwitchAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGateway
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Sierra\\FEAR\\FEAR.exe"=
"C:\\Program Files\\Sierra\\FEAR\\fpupdate.exe"=
"C:\\Program Files\\ASUS\\ASUS GameFace Live\\GameFace.exe"=
"C:\\Program Files\\Powerboat GT\\Run.exe"=
"F:\\carbon\\NFSC.exe"=
"F:\\xpandrally.exe"=
"F:\\Program Files\\Supreme Commander\\bin\\SupremeCommander.exe"=
"F:\\Program Files\\GPGNet\\GPG.Multiplayer.Client.exe"=
"E:\\mc2.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"F:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50171:TCP"= 50171:TCP:utorrent

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 08:46]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 11:11]
R0 vIdeBus;vIdeBus;C:\WINDOWS\system32\DRIVERS\vIdeBus.sys [2007-06-25 15:12]
R0 vIdePort;VIA IDE Controller PORT Driver;C:\WINDOWS\system32\DRIVERS\vIdePort.sys [2007-06-25 15:12]
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-06-25 14:45]
R3 PCAlertDriver;PCAlertDriver;C:\Program Files\MSI\Core Center\NTGLM7X.sys [2004-11-16 09:27]
R3 RushTopDevice;RushTopDevice;C:\Program Files\MSI\Core Center\RushTop.sys [2004-11-16 11:54]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [2004-07-06 19:56]
S3 atidgllk;atidgllk;C:\Program Files\ASUS\SmartDoctor\atidgllk.sys [2004-06-16 14:34]
S3 RapFile;RapFile;C:\WINDOWS\system32\drivers\RapFile.sys [2003-02-25 19:26]
S3 RapNet;RapNet;C:\WINDOWS\system32\drivers\RapNet.sys [2003-02-25 19:26]
S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;C:\WINDOWS\system32\drivers\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5fc3fa98-f418-11dc-80ff-00110903e472}]
\Shell\AutoRun\command - G:\autorun.exe

*Newly Created Service* - PCALERTDRIVER
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

2008-08-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]

2008-08-02 C:\WINDOWS\Tasks\EasyShare Registration Task.job
- C:\WINDOWS\system32\rundll32.exe [2004-08-05 08:00]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-20 13:40:43
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\DOCUME~1\MARIOD~1\LOCALS~1\temp\bwgo00030706.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-20 13:48:41 - machine was rebooted [Mario Després]
ComboFix-quarantined-files.txt 2008-08-20 17:48:37
ComboFix2.txt 2008-08-19 23:12:29

Pre-Run: 1,737,019,392 octets libres
Post-Run: 1,718,894,592 octets libres

289 --- E O F --- 2008-08-14 10:53:04

Re,

Ouvre le gestionnaire des tâches, ( Ctrl + Alt + Suppr ), onglet processus et stoppe toutes les occurrences du processus suivant :

C:\DOCUME~1\MARIOD~1\LOCALS~1\temp\bwgo00030706.exe

Ensuite :

[~]Aller dans poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
[~]Aller dans poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK
Tu recocheras après.

[~] Poste de travail/outils/option des dossiers/affichage/décocher masquer les extensions dont le type est connu./Appliquer - - > OK

Puis supprime le fichier suivant en gras manuellement : ( clic droit, supprimer )

C:\DOCUME~1\MARIOD~1\LOCALS~1\temp\bwgo00030706.exe

Redémarre le PC et poste un nouveau rapport HijackThis.

Puis supprime le fichier suivant en gras manuellement : ( clic droit, supprimer )

C:\DOCUME~1\MARIOD~1\LOCALS~1\temp\bwgo00030706.exe

supprimé a partir du gestionnaire des taches puis a partir d une recherche de dossier.est-ce ok comme ca?

c est bon. j crois avoir tout supprimé.

que fait-on maintenant?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:17, on 2008-08-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eye On Network\Eye On Network.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\DOCUME~1\MARIOD~1\LOCALS~1\Temp\bwgo038b809e.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Eye On Network] C:\Program Files\Eye On Network\Eye On Network.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-436374069-1960408961-839522115-1007\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'marie josée')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: (PopUpCop) Allow images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/allowimages
O8 - Extra context menu item: (PopUpCop) Block images... - res://C:\PROGRA~1\PopUpCop\PopUpCop.dll/blockimages
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///CProgram%20Files/Hawaiian%20Explorer%20-%20Lost%20Island/Images/stg_drm.ocx
O16 - DPF: {255B1372-180C-4A22-A02D-1D4AB65F6AC2} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} -
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/control [...] oader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5274281718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) -
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///CProgram%20Files/Little%20Shop%20-%20Road%20Trip/Images/armhelper.ocx
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by108fd.bay108.hotmail.msn. [...] Atchmt.ocx
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9910 bytes

ouaou!!! nouvelle manip pour moi... j aime`,-}

a+ ma puce(façon de parler)loll

Re,

1) On va maintenant devoir modifier le registre. Modifier le registre peut se révéler être très dangereux, c'est pourquoi nous allons créer une sauvegarde du registre avant d'effectuer nos modifications. Ainsi, en cas de souci, il n'y aura qu'à restaurer.

Merci de procéder EXACTEMENT comme décrit ci-dessous :

Télécharge ERUNT
( ERUNT = Emergency Recovery Utility NT, c'est un programme gratuit qui te permet de conserver une sauvegarde complète de ta base de registre et de la restaurer quand cela s'avère nécessaire )

• Installe ERUNT en suivant les instructions suivantes

( suis les directives d'installation par défaut, mais dis non quand on te demande d'ajouter ERUNT au startup folder ( dossier start up ), d'autant plus que si tu le souhaites tu pourras ajouter cette option ultérieurement )

• Lance ERUNT ( soit en double-cliquant sur l'icône présente sur ton bureau soit en choisissant de lancer le programme en fin d'installation )
• Choisis un emplacement pour la sauvegarde ( l'emplacement par défaut est : C:\WINDOWS\ERDNT ce qui est acceptable ).
• Assure-toi que les deux premières cases suivantes soient bien cochées !!!
• Clique sur OK
• Clique sur YES pour créer le dossier de sauvegarde.

2) Désactive toutes tes protections résidentes ( antivirus, etc. ) !

Ouvrez le dossier OTScanIt et faites un double clic sur OTScanIt.exe pour lancer le programme (si vous êtes sous Windows Vista, faites un clic droit sur le programme et choisissez Exécuter en tant qu'Administrateur).

Faites un copier/coller des informations de la zone Code ci-dessous dans la zone de saisie intitulée "Paste fix here" puis cliquez sur le bouton Run Fix.

L'exécution devrait être très rapide. Lorsque la correction est terminée, soit vous verrez un message vous annonçant que c'est fini (finished), soit vous serez invité à faire redémarrer le PC pour terminer l'exécution. Si c'est fini, cliquez sur le bouton Ok et le Bloc-notes va s'ouvrir pour afficher un rapport de toutes les actions réalisées. Envoyez ces informations en réponse.

Si un redémarrage est nécessaire, cliquez sur le bouton "Yes" pour faire redémarrer la machine. Après ce redémarrage, OTScanIt va finir de déplacer les fichiers qui ne pouvaient pas l'être précédemment, puis le Bloc-notes va s'ouvrir et afficher à ce moment-là les résultats finaux. Envoyez ces informations en réponse.

Re,

Hum... Oui ça s'annonce bien

Peux-tu refaire un scan avec OtscanIT et m'uploader ce nouveau rapport sur mediafire ?

Sinon où en es-tu de tes problèmes ?

Re,

Oui.

et voila.

http://www.mediafire.com/?sharekey [...] d8b3564dfb

Re,

Le rapport n'est pas net, mais on verra ça par la suite. On va reprendre depuis le début.

D'abord j'aimerais que tu fasses la manip' ci-dessous si tu as ton CD de windows :

On va effectuer une réparation du système. Pour cela procède comme suit :

• Insère ton CD de windows dans ton lecteur ( il faut que le CD corresponde à ta version de windows ).
• Ferme toutes les programmes, fenêtres et applications en cours.
• Déconnecte-toi d'internet.
• Menu démarrer > exécuter.
• Dans la fenêtre qui apparaît, tape : sfc /scannow puis valide par entrée.
• Le PC va travailler, laisse-le tourner, cela peut prendre un bon moment.
• Reviens me dire quand cela est fait.

