Sujet Précédent Sujet Suivant

Help, PC infecté

kowmedia Messages postés 5 Statut Membre -  
Redbart Messages postés 21489 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,

Je viens depuis toujours sur ce forum lire les messages et pour une fois c'est moi qui ai des soucis. Je suis webmaster de nombreux sites et suite à une infection de mon PC. Ils ont tous été "hacké" (édition par un script automatique sur mes FTP).

Voici les rapports de Hijack

En epserant que vous pourrez m'aider...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Pierre at 2009-06-18 11:39:36
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 35 GB (15%) free of 235 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:03, on 18/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Pierre\Bureau\RSIT.exe
C:\Program Files\trend micro\Pierre.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.daevel.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sysldtray] c:\windows\ld09.exe
O4 - HKLM\..\Run: [sysfbtray] c:\windows\freddy46.exe
O4 - HKLM\..\Run: [sysberay2] c:\windows\romeo15.exe
O4 - HKLM\..\Run: [sysmstray] c:\windows\mstre19.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\IEShellExt.dll /100
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {32C11E38-E587-4BE9-9ABB-D69158C21CE5} (Moonlight MPEG-4 Video Decoder) - http://com06.montefiore.ulg.ac.be:10102/activex/decoder/mpeg4_dec.cab
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - https://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://com06.montefiore.ulg.ac.be:10108/activex/AMC.cab
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0) - http://activex.microsoft.com/controls/vb5/comdlg32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{200E846A-135B-427E-BA9A-90DFD1FA3C60}: NameServer = 195.238.2.21,195.238.2.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c8c1845068e7e) (gupdate1c8c1845068e7e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe

--
End of file - 15407 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\OGADaily.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{D529E34D-692B-4093-89D3-6A844980E281}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-16 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-17 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-17 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2005-06-17 139264]
"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2006-12-12 19456]
"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2005-11-11 19968]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"sysldtray"=c:\windows\ld09.exe []
"sysfbtray"=c:\windows\freddy46.exe []
"sysberay2"=c:\windows\romeo15.exe []
"sysmstray"=c:\windows\mstre19.exe [2009-06-17 31744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-12 68856]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-17 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-11 623992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTSETBOOTKEY]
C:\WINDOWS\system32\BTSetBootKey.exe [2003-04-15 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTUSRBDG]
C:\WINDOWS\system32\BtUsrBdg.exe [2003-11-05 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-17 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Default_Page_URL]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.2]
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe [2006-07-14 107008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\glowria]
C:\Program Files\glowria\glowria.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\INSIDETHIS]
C:\DOCUME~1\Pierre\APPLIC~1\VIEWFI~1\sixth list city.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-06-10 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe /hide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mirabilis ICQ]
C:\PROGRA~1\ICQ\ICQNet.exe [2003-10-14 38984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2005-07-12 1117184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 12.0]
C:\Program Files\Norton Ghost\Agent\VProTray.exe [2008-11-12 2037096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpScheduler]
C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opware15]
C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC_Fun]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF3 Registry Controller]
C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe [2005-04-12 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRISMSVR.EXE]
C:\Program Files\U.S. Robotics\Wireless USB Manager\PRISMSVR.EXE /APPLY []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-07-02 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2009-06-12 1217784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-12 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TopDesk]
C:\Program Files\TopDesk Trial\topdesk.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe /VeohHide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zkjnmdsx]
c:\windows\system32\zkjnmdsx.exe zkjnmdsx []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zyfuohbgjn]
c:\windows\system32\zyfuohbgjn.exe zyfuohbgjn []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^U.S. Robotics Wireless USB Adapter.lnk]
C:\PROGRA~1\USE6FD~1.ROB\WIRELE~1\USR11G.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pierre^Menu Démarrer^Programmes^Démarrage^CSV AdStats 4.0.appref-ms]
C:\Documents and Settings\Pierre\Menu Démarrer\Programmes\Démarrage\CSV AdStats 4.0.appref-ms []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Steam\SteamApps\stigmatix\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\stigmatix\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\ICQ\Icq.exe"="C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ"
"C:\Program Files\Atari\Crashday-demo\Crashday.exe"="C:\Program Files\Atari\Crashday-demo\Crashday.exe:*:Enabled:Crashday"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat"="C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\game.dat:*:Enabled:La Bataille pour la Terre du Milieu(tm)"
"C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\patchget.dat"="C:\Program Files\EA GAMES\La Bataille pour la Terre du Milieu(tm)\patchget.dat:*:Enabled:patchgrabber"
"C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe"="C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe:*:Disabled:Squeeze Application"
"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player"
"C:\Program Files\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe"="C:\Program Files\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
"C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Documents and Settings\Pierre\Local Settings\Temp\ElectronicArts_Patcher_000.exe"="C:\Documents and Settings\Pierre\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Disabled:ElectronicArts_Patcher_000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Disabled:Veoh Client"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2b\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2b\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Steam\SteamApps\stigmatix\rag doll kung fu demo\Rag_Doll_Kung_Fu_Steam.exe"="C:\Program Files\Steam\SteamApps\stigmatix\rag doll kung fu demo\Rag_Doll_Kung_Fu_Steam.exe:*:Enabled:Rag Doll Kung Fu Demo"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\UT2004\System\UT2004.exe"="C:\UT2004\System\UT2004.exe:*:Enabled:UT2004"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe"="C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TightVNC\WinVNC.exe"="C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64ab9819-5f83-11dc-893c-0013720e0358}]
shell\AutoRun\command - L:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d8e426d-6f4d-11dd-9182-0013720e0358}]
shell\AutoRun\command - N:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a010a472-a721-11dd-93e2-0013720e0358}]
shell\AutoRun\command - N:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
shell\open\command - N:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe

======File associations======

.ini - open - "C:\Program Files\IDM Computer Solutions\UltraEdit-32\uedit32.exe" "%1"
.js - edit -
.js - open -
.txt - open - "C:\Program Files\IDM Computer Solutions\UltraEdit-32\uedit32.exe" "%1"

======List of files/folders created in the last 1 months======

2009-06-18 11:39:38 ----D---- C:\Program Files\trend micro
2009-06-18 11:39:36 ----D---- C:\rsit
2009-06-17 15:36:36 ----H---- C:\WINDOWS\mstre19.exe
2009-06-17 15:36:30 ----D---- C:\Program Files\driver
2009-06-17 15:26:32 ----D---- C:\Program Files\Mankind
2009-06-16 13:20:10 ----A---- C:\wahoosetup.exe
2009-06-11 10:38:44 ----D---- C:\Documents and Settings\Pierre\Application Data\Command & Conquer 3 Les guerres du Tiberium
2009-06-11 09:57:33 ----D---- C:\Program Files\Defraggler
2009-06-11 09:56:50 ----D---- C:\Program Files\CCleaner
2009-06-11 09:25:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-11 09:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-11 09:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-11 09:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$

======List of files/folders modified in the last 1 months======

2009-06-18 11:39:49 ----D---- C:\WINDOWS\Prefetch
2009-06-18 11:39:38 ----RD---- C:\Program Files
2009-06-18 11:38:00 ----D---- C:\WINDOWS
2009-06-18 11:22:38 ----D---- C:\WINDOWS\Temp
2009-06-18 11:05:28 ----SD---- C:\WINDOWS\Tasks
2009-06-18 10:56:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-18 10:52:05 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-06-18 10:51:55 ----D---- C:\Documents and Settings\All Users\Application Data\VMware
2009-06-17 17:11:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-17 12:16:06 ----D---- C:\Program Files\Steam
2009-06-17 11:53:28 ----SHD---- C:\WINDOWS\Installer
2009-06-16 13:16:27 ----D---- C:\Program Files\Mozilla Firefox
2009-06-13 13:55:44 ----SHD---- C:\Config.Msi
2009-06-13 13:55:33 ----D---- C:\Program Files\Google
2009-06-12 12:07:06 ----A---- C:\WINDOWS\NeroDigital.ini
2009-06-11 10:34:40 ----D---- C:\Program Files\Electronic Arts
2009-06-11 10:33:34 ----D---- C:\WINDOWS\system32
2009-06-11 10:29:02 ----HD---- C:\WINDOWS\inf
2009-06-11 10:15:03 ----D---- C:\WINDOWS\system32\wbem
2009-06-11 10:15:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-11 10:01:28 ----D---- C:\WINDOWS\Debug
2009-06-11 09:51:52 ----D---- C:\Program Files\Internet Explorer
2009-06-11 09:26:42 ----A---- C:\WINDOWS\win.ini
2009-06-11 09:25:37 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-11 09:25:26 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-11 09:21:57 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-10 14:49:05 ----D---- C:\WINDOWS\system32\DirectX
2009-06-10 14:46:22 ----D---- C:\WINDOWS\WinSxS
2009-06-10 11:57:25 ----D---- C:\backup stig1
2009-06-10 10:24:55 ----D---- C:\back ns37841
2009-06-10 09:02:37 ----A---- C:\WINDOWS\ModemLog_Sony Ericsson Device 0016 USB WMC Modem.txt
2009-06-10 09:02:35 ----A---- C:\WINDOWS\ModemLog_Sony Ericsson Device 0016 USB WMC Data Modem.txt
2009-06-04 08:57:31 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-26 11:55:57 ----D---- C:\DivX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-28 75096]
R1 driverdrv;driverdrv; \??\C:\Program Files\driver\driver.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 v2imount;Symantec V2i Mount Driver; C:\WINDOWS\system32\DRIVERS\v2imount.sys [2007-03-28 37864]
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2005-12-15 23424]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 BTCOMM;BTCOMM; C:\WINDOWS\system32\drivers\Btcomm.sys [2004-09-28 57512]
