Virus empeche toute installation d'antivirus

Logfile of random's system information tool 1.06 (written by random/random)
Run by bounadi med at 2009-03-30 00:07:52
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (45%) free of 15 GB
Total RAM: 255 MB (10% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SPAMfighter Agent"=C:\Program Files\SPAMfighter\SFAgent.exe [2007-03-24 474112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ares"=C:\Program Files\Ares\Ares.exe [2009-02-03 1004544]
"Mobile Partner"=C:\Program Files\Internet Mobile\Internet Mobile.exe [2009-03-10 163840]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Ares\Ares.exe"="D:\Ares\Ares.exe:*:Enabled:ipsec"
"C:\Documents and Settings\bounadi med\Mes documents\AutoCAD 2002\hpsetup.exe"="C:\Documents and Settings\bounadi med\Mes documents\AutoCAD 2002\hpsetup.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wscntfy.exe"="C:\WINDOWS\system32\wscntfy.exe:*:Enabled:ipsec"
"F:\Firefox Setup 2.0.0.20.exe"="F:\Firefox Setup 2.0.0.20.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\thnlll.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\thnlll.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winvefnyc.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winvefnyc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winknnosf.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winknnosf.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winruwtcj.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winruwtcj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\jdxe.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\jdxe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wyyou.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wyyou.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winfmgml.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winfmgml.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingribli.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingribli.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\aqqe.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\aqqe.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winhsaoj.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winhsaoj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winhuyy.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winhuyy.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winxkhq.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winxkhq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winikomx.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winikomx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\fdev.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\fdev.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wincsmmok.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wincsmmok.exe:*:Enabled:ipsec"
"C:\Program Files\MSN\MsnInstaller\msninst.exe"="C:\Program Files\MSN\MsnInstaller\msninst.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\oeqa.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\oeqa.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winiths.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winiths.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\cfxd.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\cfxd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\windpjoby.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\windpjoby.exe:*:Enabled:ipsec"
"C:\DOCUME~1\skinny\LOCALS~1\Temp\winderrts.exe"="C:\DOCUME~1\skinny\LOCALS~1\Temp\winderrts.exe:*:Enabled:ipsec"
"C:\DOCUME~1\skinny\LOCALS~1\Temp\winwsebw.exe"="C:\DOCUME~1\skinny\LOCALS~1\Temp\winwsebw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\skinny\LOCALS~1\Temp\winsxdw.exe"="C:\DOCUME~1\skinny\LOCALS~1\Temp\winsxdw.exe:*:Enabled:ipsec"
"C:\DOCUME~1\skinny\LOCALS~1\Temp\dyqj.exe"="C:\DOCUME~1\skinny\LOCALS~1\Temp\dyqj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\skinny\LOCALS~1\Temp\winulbv.exe"="C:\DOCUME~1\skinny\LOCALS~1\Temp\winulbv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\skinny\LOCALS~1\Temp\winrlusmu.exe"="C:\DOCUME~1\skinny\LOCALS~1\Temp\winrlusmu.exe:*:Enabled:ipsec"
"C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe"="C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winrqheni.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winrqheni.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winwrhuug.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winwrhuug.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winqxgwej.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winqxgwej.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winmoyovo.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winmoyovo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winxsdeu.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winxsdeu.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winffpe.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winffpe.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingtdc.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingtdc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winwgrifb.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winwgrifb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winsxbew.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winsxbew.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winghkm.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winghkm.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingijs.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingijs.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winioyob.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winioyob.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\oqerg.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\oqerg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winrwev.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winrwev.