Si tu as le message d'erreur je suis preneur, puisqu'il concerne des fichiers que je cherche à supprimer

Poste aussi un nouveau rapport HijackThis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:32:40, on 2008-08-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eye On Network\Eye On Network.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\MSI\Core Center\CoreCenter.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\MARIOD~1\LOCALS~1\Temp\bwgo0065ca0b.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/defaultf.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Eye On Network] C:\Program Files\Eye On Network\Eye On Network.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-436374069-1960408961-839522115-1007\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'marie josée')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///CProgram%20Files/Hawaiian%20Explorer%20-%20Lost%20Island/Images/stg_drm.ocx
O16 - DPF: {255B1372-180C-4A22-A02D-1D4AB65F6AC2} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} -
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/control [...] oader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 5274281718
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) -
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///CProgram%20Files/Little%20Shop%20-%20Road%20Trip/Images/armhelper.ocx
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by108fd.bay108.hotmail.msn. [...] Atchmt.ocx
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 9410 bytes

bien sur que j suis la!!!! je n abandonne jamais. c est quand tu veux :-)
tu as eu le temps d analyser le dernier rapport?
le fichier bfg...big fish game.

Re,

Bon, pour tes problèmes de centre de sécurité disparu, je n'ai pas trop d'idées, mais je vais chercher. Ton rapport est plutôt bon, à part une série de fichiers vraiment bizarres qui semblent ne pas vouloir dégager

On va procéder ainsi :

!!! Pense à désactiver tes protections résidentes avant de faire les manip' ci-dessous !!! ( antivirus, anti-spyware etc. )

1) Ouvrez le dossier OTScanIt et faites un double clic sur OTScanIt.exe pour lancer le programme (si vous êtes sous Windows Vista, faites un clic droit sur le programme et choisissez Exécuter en tant qu'Administrateur).

Faites un copier/coller des informations de la zone Code ci-dessous dans la zone de saisie intitulée "Paste fix here" puis cliquez sur le bouton Run Fix.

N.B : Le bureau va disparaît c'est normal. De même l'ordinateur va redémarrer tout seul, c'est normal et attendu.

Si un redémarrage est nécessaire, cliquez sur le bouton "Yes" pour faire redémarrer la machine. Après ce redémarrage, OTScanIt va finir de déplacer les fichiers qui ne pouvaient pas l'être précédemment, puis le Bloc-notes va s'ouvrir et afficher à ce moment-là les résultats finaux. Envoyez ces informations en réponse.

2) Télécharge OTViewIt et sauvegarde-le sur ton bureau.

• Ferme toutes les fenêtres et double-clique sur l'icône d'OTviewIT pour l'ouvrir.
• Clique sur le bouton Run Scan et laisse le programme travailler sans l'interrompre.
• Il va produire deux rapports, l'un nommé OTViewIt.txt, et un autre nommé Extras qui sera sauvegardé sur ton bureau. Merci de me poster les deux rapports dans ta prochaine réponse.
• Un rapport par message ! Merci. Ils sont longs alors veille à me les poster en entier

OTViewIt logfile created on: 2008-08-29 08:53:26 - Run 1
OTViewIt by OldTimer - Version 1.0.1.0 Folder = C:\Documents and Settings\Mario Després\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.58% Memory free
2.60 Gb Paging File | 2.26 Gb Available in Paging File | 86.87% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 46.89 Gb Total Space | 1.76 Gb Free Space | 3.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 27.64 Gb Total Space | 18.82 Gb Free Space | 68.08% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 121.70 Gb Free Space | 81.66% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARIO-884D96CE1
Current User Name: Mario Després
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[07-20-2004 02:15 PM | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) - C:\WINDOWS\ATKKBService.exe
[09-13-2003 01:47 PM | 01,553,920 | ---- | M] () - C:\Program Files\Eye On Network\Eye On Network.exe
[08-21-2007 11:15 AM | 01,192,336 | ---- | M] (Seagate) - C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
[12-08-2003 05:35 PM | 00,032,768 | ---- | M] (Cyberlink Corp.) - C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
[10-08-2004 11:52 AM | 00,221,184 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\LVCOMSX.EXE
[01-18-2005 05:37 PM | 00,217,088 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\Video\LogiTray.exe
[03-14-2008 07:55 AM | 00,486,856 | ---- | M] (DT Soft Ltd) - C:\Program Files\DAEMON Tools Lite\daemon.exe
[01-18-2005 05:08 PM | 00,192,512 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\Video\FxSvr2.exe
[12-07-2004 04:42 PM | 00,840,704 | ---- | M] () - C:\Program Files\MSI\Core Center\CoreCenter.exe
[05-10-2008 07:15 AM | 00,282,624 | ---- | M] (Eastman Kodak Company) - F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
[02-13-2004 02:11 PM | 00,016,384 | ---- | M] () - C:\Documents and Settings\Mario Després\Local Settings\temp\bwgo0000e6c6.exe

===== Win32 Services - Non-Microsoft Only =====

(ATKKeyboardService) ATK Keyboard Service [Auto | Running]
[07-20-2004 02:15 PM | 00,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) - C:\WINDOWS\ATKKBService.exe

===== Driver Services - Non-Microsoft Only =====

(asuskbnt) Enhanced Display Driver Helper Service [System | Running]
[07-20-2004 02:19 PM | 00,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) - C:\WINDOWS\system32\drivers\atkkbnt.sys

(CdaC15BA) CdaC15BA [Auto | Running]
[06-05-2007 09:17 PM | 00,012,464 | ---- | M] (Macrovision Europe Ltd) - C:\WINDOWS\system32\drivers\CdaC15BA.SYS

(EIO) EIO [Auto | Running]
[10-18-2004 11:50 PM | 00,008,576 | R--- | M] (ASUSTeK Computer Inc.) - C:\WINDOWS\system32\drivers\EIO.sys

(FETND5BV) VIA Rhine-Family Fast Ethernet Adapter Driver Service [On_Demand | Running]
[08-08-2005 02:53 PM | 00,043,008 | ---- | M] (VIA Technologies, Inc. ) - C:\WINDOWS\system32\drivers\fetnd5bv.sys

(FETNDIS) Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet [On_Demand | Stopped]
[08-17-2001 04:13 PM | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) - C:\WINDOWS\system32\drivers\fetnd5.sys

(FETNDISB) VIA Rhine Family Fast Ethernet Adapter Driver Service [On_Demand | Stopped]
[04-14-2004 10:57 PM | 00,042,496 | R--- | M] (VIA Technologies, Inc. ) - C:\WINDOWS\system32\drivers\fetnd5b.sys

(LVUSBSta) Logitech USB Monitor Filter [On_Demand | Running]
[01-31-2005 06:12 AM | 00,022,016 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LVUSBSta.sys

(PCAlertDriver) PCAlertDriver [On_Demand | Running]
[11-16-2004 09:27 AM | 00,023,744 | R--- | M] (Your Corporation) - C:\Program Files\MSI\Core Center\NTGLM7X.SYS

(pepifilter) Volume Adapter [On_Demand | Running]
[01-31-2005 06:19 AM | 00,007,104 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\lv302af.sys

(PID_08A0) QuickCam IM(PID_08A0) [On_Demand | Running]
[01-31-2005 06:26 AM | 00,912,768 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LV302AV.SYS

(PQNTDrv) PQNTDrv [System | Running]
[09-16-2002 07:07 PM | 00,004,228 | ---- | M] (PowerQuest Corporation) - C:\WINDOWS\System32\drivers\PQNTDRV.sys

(RapFile) RapFile [On_Demand | Stopped]
[02-25-2003 07:26 PM | 00,036,644 | ---- | M] (Internet Security Systems, Inc.) - C:\WINDOWS\system32\drivers\RapFile.sys

(RapNet) RapNet [On_Demand | Stopped]
[02-25-2003 07:26 PM | 00,024,344 | ---- | M] (Internet Security Systems, Inc.) - C:\WINDOWS\system32\drivers\RapNet.sys

(rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) [On_Demand | Stopped]
[08-03-2004 10:31 PM | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) - C:\WINDOWS\system32\drivers\RTL8139.sys

(RushTopDevice) RushTopDevice [On_Demand | Running]
[11-16-2004 11:54 AM | 00,038,336 | R--- | M] (Your Corporation) - C:\Program Files\MSI\Core Center\RushTop.sys

(sfdrv01) StarForce Protection Environment Driver (version 1.x) [Boot | Running]
[08-10-2005 08:44 AM | 00,050,688 | ---- | M] (Protection Technology) - C:\WINDOWS\system32\drivers\sfdrv01.sys

(sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) [Boot | Running]
[07-05-2006 08:46 AM | 00,063,352 | ---- | M] (Protection Technology (StarForce)) - C:\WINDOWS\system32\drivers\sfdrv01a.sys

(sfhlp02) StarForce Protection Helper Driver (version 2.x) [Boot | Running]
[06-14-2006 10:56 AM | 00,013,680 | ---- | M] (Protection Technology (StarForce)) - C:\WINDOWS\system32\drivers\sfhlp02.sys

(sfsync03) StarForce Protection Synchronization Driver (version 3.x) [Boot | Running]
[12-06-2005 11:11 AM | 00,035,328 | ---- | M] (Protection Technology) - C:\WINDOWS\system32\drivers\sfsync03.sys

(sfsync04) StarForce Protection Synchronization Driver (version 4.x) [Boot | Running]
[08-11-2006 09:47 AM | 00,059,776 | ---- | M] (Protection Technology (StarForce)) - C:\WINDOWS\system32\drivers\sfsync04.sys

(sptd) sptd [Boot | Running]
[03-17-2008 07:48 AM | 00,717,296 | ---- | M] () - C:\WINDOWS\system32\drivers\sptd.sys

(viaagp1) VIA AGP Filter [Boot | Running]
[07-02-2003 04:42 AM | 00,027,904 | ---- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\VIAAGP1.SYS

(viamraid) viamraid [Boot | Running]
[06-25-2007 02:45 PM | 00,104,064 | ---- | M] (VIA Technologies inc,.ltd) - C:\WINDOWS\system32\drivers\viamraid.sys

(vIdeBus) vIdeBus [Boot | Running]
[06-25-2007 03:12 PM | 00,015,232 | ---- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\vIdeBus.sys

(Video3D) ASUS Video3D Service [On_Demand | Running]
[07-06-2004 07:56 PM | 00,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) - C:\WINDOWS\system32\drivers\Video3D.sys

(vIdePort) VIA IDE Controller PORT Driver [Boot | Running]
[06-25-2007 03:12 PM | 00,040,192 | ---- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\vIdePort.sys

(videX32) videX32 [Boot | Running]
[06-25-2007 02:45 PM | 00,009,216 | ---- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\videX32.sys

(vulfnths) VIA USB Host Controller Lower Filter [On_Demand | Stopped]
[08-04-2003 03:29 PM | 00,006,912 | ---- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\vulfnth.sys

(vulfntrs) VIA USB Roothub Lower Filter [On_Demand | Stopped]
[08-04-2003 03:29 PM | 00,011,392 | ---- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\vulfntr.sys

(WmBEnum) Logitech Virtual Bus Enumerator Driver [On_Demand | Running]
[04-14-2004 11:08 AM | 00,010,144 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmBEnum.sys

(WmFilter) Logitech WingMan HID Filter Driver [On_Demand | Running]
[04-14-2004 11:08 AM | 00,021,280 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmFilter.sys

(WmVirHid) Logitech Virtual Hid Device Driver [On_Demand | Stopped]
[04-14-2004 11:08 AM | 00,005,600 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmVirHid.sys

(WmXlCore) Logitech WingMan Translation Layer Driver [On_Demand | Running]
[04-14-2004 11:08 AM | 00,044,064 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\WmXlCore.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service" = "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe" [08-20-2007 07:20 PM | 00,148,760 | ---- | M] (Acronis)
"AcronisTimounterMonitor" = C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [08-21-2007 11:17 AM | 01,966,128 | ---- | M] (Acronis)
"Adobe Reader Speed Launcher" = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06-12-2008 02:38 AM | 00,034,672 | ---- | M] (Adobe Systems Incorporated)
"avgnt" = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [06-12-2008 02:28 PM | 00,266,497 | ---- | M] (Avira GmbH)
"DiscWizardMonitor.exe" = C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [08-21-2007 11:15 AM | 01,192,336 | ---- | M] (Seagate)
"Eye On Network" = C:\Program Files\Eye On Network\Eye On Network.exe [09-13-2003 01:47 PM | 01,553,920 | ---- | M] ()
"HP Software Update" = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [05-12-2005 12:12 AM | 00,049,152 | ---- | M] (Hewlett-Packard Co.)
"ISUSPM Startup" = C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [08-09-2004 06:03 AM | 00,221,184 | ---- | M] (InstallShield Software Corporation)
"ISUSScheduler" = "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start [08-09-2004 06:03 AM | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"LogitechVideoRepair" = C:\Program Files\Logitech\Video\ISStart.exe [01-18-2005 05:47 PM | 00,458,752 | ---- | M] (Logitech Inc.)
"LogitechVideoTray" = C:\Program Files\Logitech\Video\LogiTray.exe [01-18-2005 05:37 PM | 00,217,088 | ---- | M] (Logitech Inc.)
"LVCOMSX" = C:\WINDOWS\system32\LVCOMSX.EXE [10-08-2004 11:52 AM | 00,221,184 | ---- | M] (Logitech Inc.)
"NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [06-29-2007 12:43 AM | 08,466,432 | ---- | M] (NVIDIA Corporation)
"NvMediaCenter" = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [06-29-2007 12:43 AM | 00,081,920 | ---- | M] (NVIDIA Corporation)
"nwiz" = nwiz.exe /install [06-29-2007 12:43 AM | 01,626,112 | ---- | M] ()
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [03-28-2008 11:37 PM | 00,413,696 | ---- | M] (Apple Inc.)
"RemoteControl" = "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [12-08-2003 05:35 PM | 00,032,768 | ---- | M] (Cyberlink Corp.)
"SoundMan" = SOUNDMAN.EXE [11-11-2005 03:07 PM | 00,090,112 | ---- | M] (Realtek Semiconductor Corp.)
"SunJavaUpdateSched" = C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [06-10-2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun [03-14-2008 07:55 AM | 00,486,856 | ---- | M] (DT Soft Ltd)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
[12-07-2004 04:42 PM | 00,840,704 | ---- | M] () - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
[02-13-2004 02:12 PM | 00,016,423 | ---- | M] () - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
[05-10-2008 07:15 AM | 00,282,624 | ---- | M] (Eastman Kodak Company) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk = F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

[Mario Després Startup Folder - C:\Documents and Settings\Mario Després\Menu Démarrer\Programmes\Démarrage]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
HKLM CLSID: (Adobe PDF Link Helper) - [06-11-2008 10:33 PM | 00,075,128 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [06-10-2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
HKLM CLSID: (free-downloads.net Toolbar) - [02-14-2008 02:54 PM | 01,555,480 | ---- | M] (Conduit Ltd.) C:\Program Files\free-downloads.net\tbfree.dll

========== Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"
HKLM CLSID: (free-downloads.net Toolbar) - [02-14-2008 02:54 PM | 01,555,480 | ---- | M] (Conduit Ltd.) C:\Program Files\free-downloads.net\tbfree.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{ECDEE021-0D17-467F-A1FF-C7A115230949}"
HKLM CLSID: (free-downloads.net Toolbar) - [02-14-2008 02:54 PM | 01,555,480 | ---- | M] (Conduit Ltd.) C:\Program Files\free-downloads.net\tbfree.dll

========== AppInit_Dlls ==========

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [06-13-2007 09:22 AM | 01,037,312 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [08-05-2004 08:00 AM | 00,025,088 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"LogonUI.EXE" - [08-05-2004 08:00 AM | 00,515,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [08-05-2004 08:00 AM | 00,305,152 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun" = 67108863
"NoDriveTypeAutoRun" = 255
"NoDrives" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"legalnoticecaption" =
"legalnoticetext" =
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
"DisableRegistryTools" = 0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"ForceClassicControlPanel" = 1
"NoDrives" = 0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DISALLOWCPL]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RESTRICTCPL]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RESTRICTRUN]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0

========== Lsa Authentication Packages ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages]
"relog_ap" - [08-20-2007 07:21 PM | 00,014,104 | ---- | M] (Acronis) C:\WINDOWS\system32\relog_ap.dll