R3 BTKRNBDG;Bluetooth COM Bridge; C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [2003-03-18 15876]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-12-19 511288]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2007-06-18 514560]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-12-19 14648]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-12-19 156984]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-03-31 180736]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-12-19 90936]
R3 GEARAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\gearaspiwdm.sys [2008-04-17 15464]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-12-19 1160504]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 odysseyIM3;Odyssey Network Services Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2004-03-11 62865]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-12-19 128312]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vad_multi;Windigo Virtual Audio Device (WDM); C:\WINDOWS\system32\drivers\vadmulti.sys [2005-06-30 17792]
R3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2007-02-19 223128]
S3 a617v5rs;a617v5rs; C:\WINDOWS\system32\drivers\a617v5rs.sys []
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-07-14 340704]
S3 DELL_A02;Pilote de la carte WLAN USB 2.0 Dell TrueMobile 1300; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2006-06-01 357344]
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys []
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 LVUVC;Logitech QuickCam Ultra Vision(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys []
S3 MEGAUSB0101;MegawinMa100; C:\WINDOWS\system32\Drivers\usbscan.sys [2008-04-13 15104]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 RSC4_A02;U.S. Robotics Wireless USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\RSC4USB.sys []
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2b\WNt500x86\Sandra.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2005-12-15 9600]
S3 VProEventMonitor;Symantec Event Monitor Driver; C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys [2007-07-31 14072]
S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2007-03-28 128104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 driver;driver; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IAANTMon;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe [2005-06-17 86140]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2008-11-12 3425632]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2005-12-15 217088]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2005-12-15 106496]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe [2005-12-15 245760]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2005-12-15 135168]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1c8c1845068e7e;Google Update Service (gupdate1c8c1845068e7e); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-09-01 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe []
S2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2006-03-20 221184]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-03-21 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-04-24 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe [2007-09-05 24635]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe [2007-07-06 5730304]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-08 3004416]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-06-18 11:40:09

======Uninstall list======

-->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W /L:FRN
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe
A voir également:

9 réponses

Réponse 1 / 9
Redbart Messages postés 21489 Date d'inscription   Statut Membre Dernière intervention   3 378
 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
à quand la màj (v.14)? supprimer les anciennes versions