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\qbyc.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\qbyc.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winstejng.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winstejng.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\thrsg.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\thrsg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\yvdkq.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\yvdkq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\lkcmbx.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\lkcmbx.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\iigd.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\iigd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winvyge.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winvyge.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\aotmyj.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\aotmyj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingvgfld.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingvgfld.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winuuuqap.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winuuuqap.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winqiroty.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winqiroty.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wincamljt.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wincamljt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\reyb.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\reyb.exe:*:Enabled:ipsec"
"C:\Documents and Settings\bounadi med\Bureau\Firefox Setup 3.0.7.exe"="C:\Documents and Settings\bounadi med\Bureau\Firefox Setup 3.0.7.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winxirni.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winxirni.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winyybxi.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winyybxi.exe:*:Enabled:ipsec"
"C:\Documents and Settings\bounadi med\Bureau\wlsetup-web(2).exe"="C:\Documents and Settings\bounadi med\Bureau\wlsetup-web(2).exe:*:Enabled:ipsec"
"C:\Program Files\Internet Mobile\Internet Mobile.exe"="C:\Program Files\Internet Mobile\Internet Mobile.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\sxfv.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\sxfv.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winbdccut.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winbdccut.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\nqwakc.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\nqwakc.exe:*:Enabled:ipsec"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winiylnmn.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winiylnmn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winyimvh.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winyimvh.exe:*:Enabled:ipsec"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winywjd.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winywjd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\ctdi.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\ctdi.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\ijiwcb.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\ijiwcb.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\sddpj.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\sddpj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\qgju.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\qgju.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winukmd.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winukmd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingkswfq.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wingkswfq.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\jjnglr.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\jjnglr.exe:*:Enabled:ipsec"
"C:\Documents and Settings\bounadi med\Bureau\uTorrent.exe"="C:\Documents and Settings\bounadi med\Bureau\uTorrent.exe:*:Enabled:µTorrent"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\qfll.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\qfll.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\ckqiyt.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\ckqiyt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\aoolt.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\aoolt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\bhlef.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\bhlef.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\lkvn.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\lkvn.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\cpcvo.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\cpcvo.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winbkur.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winbkur.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winnnsa.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winnnsa.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winmerd.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winmerd.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winehadon.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winehadon.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\kfdl.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\kfdl.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winlhdgj.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winlhdgj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winknqvog.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winknqvog.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wincxtlt.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\wincxtlt.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winunupxj.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winunupxj.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\bbjg.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\bbjg.exe:*:Enabled:ipsec"