========== Lsa Security Packages ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe [01-19-2007 12:55 PM | 05,674,352 | ---- | M] (Microsoft Corporation)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe [03-13-2008 03:39 PM | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe [08-13-2008 07:48 PM | 00,267,056 | ---- | M] (BitTorrent, Inc.)
"C:\Program Files\Sierra\FEAR\FEAR.exe" = C:\Program Files\Sierra\FEAR\FEAR.exe [09-01-2005 10:30 AM | 04,632,576 | R--- | M] (Monolith Productions, Inc.)
"C:\Program Files\Sierra\FEAR\fpupdate.exe" = C:\Program Files\Sierra\FEAR\fpupdate.exe [01-07-2005 06:01 PM | 00,224,768 | R--- | M] ()
"C:\Program Files\ASUS\ASUS GameFace Live\GameFace.exe" = C:\Program Files\ASUS\ASUS GameFace Live\GameFace.exe [11-19-2004 11:21 AM | 04,059,136 | ---- | M] (ASUSTek Computer Inc.)
"C:\Program Files\Powerboat GT\Run.exe" = C:\Program Files\Powerboat GT\Run.exe [01-23-2008 04:41 PM | 02,295,296 | ---- | M] (Hammerware)
"F:\carbon\NFSC.exe" = F:\carbon\NFSC.exe [10-17-2006 01:09 AM | 08,950,979 | ---- | M] ()
"F:\xpandrally.exe" = F:\xpandrally.exe [08-01-2005 06:50 AM | 00,092,672 | ---- | M] (Techland)
"F:\Program Files\Supreme Commander\bin\SupremeCommander.exe" = F:\Program Files\Supreme Commander\bin\SupremeCommander.exe [01-12-2007 02:07 PM | 04,048,392 | R--- | M] (Gas Powered Games)
"F:\Program Files\GPGNet\GPG.Multiplayer.Client.exe" = F:\Program Files\GPGNet\GPG.Multiplayer.Client.exe [01-12-2007 11:19 AM | 05,350,920 | ---- | M] (Gas Powered Games)
"E:\mc2.exe" = E:\mc2.exe [06-20-2003 03:29 PM | 03,911,123 | ---- | M] ()
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [02-13-2004 02:12 PM | 00,016,423 | ---- | M] ()
"F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = F:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [05-10-2008 07:15 AM | 00,282,624 | ---- | M] (Eastman Kodak Company)
"C:\Program Files\Paradox Entertainment\Airfix Dogfighter\Dogfighter.exe" = C:\Program Files\Paradox Entertainment\Airfix Dogfighter\Dogfighter.exe [02-27-2001 05:52 PM | 00,290,816 | ---- | M] ()

========== Desktop Components ==========

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BlackICE PC Protection.lnk]
"backup" = C:\WINDOWS\pss\BlackICE PC Protection.lnk File not found
"location" = Common Startup
"item" = BlackICE PC Protection

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
"backup" = C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [05-12-2005 01:49 AM | 00,073,728 | ---- | M] (Hewlett-Packard Co.)
"item" = Démarrage rapide du logiciel HP Image Zone

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
"backup" = C:\WINDOWS\pss\HP Digital Imaging Monitor.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [05-12-2005 12:23 AM | 00,282,624 | ---- | M] (Hewlett-Packard Co.)
"item" = HP Digital Imaging Monitor

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Kodak software updater.lnk]
"backup" = C:\WINDOWS\pss\KODAK Software Updater.lnk File not found
"location" = Common Startup
"command" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [02-13-2004 02:12 PM | 00,016,423 | ---- | M] ()
"item" = KODAK Software Updater

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
"backup" = C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnk File not found
"location" = Common Startup
"command" = C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE File not found
"item" = Logiciel Kodak EasyShare

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
"backup" = C:\WINDOWS\pss\Logitech Desktop Messenger.lnk File not found
"location" = Common Startup
"item" = Logitech Desktop Messenger

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Mario Després^Menu Démarrer^Programmes^Démarrage^Enregistrement d'un produit Joint Operations Typhoon Rising.lnk]
"backup" = C:\WINDOWS\pss\Enregistrement d'un produit Joint Operations Typhoon Rising.lnk File not found
"location" = Startup
"item" = Enregistrement d'un produit Joint Operations Typhoon Rising

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDSwitchAgent]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = bdswitch
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ccApp]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = ccApp
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = InCD
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LDM]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = LogitechDesktopMessenger
"hkey" = HKCU
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MediaGateway]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MediaGateway
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MessengerPlus3]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = MsgPlus
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = msmsgs
"hkey" = HKCU
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = NeroCheck
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spyware Doctor]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = swdoctor
"hkey" = HKCU
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vptray]
"key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"item" = VPTray
"hkey" = HKLM
"inimapping" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 0
"startup" = 0

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[10-13-2005 01:31 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e7717bb-9657-11db-9a54-00110903e472}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e7717bb-9657-11db-9a54-00110903e472}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e7717bb-9657-11db-9a54-00110903e472}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e7717bc-9657-11db-9a54-00110903e472}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e7717bc-9657-11db-9a54-00110903e472}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e7717bc-9657-11db-9a54-00110903e472}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42dac02c-6d23-11dc-9b77-c29850eeab96}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42dac02c-6d23-11dc-9b77-c29850eeab96}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42dac02c-6d23-11dc-9b77-c29850eeab96}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a7f1317-8157-11dc-9b9c-f2da6b9c0a01}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a7f1317-8157-11dc-9b9c-f2da6b9c0a01}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a7f1317-8157-11dc-9b9c-f2da6b9c0a01}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deea465a-6d2c-11dc-9b79-8d76930b6713}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deea465a-6d2c-11dc-9b79-8d76930b6713}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deea465a-6d2c-11dc-9b79-8d76930b6713}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ebc485bc-ce98-11db-9a91-e4aa59acc71c}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ebc485bc-ce98-11db-9a91-e4aa59acc71c}\Shell\Autoplay]
"MUIVerb" = C:\WINDOWS\system32\shell32.dll [10-25-2007 12:56 PM | 08,510,976 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ebc485bc-ce98-11db-9a91-e4aa59acc71c}\Shell\Autoplay\DropTarget]
"CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{4B62B3B4-89ED-4F88-82C7-86BB8DBDF85D}]
Servers: | Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{7B9546DF-0DD2-4F87-B941-448E2AFAB302}]
Servers: | Description: VIA Rhine II Fast Ethernet Adapter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{ADB3129A-26EF-464A-A80E-D56CE4B33ABA}]
Servers: | Description:

========== Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost



========== Files/Folders - Created Within 60 days ==========

[07-02-2008 05:31 PM | 00,000,232 | -H-- | C] () - C:\sqmdata19.sqm
[07-02-2008 05:31 PM | 00,000,244 | -H-- | C] () - C:\sqmnoopt19.sqm
[07-02-2008 08:57 AM | 00,000,232 | -H-- | C] () - C:\sqmdata15.sqm
[07-02-2008 08:57 AM | 00,000,244 | -H-- | C] () - C:\sqmnoopt15.sqm
[07-02-2008 09:07 AM | 00,000,232 | -H-- | C] () - C:\sqmdata16.sqm
[07-02-2008 09:07 AM | 00,000,244 | -H-- | C] () - C:\sqmnoopt16.sqm
[07-02-2008 11:37 AM | 00,000,232 | -H-- | C] () - C:\sqmdata17.sqm
[07-02-2008 11:37 AM | 00,000,244 | -H-- | C] () - C:\sqmnoopt17.sqm
[07-02-2008 12:10 PM | 00,000,232 | -H-- | C] () - C:\sqmdata18.sqm
[07-02-2008 12:10 PM | 00,000,244 | -H-- | C] () - C:\sqmnoopt18.sqm
[08-02-2008 09:14 PM | 15,083,520 | ---- | C] (Safer Networking Limited ) - C:\spybotsd160.exe
[08-09-2008 03:49 PM | 00,230,776 | ---- | C] (Alwil Software) - C:\aswclear.exe
[08-11-2008 11:45 AM | 21,470,12608 | -HS- | C] () - C:\hiberfil.sys
[08-12-2008 07:15 AM | ---D | C] - C:\QooBox
[08-20-2008 01:31 PM | ---D | C] - C:\ComboFix
[08-20-2008 08:11 PM | -HSD | C] - C:\RECYCLER
[08-22-2008 04:41 PM | ---D | C] - C:\d3temp
[08-24-2008 01:01 PM | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[08-24-2008 01:01 PM | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\3dfxvs.dll
[08-24-2008 01:01 PM | 00,762,780 | ---- | C] (3Com, Inc.) - C:\WINDOWS\System32\dllcache\3cwmcru.sys
[08-24-2008 01:02 PM | 00,009,472 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativmdcd.sys
[08-24-2008 01:02 PM | 00,010,240 | ---- | C] () - C:\WINDOWS\System32\dllcache\atipcxxx.sys
[08-24-2008 01:02 PM | 00,010,880 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\admjoy.sys
[08-24-2008 01:02 PM | 00,016,969 | ---- | C] (AmbiCom, Inc.) - C:\WINDOWS\System32\dllcache\amb8002.sys
[08-24-2008 01:02 PM | 00,017,152 | ---- | C] () - C:\WINDOWS\System32\dllcache\atitunep.sys
[08-24-2008 01:02 PM | 00,017,152 | ---- | C] () - C:\WINDOWS\System32\dllcache\atitvsnd.sys
[08-24-2008 01:02 PM | 00,019,456 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativttxx.sys
[08-24-2008 01:02 PM | 00,020,160 | ---- | C] (ADMtek Incorporated) - C:\WINDOWS\System32\dllcache\adm8511.sys
[08-24-2008 01:02 PM | 00,023,552 | ---- | C] () - C:\WINDOWS\System32\dllcache\atixbar.sys
[08-24-2008 01:02 PM | 00,026,624 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativxbar.sys
[08-24-2008 01:02 PM | 00,026,880 | ---- | C] () - C:\WINDOWS\System32\dllcache\atirtsnd.sys
[08-24-2008 01:02 PM | 00,046,112 | ---- | C] (Adaptec, Inc ) - C:\WINDOWS\System32\dllcache\adptsf50.sys
[08-24-2008 01:02 PM | 00,046,464 | ---- | C] () - C:\WINDOWS\System32\dllcache\atibt829.sys
[08-24-2008 01:02 PM | 00,049,920 | ---- | C] () - C:\WINDOWS\System32\dllcache\atirtcap.sys
[08-24-2008 01:02 PM | 00,061,952 | ---- | C] (Scanneur à plat couleur) - C:\WINDOWS\System32\dllcache\acerscad.dll
[08-24-2008 01:02 PM | 00,077,824 | ---- | C] (ATI Technologies, Inc.) - C:\WINDOWS\System32\dllcache\ati.sys
[08-24-2008 01:02 PM | 00,084,480 | ---- | C] (VIA Technologies, Inc.) - C:\WINDOWS\System32\dllcache\ac97via.sys
[08-24-2008 01:02 PM | 00,096,256 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\ac97intc.sys
[08-24-2008 01:02 PM | 00,097,354 | ---- | C] (Bay Networks, Inc.) - C:\WINDOWS\System32\dllcache\aspndis3.sys
[08-24-2008 01:02 PM | 00,098,304 | ---- | C] (Aureal Semiconductor) - C:\WINDOWS\System32\dllcache\a3d.dll
[08-24-2008 01:02 PM | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) - C:\WINDOWS\System32\dllcache\ac97sis.sys
[08-24-2008 01:02 PM | 00,462,848 | ---- | C] (Aureal Inc.) - C:\WINDOWS\System32\dllcache\a3dapi.dll
[08-24-2008 01:02 PM | 00,553,984 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8820.sys
[08-24-2008 01:02 PM | 00,584,448 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8810.sys
[08-24-2008 01:02 PM | 00,747,392 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8830.sys
[08-24-2008 01:03 PM | 00,002,944 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brfilt.sys
[08-24-2008 01:03 PM | 00,003,168 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brparimg.sys
[08-24-2008 01:03 PM | 00,003,968 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brfiltup.sys
[08-24-2008 01:03 PM | 00,005,120 | ---- | C] (Brother Industries,Ltd.) - C:\WINDOWS\System32\dllcache\brscnrsm.dll
[08-24-2008 01:03 PM | 00,009,728 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brcoinst.dll
[08-24-2008 01:03 PM | 00,009,728 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brserif.dll
[08-24-2008 01:03 PM | 00,010,368 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brusbscn.sys
[08-24-2008 01:03 PM | 00,011,008 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brusbmdm.sys
[08-24-2008 01:03 PM | 00,012,160 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brfiltlo.sys
[08-24-2008 01:03 PM | 00,012,800 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brevif.dll
[08-24-2008 01:03 PM | 00,015,360 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfbidi.dll
[08-24-2008 01:03 PM | 00,019,456 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brbidiif.dll
[08-24-2008 01:03 PM | 00,021,530 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ce2n5.sys
[08-24-2008 01:03 PM | 00,027,164 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ce3n5.sys
[08-24-2008 01:03 PM | 00,029,696 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmflpt.dll
[08-24-2008 01:03 PM | 00,031,529 | ---- | C] (BreezeCOM) - C:\WINDOWS\System32\dllcache\brzwlan.sys
[08-24-2008 01:03 PM | 00,032,256 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[08-24-2008 01:03 PM | 00,032,256 | ---- | C] (Eicon Technology Corporation) - C:\WINDOWS\System32\dllcache\diapi2NT.dll
[08-24-2008 01:03 PM | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\banshee.sys
[08-24-2008 01:03 PM | 00,036,992 | ---- | C] (Aztech Systems Ltd) - C:\WINDOWS\System32\dllcache\aztw2320.sys
[08-24-2008 01:03 PM | 00,037,568 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmwan.sys
[08-24-2008 01:03 PM | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) - C:\WINDOWS\System32\dllcache\cb102.sys
[08-24-2008 01:03 PM | 00,039,680 | ---- | C] (Silicom Ltd.) - C:\WINDOWS\System32\dllcache\cb325.sys
[08-24-2008 01:03 PM | 00,039,808 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brparwdm.sys
[08-24-2008 01:03 PM | 00,041,472 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfusb.dll
[08-24-2008 01:03 PM | 00,046,108 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cben5.sys
[08-24-2008 01:03 PM | 00,060,416 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brserwdm.sys
[08-24-2008 01:03 PM | 00,087,552 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmcoxp.dll
[08-24-2008 01:03 PM | 00,089,952 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\b1cbase.sys
[08-24-2008 01:03 PM | 00,144,384 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmenum.dll
[08-24-2008 01:03 PM | 00,164,923 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\diapi2.sys
[08-24-2008 01:03 PM | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\banshee.dll
[08-24-2008 01:03 PM | 00,715,466 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[08-24-2008 01:03 PM | 00,871,388 | ---- | C] (BCM) - C:\WINDOWS\System32\dllcache\bcmdm.sys
[08-24-2008 01:04 PM | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbase.sys
[08-24-2008 01:04 PM | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbmidi.sys
[08-24-2008 01:04 PM | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[08-24-2008 01:04 PM | 00,003,712 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\ctljystk.sys
[08-24-2008 01:04 PM | 00,004,096 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\ctwdm32.dll
[08-24-2008 01:04 PM | 00,006,912 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\ctlfacem.sys
[08-24-2008 01:04 PM | 00,020,864 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[08-24-2008 01:04 PM | 00,020,928 | ---- | C] (Digital Networks, LLC) - C:\WINDOWS\System32\dllcache\defpa.sys
[08-24-2008 01:04 PM | 00,021,533 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\cpqndis5.sys