O4 - HKLM\..\Run: [sysldtray] c:\windows\ld09.exe
O4 - HKLM\..\Run: [sysfbtray] c:\windows\freddy46.exe
O4 - HKLM\..\Run: [sysberay2] c:\windows\romeo15.exe
O4 - HKLM\..\Run: [sysmstray] c:\windows\mstre19.exe
https://www.systemlookup.com/Startup/19841-freddy39_exe_freddy42_exe_freddy43_exe.html

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zkjnmdsx]
c:\windows\system32\zkjnmdsx.exe zkjnmdsx []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zyfuohbgjn]
c:\windows\system32\zyfuohbgjn.exe zyfuohbgjn []

y a du boulot là...pour
superantispyware
Malwarebytesantimalware

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

2 AV sur un pc; tu n'as pas bien suivi sur le forum

quel est ton parefeu, antispyware?

C:\Program Files\Bonjour\mDNSResponder.exe
http://blogmotion.fr/internet/supprimer-le-service-bonjour-mdnsresponder-1031
0
Réponse 2 / 9
kowmedia Messages postés 5 Statut Membre
 
Je n'ai pas de Firewall... Je viens de réactiver celui de Windows...
Je n'ai que Avira qui tourne comme AV (Norton c'était il y a longetmps)...
Pas d'antispyware...

Qie dois-je faire donc ?

Merci pour ta réaction si rapide,

Pierre
0
Réponse 3 / 9
Redbart Messages postés 21489 Date d'inscription   Statut Membre Dernière intervention   3 378
 
Installe
http://www.malwarebytes.org/mbam.php
tuto
http://www.libellules.ch/...
màj et scan complet (en manuel)
à garder sur le pc - analyse hebdomadaire

supprime tout ce qu'il trouve (redémarrage, s'il le demande)
post le rapport

avira antivir
active en mode expert la recherche de rootkits et des liens symboliques
màj et scan (si ce n'est pas planifié au moins 2X par semaine)
post le rapport

suppression norton
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
0
Réponse 4 / 9
kowmedia Messages postés 5 Statut Membre
 
Aie j'ai fait l'imbécile, j'ai reboot mon PC avec les rapports qui étaient ouverts... Donc ils sont perdus.

J'ai acheté (oui officiellement) MalWareBytes aussi et il tourne donc avec Avira (J'ai coché l'option dont vous m'avez parlé).

Je relance d'ici peu les deux scans pour copier les logs...

Merci pour tout.

Pierre

PS : J'espère que vous avez des actions MalWareBytes
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
Redbart Messages postés 21489 Date d'inscription   Statut Membre Dernière intervention   3 378
 
j'ai reboot mon PC avec les rapports qui étaient ouverts...
mais non, les rapports sont toujours enregistrés, on y accède par le logiciel

pas d'actions, utilisateur de versions gratuites

parefeu gratuit (le gratuit uniquement pas de "suite"!)
zonealarm
https://www.zonealarm.com/software/free-firewall
laisser le logiciel se paramètrer

anti spyware gratuit
spybot
https://www.safer-networking.org/products/
màj et scan à faire de suite , planifiable
0
Réponse 6 / 9
kowmedia Messages postés 5 Statut Membre
 
Bonsoir,

Alors j'ai eu la même chose sur le PC @home comme Virus/Trojan/...

Vu que j'avais Avira (uniquement ça) comme AV, que me conseillez-vous pour le remplacer de gratuit ?

J'ai mis Spybots et ZA selon vos conseils.

Encore merci pour tout,

Pierre
0
Réponse 7 / 9
Redbart Messages postés 21489 Date d'inscription   Statut Membre Dernière intervention   3 378
 
concernant l'AV, cela réponds à ta question? (je n'ai pas d'avis sur les payants)
http://www.infos-du-net.com/actualite/dossiers/102-18-comparatif-antivirus-2008.html
le commentaire final est éloquent

dés que tu auras tout bien installé et la 1 ère analyse faite

dans spybot passe en mode avancé
vaccine ton pc

onglets >règlages >planificateur planifie le scan 1 heure après le mise à jour, 3 X par semaine ~

n'active pas teatimer et sdhelper, ZA suffit

avira : vérifie si la planification pour le scan et update est coché

post les rapport stp

et un nouveau rsit dès que t'as le temps
0
Réponse 8 / 9
kowmedia Messages postés 5 Statut Membre
 
Voici les rapports des derniers SCAN complets : Pensez-vous que tout soit enfin OK ?

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2304
Windows 5.1.2600 Service Pack 3

19/06/2009 9:14:30
mbam-log-2009-06-19 (09-14-30).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 334196
Temps écoulé: 15 hour(s), 21 minute(s), 8 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\system volume information\_restore{340c3340-2ebb-4324-859a-c37e85627171}\rp882\A0097635.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{340c3340-2ebb-4324-859a-c37e85627171}\rp882\A0097636.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{340c3340-2ebb-4324-859a-c37e85627171}\rp884\A0098169.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

---------------
---------------
---------------
---------------

Avira AntiVir Personal
Report file date: jeudi 18 juin 2009 17:16

Scanning for 1475114 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: STIGMATIX-MAIN

Version information:
BUILD.DAT : 8.2.0.353 17048 Bytes 15/05/2009 12:02:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 07:24:20
ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 12/06/2009 11:44:32
ANTIVIR3.VDF : 7.1.4.111 167936 Bytes 18/06/2009 12:52:52
Engineversion : 8.2.0.191
AEVDF.DLL : 8.1.1.1 106868 Bytes 04/05/2009 06:50:57
AESCRIPT.DLL : 8.1.2.9 409978 Bytes 18/06/2009 12:52:55
AESCN.DLL : 8.1.2.3 127347 Bytes 18/05/2009 07:12:14
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.18 401783 Bytes 28/05/2009 09:22:26
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 18/06/2009 12:52:55
AEHEUR.DLL : 8.1.0.133 1798520 Bytes 18/06/2009 12:52:54
AEHELP.DLL : 8.1.3.6 205174 Bytes 12/06/2009 10:50:23
AEGEN.DLL : 8.1.1.45 348532 Bytes 10/06/2009 10:50:46
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.6.12 180599 Bytes 28/05/2009 09:22:25
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.3 155688 Bytes 21/04/2009 08:45:40
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 18 juin 2009 17:16

Starting search for hidden objects.
'131290' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'mbam.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'mbamgui.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'vmnetdhcp.exe' - '1' Module(s) have been scanned
Scan process 'vmnat.exe' - '1' Module(s) have been scanned
Scan process 'CtHelper.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'vmount2.exe' - '1' Module(s) have been scanned
Scan process 'vmware-authd.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'mbamservice.exe' - '1' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '69' files ).

Starting the file scan:

Begin scan in 'C:\' <stigmatix>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP882\A0097635.dll
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
[NOTE] The file was deleted!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP882\A0097636.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP883\A0097644.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP883\A0097664.dll
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP884\A0098169.exe
[DETECTION] Is the TR/Killav.28714 Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\vaxscsi.sys
[WARNING] The file could not be opened!

End of the scan: vendredi 19 juin 2009 08:25
Used time: 15:09:21 Hour(s)

The scan has been done completely.

16787 Scanning directories
747532 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
3 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
6 Files cannot be scanned
747523 Files not concerned
8834 Archives were scanned
10 Warnings
3 Notes
131290 Objects were scanned with rootkit scan
0 Hidden objects were found
0
Réponse 9 / 9
Redbart Messages postés 21489 Date d'inscription   Statut Membre Dernière intervention   3 378
 
les logiciels commencent à faire leur travail

hélas, le boulot n'est pas fini, les infections ont été sauvegardé dans les fichiers de restauration qu'il faut donc supprimer
clic droit sur propriétés du poste de travail>onglets Restauration> cocher "désactiver la restauration sur tout les lecteurs"

redémarrer le pc, cela efface les PdR

dès la fin de cette suppression, réactiver la création auto de PdR , créer un PdR en manuel

tuto : point de restauration
http://www.commentcamarche.net/faq/sujet 740 windows xp points de restauration

0