"C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winlrigju.exe"="C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winlrigju.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b093d748-0cf9-11de-bb9c-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdc2d99e-0cf7-11de-9b88-0004230d0242}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdc2d9a2-0cf7-11de-9b88-0004230d0242}]
shell\AutoRun\command - E:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-03-30 00:08:29 ----D---- C:\Program Files\trend micro
2009-03-30 00:07:52 ----D---- C:\rsit
2009-03-29 22:42:39 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-03-29 20:08:39 ----D---- C:\Program Files\Windows Live Safety Center
2009-03-29 19:10:07 ----D---- C:\Program Files\Fichiers communs\Ankiro
2009-03-29 19:06:21 ----D---- C:\Program Files\Fichiers communs\Application
2009-03-29 19:03:32 ----D---- C:\Program Files\SPAMfighter
2009-03-29 19:03:32 ----D---- C:\Documents and Settings\bounadi med\Application Data\SPAMfighter
2009-03-29 18:44:23 ----D---- C:\Program Files\PhotoFiltre
2009-03-29 03:52:23 ----D---- C:\WINDOWS\RegisteredPackages
2009-03-29 03:00:47 ----D---- C:\Program Files\ESTsoft
2009-03-29 03:00:47 ----D---- C:\Documents and Settings\bounadi med\Application Data\ESTsoft
2009-03-29 02:21:37 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon
2009-03-29 02:21:36 ----D---- C:\Documents and Settings\bounadi med\Application Data\Babylon
2009-03-29 02:05:03 ----D---- C:\Documents and Settings\bounadi med\Application Data\vlc
2009-03-29 02:00:01 ----D---- C:\Program Files\VideoLAN
2009-03-28 23:40:39 ----A---- C:\WINDOWS\system32\muweb.dll
2009-03-28 23:40:39 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-03-28 23:40:39 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-03-28 23:40:04 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2009-03-28 23:39:34 ----D---- C:\Program Files\Windows Live Toolbar
2009-03-28 23:37:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-28 23:36:45 ----D---- C:\Program Files\MSN Messenger
2009-03-23 21:11:30 ----D---- C:\Program Files\Ares
2009-03-22 22:31:04 ----D---- C:\Documents and Settings\bounadi med\Application Data\uTorrent
2009-03-22 15:31:25 ----D---- C:\Program Files\QuickTime
2009-03-22 15:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-03-22 13:49:14 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-03-14 13:14:38 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-03-13 21:32:36 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-03-11 18:52:48 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 18:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-03-11 12:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 12:07:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-10 12:20:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-03-10 12:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-03-10 12:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-03-10 12:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-03-10 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-03-10 12:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-03-10 12:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-03-10 12:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-03-10 12:19:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-03-10 12:18:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-03-10 12:18:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-03-10 12:18:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-10 12:18:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-03-10 12:18:24 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-03-10 12:18:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-03-10 12:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-03-10 12:18:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-03-10 12:17:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-03-10 12:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-03-10 12:17:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-03-10 12:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-03-10 12:17:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-03-10 12:17:13 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-03-10 12:17:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-03-10 12:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-03-10 11:49:56 ----D---- C:\Documents and Settings\bounadi med\Application Data\Macromedia
2009-03-10 11:49:56 ----D---- C:\Documents and Settings\bounadi med\Application Data\Adobe
2009-03-10 11:29:27 ----D---- C:\Documents and Settings\bounadi med\Application Data\Mozilla
2009-03-10 11:29:08 ----D---- C:\Program Files\Mozilla Firefox
2009-03-10 11:23:22 ----D---- C:\WINDOWS\system32\PreInstall
2009-03-10 11:23:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-03-10 11:23:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-03-10 11:23:19 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-03-10 11:23:19 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-10 01:03:05 ----D---- C:\Documents and Settings\bounadi med\Application Data\MSNInstaller
2009-03-10 01:00:19 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-03-10 00:57:54 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-03-10 00:54:33 ----A---- C:\WINDOWS\system32\h323log.txt
2009-03-10 00:53:08 ----D---- C:\Program Files\Internet Mobile
2009-03-10 00:52:12 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2009-03-10 00:51:49 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-03-10 00:51:46 ----A---- C:\WINDOWS\system32\usbui.dll
2009-03-10 00:49:51 ----A---- C:\WINDOWS\imsins.BAK
2009-03-10 00:49:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-10 00:49:46 ----SHD---- C:\WINDOWS\Installer
2009-03-10 00:49:45 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-03-10 00:49:45 ----A---- C:\WINDOWS\ODBCINST.INI