[08-24-2008 01:04 PM | 00,022,556 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem28n5.sys
[08-24-2008 01:04 PM | 00,022,556 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem33n5.sys
[08-24-2008 01:04 PM | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwrwdm.sys
[08-24-2008 01:04 PM | 00,049,182 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem56n5.sys
[08-24-2008 01:04 PM | 00,061,194 | ---- | C] (Compaq Computer Corp.) - C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[08-24-2008 01:04 PM | 00,063,208 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\dllcache\dc21x4.sys
[08-24-2008 01:04 PM | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbwdm.sys
[08-24-2008 01:04 PM | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcwdm.sys
[08-24-2008 01:04 PM | 00,096,256 | ---- | C] (Copyright (C) Creative Technology Ltd. 1994-2001) - C:\WINDOWS\System32\dllcache\ctlsb16.sys
[08-24-2008 01:04 PM | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcspud.sys
[08-24-2008 01:04 PM | 00,117,760 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\d100ib5.sys
[08-24-2008 01:04 PM | 00,216,576 | ---- | C] (COMPAQ Inc.) - C:\WINDOWS\System32\dllcache\cpscan.dll
[08-24-2008 01:04 PM | 00,252,416 | ---- | C] (Comtrol® Corporation) - C:\WINDOWS\System32\dllcache\ctmasetp.dll
[08-24-2008 01:04 PM | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) - C:\WINDOWS\System32\dllcache\cinemclc.sys
[08-24-2008 01:04 PM | 00,980,034 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\cicap.sys
[08-24-2008 01:05 PM | 00,006,216 | ---- | C] () - C:\WINDOWS\System32\dllcache\divaci.dll
[08-24-2008 01:05 PM | 00,006,729 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvci.dll
[08-24-2008 01:05 PM | 00,019,594 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\e100isa4.sys
[08-24-2008 01:05 PM | 00,024,064 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\devldr32.exe
[08-24-2008 01:05 PM | 00,024,648 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\dfe650.sys
[08-24-2008 01:05 PM | 00,024,649 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\dfe650d.sys
[08-24-2008 01:05 PM | 00,026,698 | ---- | C] (D-Link Corporation) - C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[08-24-2008 01:05 PM | 00,028,062 | ---- | C] (National Semiconductor Coproration) - C:\WINDOWS\System32\dllcache\dp83820.sys
[08-24-2008 01:05 PM | 00,029,696 | ---- | C] (CNet Technology, Inc. ) - C:\WINDOWS\System32\dllcache\dm9pci5.sys
[08-24-2008 01:05 PM | 00,029,768 | ---- | C] () - C:\WINDOWS\System32\dllcache\divasu.dll
[08-24-2008 01:05 PM | 00,031,817 | ---- | C] () - C:\WINDOWS\System32\dllcache\disrvpp.dll
[08-24-2008 01:05 PM | 00,037,962 | ---- | C] () - C:\WINDOWS\System32\dllcache\divaprop.dll
[08-24-2008 01:05 PM | 00,038,985 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvsu.dll
[08-24-2008 01:05 PM | 00,051,743 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\e1000nt5.sys
[08-24-2008 01:05 PM | 00,091,305 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\dimaint.sys
[08-24-2008 01:05 PM | 00,117,760 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\e100b325.sys
[08-24-2008 01:05 PM | 00,236,060 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\ditrace.exe
[08-24-2008 01:05 PM | 00,256,512 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\devcon32.dll
[08-24-2008 01:05 PM | 00,334,208 | ---- | C] (Yamaha Corp.) - C:\WINDOWS\System32\dllcache\ds1wdm.sys
[08-24-2008 01:05 PM | 00,952,007 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\diwan.sys
[08-24-2008 01:06 PM | 00,016,998 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\ex10.sys
[08-24-2008 01:06 PM | 00,018,503 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\epro4.sys
[08-24-2008 01:06 PM | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuimg.dll
[08-24-2008 01:06 PM | 00,037,120 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\es1370mp.sys
[08-24-2008 01:06 PM | 00,040,704 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\es1371mp.sys
[08-24-2008 01:06 PM | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esucm.dll
[08-24-2008 01:06 PM | 00,046,080 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuni.dll
[08-24-2008 01:06 PM | 00,046,080 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esunib.dll
[08-24-2008 01:06 PM | 00,072,192 | ---- | C] (ESS Technology Inc.) - C:\WINDOWS\System32\dllcache\es1969.sys
[08-24-2008 01:06 PM | 00,283,904 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\emu10k1m.sys
[08-24-2008 01:07 PM | 00,011,850 | ---- | C] (FUJITSU LIMITED) - C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[08-24-2008 01:07 PM | 00,012,362 | ---- | C] (FUJITSU LIMITED) - C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[08-24-2008 01:07 PM | 00,017,664 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\gpr400.sys
[08-24-2008 01:07 PM | 00,024,618 | ---- | C] (NETGEAR) - C:\WINDOWS\System32\dllcache\fa410nd5.sys
[08-24-2008 01:07 PM | 00,028,672 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\grserial.sys
[08-24-2008 01:07 PM | 00,034,173 | ---- | C] (Marconi Communications, Inc.) - C:\WINDOWS\System32\dllcache\forehe.sys
[08-24-2008 01:07 PM | 00,082,560 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\grclass.sys
[08-24-2008 01:07 PM | 00,441,728 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpcmbase.sys
[08-24-2008 01:07 PM | 00,442,240 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpnpbase.sys
[08-24-2008 01:07 PM | 00,444,416 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpcibase.sys
[08-24-2008 01:07 PM | 00,454,912 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fxusbase.sys
[08-24-2008 01:07 PM | 00,455,296 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fusbbase.sys
[08-24-2008 01:07 PM | 00,455,680 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fus2base.sys
[08-24-2008 01:08 PM | 00,068,608 | ---- | C] (Avisioin) - C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[08-24-2008 01:08 PM | 00,083,968 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt21.dll
[08-24-2008 01:08 PM | 00,089,088 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt33.dll
[08-24-2008 01:08 PM | 00,093,696 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt42.dll
[08-24-2008 01:08 PM | 00,101,376 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt34.dll
[08-24-2008 01:08 PM | 00,126,976 | ---- | C] (Hewlett Packard) - C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[08-24-2008 01:08 PM | 00,165,888 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt53.dll
[08-24-2008 01:09 PM | 00,010,240 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[08-24-2008 01:09 PM | 00,028,700 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\dllcache\ibmexmp.sys
[08-24-2008 01:09 PM | 00,058,592 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\i740nt5.sys
[08-24-2008 01:09 PM | 00,100,936 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\dllcache\ibmtok.sys
[08-24-2008 01:09 PM | 00,109,085 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\dllcache\ibmtrp.sys
[08-24-2008 01:09 PM | 00,353,184 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\i740dnt5.dll
[08-24-2008 01:10 PM | 00,023,552 | ---- | C] (MKNet Corporation) - C:\WINDOWS\System32\dllcache\irmk7.sys
[08-24-2008 01:10 PM | 00,038,784 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\io8.sys
[08-24-2008 01:10 PM | 00,045,632 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider) - C:\WINDOWS\System32\dllcache\ip5515.sys
[08-24-2008 01:10 PM | 00,090,200 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\io8ports.dll
[08-24-2008 01:10 PM | 00,372,824 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\iconf32.dll
[08-24-2008 01:11 PM | 00,016,384 | ---- | C] (Litronic Industries) - C:\WINDOWS\System32\dllcache\lit220p.sys
[08-24-2008 01:11 PM | 00,019,016 | ---- | C] (Kingston Technology Company ) - C:\WINDOWS\System32\dllcache\ktc111.sys
[08-24-2008 01:11 PM | 00,020,573 | ---- | C] (The Linksts Group ) - C:\WINDOWS\System32\dllcache\lne100.sys
[08-24-2008 01:11 PM | 00,020,864 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\dllcache\lwadihid.sys
[08-24-2008 01:11 PM | 00,022,848 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\dllcache\lwusbhid.sys
[08-24-2008 01:11 PM | 00,025,065 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\lmndis3.sys
[08-24-2008 01:11 PM | 00,026,922 | ---- | C] (SMSC) - C:\WINDOWS\System32\dllcache\lanepic5.sys
[08-24-2008 01:11 PM | 00,034,688 | ---- | C] (Toshiba Corp.) - C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[08-24-2008 01:11 PM | 00,070,730 | ---- | C] (Linksys Group, Inc.) - C:\WINDOWS\System32\dllcache\lne100tx.sys
[08-24-2008 01:11 PM | 00,422,528 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[08-24-2008 01:11 PM | 00,577,514 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[08-24-2008 01:11 PM | 00,607,452 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[08-24-2008 01:11 PM | 00,728,554 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ltck000c.sys
[08-24-2008 01:11 PM | 00,797,500 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltsmt.sys
[08-24-2008 01:11 PM | 00,802,683 | ---- | C] (Lucent Technologies) - C:\WINDOWS\System32\dllcache\ltsm.sys
[08-24-2008 01:12 PM | 00,017,280 | ---- | C] (American Megatrends Inc.) - C:\WINDOWS\System32\dllcache\mraid35x.sys
[08-24-2008 01:12 PM | 00,056,832 | ---- | C] () - C:\WINDOWS\System32\dllcache\msdvbnp.ax
[08-24-2008 01:12 PM | 00,165,066 | ---- | C] (Madge Networks Ltd) - C:\WINDOWS\System32\dllcache\mdgndis5.sys
[08-24-2008 01:13 PM | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) - C:\WINDOWS\System32\dllcache\mxport.dll
[08-24-2008 01:13 PM | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128.sys
[08-24-2008 01:13 PM | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) - C:\WINDOWS\System32\dllcache\mxnic.sys
[08-24-2008 01:13 PM | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) - C:\WINDOWS\System32\dllcache\mxicfg.dll
[08-24-2008 01:13 PM | 00,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) - C:\WINDOWS\System32\dllcache\mxcard.sys
[08-24-2008 01:13 PM | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i3d.sys
[08-24-2008 01:13 PM | 00,032,840 | ---- | C] (NETGEAR Corporation.) - C:\WINDOWS\System32\dllcache\ngrpci.sys
[08-24-2008 01:13 PM | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128v2.sys
[08-24-2008 01:13 PM | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128.dll
[08-24-2008 01:13 PM | 00,039,264 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\neo20xx.sys
[08-24-2008 01:13 PM | 00,053,791 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\n1000nt5.sys
[08-24-2008 01:13 PM | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128v2.dll
[08-24-2008 01:13 PM | 00,060,480 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\neo20xx.dll
[08-24-2008 01:13 PM | 00,066,302 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\netflx3.sys
[08-24-2008 01:13 PM | 00,076,928 | ---- | C] (Moxa Technologies Co., Ltd.) - C:\WINDOWS\System32\dllcache\mxport.sys
[08-24-2008 01:13 PM | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i3disp.dll
[08-24-2008 01:13 PM | 00,103,296 | ---- | C] (Matrox Graphics Inc) - C:\WINDOWS\System32\dllcache\mtxvideo.sys
[08-24-2008 01:13 PM | 00,131,072 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\n100325.sys
[08-24-2008 01:13 PM | 00,132,695 | ---- | C] (802.11b) - C:\WINDOWS\System32\dllcache\netwlan5.sys
[08-24-2008 01:14 PM | 00,027,209 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otc06x5.sys
[08-24-2008 01:14 PM | 00,028,672 | ---- | C] (National Semiconductor Corporation) - C:\WINDOWS\System32\dllcache\nscirda.sys
[08-24-2008 01:14 PM | 00,044,297 | ---- | C] () - C:\WINDOWS\System32\dllcache\otceth5.sys
[08-24-2008 01:14 PM | 00,051,552 | ---- | C] (Kensington Technology Group) - C:\WINDOWS\System32\dllcache\ntgrip.sys
[08-24-2008 01:14 PM | 00,054,528 | ---- | C] (Yamaha Corp.) - C:\WINDOWS\System32\dllcache\opl3sax.sys
[08-24-2008 01:14 PM | 00,054,954 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otcsercb.sys
[08-24-2008 01:14 PM | 00,087,040 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\nm6wdm.sys
[08-24-2008 01:14 PM | 00,126,080 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[08-24-2008 01:15 PM | 00,026,153 | ---- | C] (Linksys) - C:\WINDOWS\System32\dllcache\pcmlm56.sys
[08-24-2008 01:15 PM | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm2.sys
[08-24-2008 01:15 PM | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm3.sys
[08-24-2008 01:15 PM | 00,029,502 | ---- | C] (Marconi Communications, Inc.) - C:\WINDOWS\System32\dllcache\pca200e.sys
[08-24-2008 01:15 PM | 00,029,769 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntn5m.sys
[08-24-2008 01:15 PM | 00,030,282 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[08-24-2008 01:15 PM | 00,030,495 | ---- | C] (Linksys) - C:\WINDOWS\System32\dllcache\pc100nds.sys
[08-24-2008 01:15 PM | 00,035,328 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntpci5.sys
[08-24-2008 01:15 PM | 00,086,016 | ---- | C] (PCtel, Inc.) - C:\WINDOWS\System32\dllcache\pctspk.exe
[08-24-2008 01:15 PM | 00,169,984 | ---- | C] (Cisco Systems) - C:\WINDOWS\System32\dllcache\pcx500.sys
[08-24-2008 01:15 PM | 00,211,712 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm2dll.dll
[08-24-2008 01:15 PM | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm3dd.dll
[08-24-2008 01:16 PM | 00,016,512 | ---- | C] (SCM Microsystems, Inc.) - C:\WINDOWS\System32\dllcache\pscr.sys
[08-24-2008 01:16 PM | 00,033,280 | ---- | C] () - C:\WINDOWS\System32\dllcache\psisrndr.ax
[08-24-2008 01:16 PM | 00,112,574 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserlp.sys
[08-24-2008 01:16 PM | 00,128,286 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserli.sys
[08-24-2008 01:16 PM | 00,130,942 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserlv.sys
[08-24-2008 01:16 PM | 00,363,520 | ---- | C] () - C:\WINDOWS\System32\dllcache\psisdecd.dll
[08-24-2008 01:17 PM | 00,010,240 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[08-24-2008 01:17 PM | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) - C:\WINDOWS\System32\dllcache\rtl8029.sys
[08-24-2008 01:17 PM | 00,025,088 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw430ext.dll
[08-24-2008 01:17 PM | 00,026,624 | ---- | C] (RICOH Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw450ext.dll
[08-24-2008 01:17 PM | 00,037,563 | ---- | C] (RadioLAN) - C:\WINDOWS\System32\dllcache\rlnet5.sys
[08-24-2008 01:17 PM | 00,079,360 | ---- | C] (Comtrol Corporation) - C:\WINDOWS\System32\dllcache\rocket.sys
[08-24-2008 01:17 PM | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia430.dll
[08-24-2008 01:17 PM | 00,083,968 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia450.dll
[08-24-2008 01:17 PM | 00,086,097 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\reslog32.dll
[08-24-2008 01:17 PM | 00,715,530 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[08-24-2008 01:17 PM | 00,899,914 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[08-24-2008 01:18 PM | 00,041,216 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mt3d.sys
[08-24-2008 01:18 PM | 00,043,136 | ---- | C] () - C:\WINDOWS\System32\dllcache\sbp2port.sys
[08-24-2008 01:18 PM | 00,061,504 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[08-24-2008 01:18 PM | 00,062,496 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mtrio.dll
[08-24-2008 01:18 PM | 00,077,824 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav4m.sys
[08-24-2008 01:18 PM | 00,166,720 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3m.sys
[08-24-2008 01:18 PM | 00,179,264 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav3d.dll
[08-24-2008 01:18 PM | 00,182,272 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mt3d.dll
[08-24-2008 01:18 PM | 00,198,400 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav4.dll
[08-24-2008 01:18 PM | 00,210,496 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mvirge.dll
[08-24-2008 01:18 PM | 00,495,616 | ---- | C] () - C:\WINDOWS\System32\dllcache\sblfx.dll
[08-23-2008 07:01 AM | ---D | C] - C:\WINDOWS\System32\CatRoot_bak
[07-02-2008 06:37 AM | ---D | C] - C:\WINDOWS\Turtix Rescue Adventure
[07-04-2008 08:28 AM | ---D | C] - C:\WINDOWS\Unicorn Castle
[07-07-2008 03:11 PM | 00,001,409 | ---- | C] () - C:\WINDOWS\QTFont.for
[07-07-2008 03:11 PM | 00,054,156 | -H-- | C] () - C:\WINDOWS\QTFont.qfn
[07-08-2008 06:42 PM | ---D | C] - C:\WINDOWS\The Pini Society