2009-03-10 00:49:41 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-03-10 00:49:40 ----RD---- C:\Program Files
2009-03-10 00:49:40 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-10 00:49:40 ----D---- C:\Program Files\Fichiers communs
2009-03-10 00:49:38 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-03-10 00:49:38 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-03-10 00:49:38 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-03-10 00:49:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-03-10 00:49:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-03-10 00:49:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-03-10 00:49:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-03-10 00:49:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-03-10 00:49:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-03-10 00:49:33 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-03-10 00:49:33 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-03-10 00:49:33 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-03-10 00:49:33 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-03-10 00:49:33 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-03-10 00:49:31 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-03-10 00:49:28 ----A---- C:\WINDOWS\system32\irclass.dll
2009-03-10 00:49:27 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-03-10 00:49:27 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-03-10 00:49:27 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-03-10 00:49:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-03-10 00:49:25 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-03-10 00:49:25 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-03-10 00:49:24 ----A---- C:\WINDOWS\system32\batt.dll
2009-03-10 00:49:24 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-03-10 00:49:23 ----A---- C:\WINDOWS\system32\storprop.dll
2009-03-10 00:49:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-03-10 00:49:02 ----RA---- C:\WINDOWS\SET8.tmp
2009-03-10 00:48:57 ----RA---- C:\WINDOWS\SET4.tmp
2009-03-10 00:48:55 ----RA---- C:\WINDOWS\SET3.tmp
2009-03-10 00:48:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-10 00:48:47 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-10 00:48:41 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-10 00:48:13 ----A---- C:\WINDOWS\setuplog.txt
2009-03-10 00:48:07 ----D---- C:\Documents and Settings
2009-03-10 00:47:30 ----SH---- C:\boot.ini
2009-03-10 00:45:45 ----SHD---- C:\System Volume Information
2009-03-10 00:42:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-10 00:42:12 ----RSD---- C:\WINDOWS\Fonts
2009-03-10 00:42:12 ----RD---- C:\WINDOWS\Web
2009-03-10 00:42:12 ----HD---- C:\WINDOWS\inf
2009-03-10 00:42:12 ----D---- C:\WINDOWS\WinSxS
2009-03-10 00:42:12 ----D---- C:\WINDOWS\twain_32
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Temp
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\wins
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\wbem
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\usmt
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\spool
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\ShellExt
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\Setup
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\ras
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\oobe
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\npp
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\mui
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\inetsrv
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\IME
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\icsxml
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\ias
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\export
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\drivers
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\dhcp
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\config
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\3com_dmi
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\3076
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\2052
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1054
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1042
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1041
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1037
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1036
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1033
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1031
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1028
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32\1025
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system32
2009-03-10 00:42:12 ----D---- C:\WINDOWS\system
2009-03-10 00:42:12 ----D---- C:\WINDOWS\security
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Resources
2009-03-10 00:42:12 ----D---- C:\WINDOWS\repair
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Provisioning
2009-03-10 00:42:12 ----D---- C:\WINDOWS\PeerNet
2009-03-10 00:42:12 ----D---- C:\WINDOWS\pchealth
2009-03-10 00:42:12 ----D---- C:\WINDOWS\mui
2009-03-10 00:42:12 ----D---- C:\WINDOWS\msapps
2009-03-10 00:42:12 ----D---- C:\WINDOWS\msagent
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Media
2009-03-10 00:42:12 ----D---- C:\WINDOWS\java
2009-03-10 00:42:12 ----D---- C:\WINDOWS\ime
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Help
2009-03-10 00:42:12 ----D---- C:\WINDOWS\ehome
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Driver Cache
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Debug
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Cursors
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Connection Wizard
2009-03-10 00:42:12 ----D---- C:\WINDOWS\Config
2009-03-10 00:42:12 ----D---- C:\WINDOWS\AppPatch
2009-03-10 00:42:12 ----D---- C:\WINDOWS\addins
2009-03-10 00:42:12 ----D---- C:\WINDOWS
2009-03-10 00:41:48 ----D---- C:\Microsoft Office
2009-03-10 00:24:01 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-10 00:22:32 ----SHD---- C:\RECYCLER
2009-03-10 00:15:10 ----D---- C:\Documents and Settings\bounadi med\Application Data\Identities
2009-03-10 00:15:07 ----HD---- C:\Program Files\Uninstall Information
2009-03-10 00:14:59 ----ASH---- C:\Documents and Settings\bounadi med\Application Data\desktop.ini
2009-03-10 00:14:58 ----SD---- C:\Documents and Settings\bounadi med\Application Data\Microsoft
2009-03-10 00:09:43 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-10 00:09:40 ----D---- C:\WINDOWS\Prefetch
2009-03-10 00:09:39 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-10 00:09:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-10 00:04:11 ----D---- C:\WINDOWS\system32\xircom
2009-03-10 00:04:11 ----D---- C:\Program Files\xerox
2009-03-10 00:04:10 ----D---- C:\Program Files\microsoft frontpage
2009-03-10 00:03:23 ----A---- C:\WINDOWS\control.ini
2009-03-10 00:03:23 ----A---- C:\AUTOEXEC.BAT
2009-03-10 00:02:58 ----A---- C:\WINDOWS\OEWABLog.txt
2009-03-10 00:02:49 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-03-10 00:01:05 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-10 00:01:05 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-10 00:01:05 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-03-10 00:00:53 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-03-10 00:00:43 ----HD---- C:\Program Files\WindowsUpdate
2009-03-10 00:00:36 ----D---- C:\Program Files\Services en ligne
2009-03-10 00:00:09 ----D---- C:\WINDOWS\system32\DirectX
2009-03-09 23:59:46 ----A---- C:\WINDOWS\system32\atrace.dll
2009-03-09 23:59:43 ----A---- C:\WINDOWS\system32\desktop.ini
2009-03-09 23:59:43 ----A---- C:\WINDOWS\desktop.ini
2009-03-09 23:59:36 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-03-09 23:59:35 ----A---- C:\WINDOWS\system32\acctres.dll
2009-03-09 23:59:34 ----D---- C:\Program Files\Fichiers communs\Services
2009-03-09 23:59:31 ----SD---- C:\WINDOWS\Tasks
2009-03-09 23:59:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-03-09 23:59:30 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-03-09 23:59:26 ----D---- C:\WINDOWS\srchasst
2009-03-09 23:59:25 ----D---- C:\WINDOWS\system32\Macromed
2009-03-09 23:59:22 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-03-09 23:59:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-03-09 23:59:22 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-03-09 23:59:21 ----A---- C:\WINDOWS\system32\wups.dll
2009-03-09 23:59:21 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-03-09 23:59:21 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-03-09 23:59:20 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-03-09 23:59:20 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-03-09 23:59:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-03-09 23:59:20 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-03-09 23:59:20 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-03-09 23:59:20 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-03-09 23:59:19 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-03-09 23:59:16 ----D---- C:\Program Files\Movie Maker
2009-03-09 23:59:11 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-03-09 23:59:11 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-03-09 23:59:11 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-03-09 23:59:10 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-03-09 23:59:06 ----D---- C:\WINDOWS\system32\Restore
2009-03-09 23:59:06 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-03-09 23:59:06 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-03-09 23:59:06 ----A---- C:\WINDOWS\system32\srclient.dll
2009-03-09 23:59:06 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-03-09 23:59:06 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-03-09 23:59:05 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-03-09 23:59:05 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-03-09 23:59:05 ----A---- C:\WINDOWS\system32\ils.dll
2009-03-09 23:59:04 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-03-09 23:59:04 ----A---- C:\WINDOWS\system32\msconf.dll
2009-03-09 23:59:04 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-03-09 23:59:01 ----D---- C:\Program Files\NetMeeting
2009-03-09 23:59:01 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-03-09 23:59:01 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-03-09 23:59:00 ----A---- C:\WINDOWS\system32\inetres.dll
2009-03-09 23:59:00 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-03-09 23:58:58 ----D---- C:\Program Files\Outlook Express
2009-03-09 23:58:58 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-03-09 23:58:58 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-03-09 23:58:57 ----A---- C:\WINDOWS\system32\mstask.dll
2009-03-09 23:58:57 ----A---- C:\WINDOWS\system32\isign32.dll
2009-03-09 23:58:57 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-03-09 23:58:57 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-03-09 23:58:57 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-03-09 23:58:50 ----D---- C:\Program Files\Fichiers communs\System
2009-03-09 23:58:49 ----D---- C:\Program Files\Internet Explorer
2009-03-09 23:57:34 ----D---- C:\Program Files\ComPlus Applications
2009-03-09 23:57:30 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-09 23:57:30 ----A---- C:\WINDOWS\vb.ini
2009-03-09 23:57:23 ----D---- C:\WINDOWS\Registration
2009-03-09 23:57:09 ----D---- C:\Program Files\Windows Media Player
2009-03-09 23:57:09 ----D---- C:\Program Files\Online Services
2009-03-09 23:56:59 ----D---- C:\Program Files\Messenger
2009-03-09 23:56:54 ----D---- C:\Program Files\MSN Gaming Zone
2009-03-09 23:56:54 ----A---- C:\WINDOWS\system32\write.exe