[07-15-2008 01:54 PM | 00,069,632 | ---- | C] () - C:\WINDOWS\_detmp.2
[07-15-2008 01:54 PM | 00,105,511 | ---- | C] () - C:\WINDOWS\_detmp.1
[08-02-2008 08:03 AM | 03,494,207 | ---- | C] (Digital Illusions Software - ss3d.com) - C:\WINDOWS\Nemo's Aquarium 3D Korallenriff.scr
[08-02-2008 08:03 AM | 03,594,576 | ---- | C] (Digital Illusions Software - ss3d.com) - C:\WINDOWS\Nemo's Aquarium 3D Anemonen-Feld.scr
[08-03-2008 11:44 AM | ---D | C] - C:\WINDOWS\ERUNT
[08-07-2008 08:41 PM | ---D | C] - C:\WINDOWS\SmitfraudFix
[08-19-2008 09:03 AM | 00,028,672 | ---- | C] (NirSoft) - C:\WINDOWS\Nircmd.exe
[08-19-2008 09:03 AM | 00,049,152 | ---- | C] () - C:\WINDOWS\VFind.exe
[08-19-2008 09:03 AM | 00,068,096 | ---- | C] () - C:\WINDOWS\zip.exe
[08-19-2008 09:03 AM | 00,080,412 | ---- | C] () - C:\WINDOWS\grep.exe
[08-19-2008 09:03 AM | 00,089,504 | ---- | C] (Smallfrogs Studio) - C:\WINDOWS\fdsv.exe
[08-19-2008 09:03 AM | 00,098,816 | ---- | C] () - C:\WINDOWS\sed.exe
[08-19-2008 09:03 AM | 00,136,704 | ---- | C] (SteelWerX) - C:\WINDOWS\swsc.exe
[08-19-2008 09:03 AM | 00,161,792 | ---- | C] (SteelWerX) - C:\WINDOWS\swreg.exe
[08-19-2008 09:03 AM | 00,212,480 | ---- | C] (SteelWerX) - C:\WINDOWS\swxcacls.exe
[08-20-2008 01:48 PM | ---D | C] - C:\WINDOWS\temp
[08-22-2008 04:41 PM | 00,001,312 | ---- | C] () - C:\WINDOWS\ssconf2.bin
[08-28-2008 03:19 PM | ---D | C] - C:\WINDOWS\Internet Logs
[08-02-2008 01:38 PM | 00,000,452 | ---- | C] () - C:\WINDOWS\tasks\EasyShare Registration Task.job
[07-04-2008 07:22 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Arkadium
[07-19-2008 06:33 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Gold Casual Games
[07-22-2008 09:43 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Media Art
[07-30-2008 08:53 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\The Revills Games
[08-03-2008 12:55 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[08-05-2008 07:04 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\TheRace_dev
[08-07-2008 11:04 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Avira
[08-10-2008 06:41 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Slapdash Games
[07-04-2008 08:29 AM | ---D | C] - C:\Documents and Settings\Mario Després\Application Data\Meridian93
[07-12-2008 08:00 AM | ---D | C] - C:\Documents and Settings\Mario Després\Application Data\AlauxSoft
[08-03-2008 12:55 PM | ---D | C] - C:\Documents and Settings\Mario Després\Application Data\Malwarebytes
[08-11-2008 11:46 AM | ---D | C] - C:\Documents and Settings\Mario Després\Application Data\Skinux
[08-22-2008 04:35 PM | ---D | C] - C:\Documents and Settings\Mario Després\Application Data\TMInc
[07-02-2008 06:37 AM | ---D | C] - C:\Documents and Settings\Mario Després\Local Settings\Application Data\Turtix
[08-02-2008 01:54 PM | ---D | C] - C:\Documents and Settings\Mario Després\Local Settings\Application Data\KodakGallery
[08-03-2008 10:57 AM | 02,191,856 | -H-- | C] () - C:\Documents and Settings\Mario Després\Local Settings\Application Data\IconCache.db
[08-17-2008 02:56 PM | ---D | C] - C:\Documents and Settings\Mario Després\Local Settings\Application Data\Conduit
[08-18-2008 07:43 AM | ---D | C] - C:\Documents and Settings\Mario Després\Local Settings\Application Data\free-downloads.net
[08-09-2008 09:25 AM | ---D | C] - C:\Documents and Settings\All Users\Documents\RA Distribution
[08-10-2008 06:41 AM | ---D | C] - C:\Documents and Settings\All Users\Documents\Slapdash Games
[08-03-2008 09:58 AM | 00,156,546 | ---- | C] () - C:\Documents and Settings\Mario Després\Mes documents\cc_20080803_0958.reg
[07-12-2008 08:44 AM | 00,000,841 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Ad-Aware SE Personal.lnk
[07-14-2008 08:48 AM | 00,000,378 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Midnight Club II.lnk
[08-02-2008 01:47 PM | 00,001,659 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Kodak EasyShare.lnk
[08-14-2008 12:55 PM | 00,001,729 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[08-16-2008 02:03 PM | 00,001,556 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Encore plus de jeux.lnk
[08-29-2008 07:24 AM | 00,001,723 | ---- | C] () - C:\Documents and Settings\All Users\Bureau\Righteous Kill.lnk
[08-02-2008 08:03 AM | 00,001,806 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\Nemo's Aquarium 3D.lnk
[08-02-2008 09:19 PM | 00,000,933 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\Spybot - Search & Destroy.lnk
[08-03-2008 10:43 AM | 00,001,734 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\HijackThis.lnk
[08-14-2008 07:17 PM | 00,000,809 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\Raccourci vers avcenter.exe.lnk
[08-15-2008 10:00 AM | 00,766,184 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\100_0847.jpg
[08-15-2008 10:00 AM | 00,815,926 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\100_0845.jpg
[08-15-2008 10:00 AM | 00,833,158 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\100_0846.jpg
[08-19-2008 07:36 PM | 00,000,682 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\Raccourci vers Eye On Network.exe.lnk
[08-20-2008 01:12 PM | 02,719,778 | R--- | C] () - C:\Documents and Settings\Mario Després\Bureau\ComboFix.exe
[08-21-2008 06:37 PM | 00,568,477 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\OTScanIt.exe
[08-21-2008 06:38 PM | ---D | C] - C:\Documents and Settings\Mario Després\Bureau\OTScanIt
[08-22-2008 04:36 PM | 00,000,649 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\Raccourci vers TMInc.lnk
[08-22-2008 04:48 PM | 00,791,393 | ---- | C] (Lars Hederer ) - C:\Documents and Settings\Mario Després\Bureau\erunt-setup.exe
[08-22-2008 04:49 PM | 00,000,592 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\ERUNT.lnk
[08-22-2008 04:49 PM | 00,000,611 | ---- | C] () - C:\Documents and Settings\Mario Després\Bureau\NTREGOPT.lnk
[08-02-2008 01:13 PM | 00,001,996 | ---- | C] () - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk
[08-02-2008 01:47 PM | 00,001,667 | ---- | C] () - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk
[08-02-2008 01:13 PM | ---D | C] - C:\Program Files\Fichiers communs\Kodak
[08-14-2008 06:47 AM | ---D | C] - C:\Program Files\Fichiers communs\ODBC
[07-01-2008 10:12 AM | ---D | C] - C:\Program Files\Turtix 2 - Rescue Adventures
[07-02-2008 06:37 AM | ---D | C] - C:\Program Files\Turtix Rescue Adventure
[07-04-2008 07:21 AM | ---D | C] - C:\Program Files\The Pini Society
[07-04-2008 08:28 AM | ---D | C] - C:\Program Files\Unicorn Castle
[08-01-2008 08:33 PM | ---D | C] - C:\Program Files\The Mystery Of The Crystal Portal
[08-02-2008 01:06 PM | ---D | C] - C:\Program Files\Kodak
[08-02-2008 08:03 AM | ---D | C] - C:\Program Files\Nemo's Aquarium 3D
[08-02-2008 08:10 AM | ---D | C] - C:\Program Files\Cactus Bruce and the Corporate Monkeys
[08-02-2008 09:19 PM | ---D | C] - C:\Program Files\Spybot - Search & Destroy
[08-03-2008 10:43 AM | ---D | C] - C:\Program Files\Trend Micro
[08-06-2008 07:38 AM | ---D | C] - C:\Program Files\Sun
[08-07-2008 11:04 AM | ---D | C] - C:\Program Files\Avira
[08-15-2008 08:23 PM | ---D | C] - C:\Program Files\Wild West Quest
[08-17-2008 02:55 PM | ---D | C] - C:\Program Files\free-downloads.net
[08-17-2008 02:56 PM | ---D | C] - C:\Program Files\Conduit
[08-19-2008 06:15 AM | ---D | C] - C:\Program Files\Hawaiian Explorer - Lost Island
[08-22-2008 04:49 PM | ---D | C] - C:\Program Files\ERUNT
[08-28-2008 03:19 PM | ---D | C] - C:\Program Files\Zone Labs

========== Files/Folders - Modified Within 60 days ==========

[07-02-2008 05:31 PM | 00,000,232 | -H-- | M] () - C:\sqmdata19.sqm
[07-02-2008 05:31 PM | 00,000,244 | -H-- | M] () - C:\sqmnoopt19.sqm
[07-02-2008 08:57 AM | 00,000,232 | -H-- | M] () - C:\sqmdata15.sqm
[07-02-2008 08:57 AM | 00,000,244 | -H-- | M] () - C:\sqmnoopt15.sqm

Re,

Ok j'ai compris ce qui bloque, je vais me renseigner.

Sinon pour le centre de sécurité, ça doit pouvoir se corriger, mais faut trouver la bonne clé de registre.

Ton pc doit marcher convenablement là non ?

Je reviens vers toi dès que j'en sais plus, et pas au bout de trois jours cette fois-ci.

Fais un up du sujet, histoire que je ne l'oublie pas.

Bonjour,

Il me faudrait un nouveau rapport OtscanIT de base avant de poursuivre.