2009-03-09 23:56:42 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-03-09 23:56:42 ----A---- C:\WINDOWS\system32\hticons.dll
2009-03-09 23:56:42 ----A---- C:\WINDOWS\system32\avwav.dll
2009-03-09 23:56:42 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-03-09 23:56:42 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-03-09 23:56:41 ----A---- C:\WINDOWS\system32\winchat.exe
2009-03-09 23:56:32 ----A---- C:\WINDOWS\system32\getuname.dll
2009-03-09 23:56:32 ----A---- C:\WINDOWS\system32\charmap.exe
2009-03-09 23:56:32 ----A---- C:\WINDOWS\system32\calc.exe
2009-03-09 23:56:31 ----A---- C:\WINDOWS\system32\winmine.exe
2009-03-09 23:56:31 ----A---- C:\WINDOWS\system32\sol.exe
2009-03-09 23:56:31 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\tskill.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\tscon.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\shadow.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\reset.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\regini.exe
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-03-09 23:56:30 ----A---- C:\WINDOWS\system32\freecell.exe
2009-03-09 23:56:29 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-03-09 23:56:29 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-03-09 23:56:29 ----A---- C:\WINDOWS\system32\msg.exe
2009-03-09 23:56:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-03-09 23:56:29 ----A---- C:\WINDOWS\system32\logoff.exe
2009-03-09 23:56:29 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-03-09 23:56:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-03-09 23:56:28 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-03-09 23:56:28 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-03-09 23:56:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-03-09 23:56:28 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-03-09 23:56:28 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-03-09 23:56:27 ----A---- C:\WINDOWS\system32\stclient.dll
2009-03-09 23:56:27 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-03-09 23:56:21 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-03-09 23:56:11 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-03-09 23:56:10 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-03-09 23:56:10 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-03-09 23:56:10 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-03-09 23:56:09 ----D---- C:\Program Files\Windows NT
2009-03-09 23:56:09 ----A---- C:\WINDOWS\system32\spider.exe
2009-03-09 23:56:09 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-03-09 23:56:09 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-03-09 23:56:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-03-09 23:56:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-03-09 23:56:08 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-03-09 23:56:07 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-03-09 23:56:06 ----D---- C:\WINDOWS\system32\MsDtc
2009-03-09 23:56:06 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-03-09 23:56:06 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-03-09 23:56:06 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-03-09 23:56:06 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-03-09 23:56:06 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-03-09 23:56:06 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-03-09 23:56:05 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-03-09 23:56:05 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-03-09 23:56:05 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-03-09 23:56:05 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-03-09 23:56:04 ----D---- C:\WINDOWS\system32\Com
2009-03-09 23:56:04 ----A---- C:\WINDOWS\system32\colbact.dll
2009-03-09 23:56:04 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-03-09 23:56:04 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-03-09 23:56:04 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-03-09 23:56:03 ----A---- C:\WINDOWS\system32\comuid.dll
2009-03-09 23:56:03 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-03-09 23:56:03 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-03-09 23:56:03 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-03-09 23:55:55 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-03-09 23:55:55 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-03-09 23:55:55 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-03-09 23:55:55 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-03-14 13:37:47 ----A---- C:\WINDOWS\system.ini
2009-03-10 00:03:23 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 asc3360pr;asc3360pr; \??\C:\WINDOWS\system32\drivers\gkejis.sys []
R3 ati2mtaa;ati2mtaa; C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2004-08-04 327168]
R3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12288]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

et maintenant que-ce-que je fais

Logfile of random's system information tool 1.06 (written by random/random)
Run by bounadi med at 2009-04-08 23:13:53
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 9 GB (59%) free of 15 GB
Total RAM: 255 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:03, on 08/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Mobile\Internet Mobile.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winkest.exe
C:\DOCUME~1\BOUNAD~1\LOCALS~1\Temp\winolis.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\bounadi med\Bureau\RSIT.exe
C:\Program Files\trend micro\bounadi med.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wwww.google.co.ma/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Mobile Partner] "C:\Program Files\Internet Mobile\Internet Mobile.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O17 - HKLM\System\CCS\Services\Tcpip\..\{9623F99D-C3A9-4AC7-AAC6-C87896DB2917}: NameServer = 212.217.0.1 212.217.0.12
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll