Ordi infecté par TR/Crypt.ZPACK.Gen

rapadango -
Utilisateur anonyme - 18 oct. 2009 à 20:17

Bonjour,

Mon antivir détecte an virus TR/Crypt.ZPACK.Gen
dans C:\Documents and Settings\RECORDS\Local Settings\Temp\586.exe
et
C:\Documents and Settings\RECORDS\Local Settings\Temporary Internet Files\Contents...\lujka518[1].exe

Je vous prie de m'aider.
Merci d'avance.

Après avoir installé RSIT j'ai les 2 log suivants
1)
Logfile of random's system information tool 1.06 (written by random/random)
Run by RECORDS at 2009-10-18 19:56:40
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 66 GB (87%) free of 76 GB
Total RAM: 895 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:05, on 18/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RECORDS\Bureau\RSIT.exe
C:\Program Files\trend micro\RECORDS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 7414 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-31 909040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-10-15 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-09-02 1107200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2009-07-31 159472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-31 909040]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-09-02 1107200]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2007-12-20 7151616]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-15 2023704]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-07-09 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-19 1667584]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-10-15 11952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98b45870-b5a9-11de-9b44-002197a6bedf}]
shell\AutoRun\command - SEVERINA///aleluja.exe
shell\explore\command - SEVERINA//aleluja.exe
shell\open\command - SEVERINA//aleluja.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd37241e-b7b8-11de-9b47-002197a6bedf}]
shell\AutoRun\command - F:\SEVERINA///aleluja.exe
shell\explore\command - F:\SEVERINA//aleluja.exe
shell\open\command - F:\SEVERINA//aleluja.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd37246b-b7b8-11de-9b47-002197a6bedf}]
shell\AutoRun\command - F:\OPOP\severina.exe
shell\explore\command - F:\.////OPOP/\\\\severina.exe
shell\open\command - F:\OPOP/////\\\\severina.exe

======List of files/folders created in the last 1 months======

2009-10-18 19:56:40 ----D---- C:\rsit
2009-10-18 19:56:40 ----D---- C:\Program Files\trend micro
2009-10-18 18:10:51 ----D---- C:\Program Files\AIST
2009-10-16 20:58:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-16 20:57:17 ----D---- C:\Program Files\Adobe
2009-10-15 22:08:36 ----D---- C:\Program Files\Conduit
2009-10-15 22:08:34 ----D---- C:\Program Files\Softonic.fr
2009-10-15 08:34:10 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-10-14 18:41:23 ----D---- C:\Documents and Settings\RECORDS\Application Data\PhotoFiltre Studio X
2009-10-14 18:41:14 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-10-14 10:56:07 ----D---- C:\Documents and Settings\RECORDS\Application Data\Macromedia
2009-10-14 07:41:20 ----D---- C:\Documents and Settings\RECORDS\Application Data\Yahoo!
2009-10-14 07:41:20 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-10-14 07:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-10-14 07:31:42 ----D---- C:\Program Files\Yahoo!
2009-10-13 15:55:06 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-10-13 15:54:53 ----D---- C:\Program Files\Google
2009-10-13 15:51:21 ----D---- C:\WINDOWS\system32\appmgmt
2009-10-13 15:39:08 ----D---- C:\WINDOWS\Minidump
2009-10-13 14:58:55 ----D---- C:\Program Files\Pinnacle
2009-10-13 14:55:13 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle
2009-10-13 14:51:21 ----RSD---- C:\WINDOWS\assembly
2009-10-13 14:50:28 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 09:42:44 ----D---- C:\Documents and Settings\RECORDS\Application Data\AdobeUM
2009-10-13 09:40:35 ----D---- C:\Documents and Settings\RECORDS\Application Data\Adobe
2009-10-13 09:39:07 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-12 19:13:17 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-10 17:44:51 ----D---- C:\Documents and Settings\RECORDS\Application Data\GRETECH
2009-10-09 15:21:39 ----D---- C:\Program Files\WinAVI Video Converter
2009-10-09 15:20:19 ----D---- C:\Program Files\GRETECH
2009-10-09 14:42:36 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-09 11:19:45 ----D---- C:\Documents and Settings\RECORDS\Application Data\Nero
2009-10-09 11:19:29 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2009-10-09 11:16:02 ----D---- C:\Program Files\Nero
2009-10-09 11:16:02 ----D---- C:\Program Files\Fichiers communs\Nero
2009-10-09 11:16:02 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-10-09 11:14:32 ----D---- C:\WINDOWS\RegisteredPackages
2009-10-09 11:13:05 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-10-09 11:13:01 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-10-09 08:06:59 ----D---- C:\Program Files\Avira
2009-10-09 08:06:59 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-10-09 07:24:34 ----HD---- C:\$AVG8.VAULT$
2009-10-09 06:57:49 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-10-09 06:57:42 ----D---- C:\Documents and Settings\RECORDS\Application Data\AVGTOOLBAR
2009-10-09 06:57:36 ----D---- C:\Program Files\AVG
2009-10-09 06:57:35 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-10-08 20:22:44 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2009-10-08 20:22:44 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-10-08 20:22:44 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-10-08 20:22:42 ----D---- C:\Program Files\Alwil Software
2009-10-08 20:09:55 ----RASH---- C:\boot.ini
2009-10-08 20:06:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-08 20:06:24 ----RSD---- C:\WINDOWS\Fonts
2009-10-08 20:06:24 ----RD---- C:\WINDOWS\Web
2009-10-08 20:06:24 ----HD---- C:\WINDOWS\inf
2009-10-08 20:06:24 ----D---- C:\WINDOWS\WinSxS
2009-10-08 20:06:24 ----D---- C:\WINDOWS\twain_32
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Temp
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\wins
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\wbem
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\usmt
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\spool
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\ShellExt
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\Setup
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\ras
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\oobe
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\npp
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\mui
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\inetsrv
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\IME
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\icsxml
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\ias
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\export
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\drivers
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\dhcp
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\config
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\3com_dmi
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\3076
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\2052
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1054
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1042
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1041
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1037
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1036
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1033
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1031
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1028
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32\1025
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system32
2009-10-08 20:06:24 ----D---- C:\WINDOWS\system
2009-10-08 20:06:24 ----D---- C:\WINDOWS\security
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Resources
2009-10-08 20:06:24 ----D---- C:\WINDOWS\repair
2009-10-08 20:06:24 ----D---- C:\WINDOWS\mui
2009-10-08 20:06:24 ----D---- C:\WINDOWS\msapps
2009-10-08 20:06:24 ----D---- C:\WINDOWS\msagent
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Media
2009-10-08 20:06:24 ----D---- C:\WINDOWS\java
2009-10-08 20:06:24 ----D---- C:\WINDOWS\ime
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Help
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Driver Cache
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Debug
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Cursors
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Connection Wizard
2009-10-08 20:06:24 ----D---- C:\WINDOWS\Config
2009-10-08 20:06:24 ----D---- C:\WINDOWS\AppPatch
2009-10-08 20:06:24 ----D---- C:\WINDOWS\addins
2009-10-08 20:06:24 ----D---- C:\WINDOWS
2009-10-08 19:40:58 ----SHD---- C:\RECYCLER
2009-10-08 19:21:12 ----A---- C:\WINDOWS\system32\h323log.txt
2009-10-08 19:20:51 ----D---- C:\WINDOWS\nview
2009-10-08 19:20:51 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-10-08 19:19:51 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2009-10-08 19:19:51 ----RA---- C:\WINDOWS\system32\fdco1.dll
2009-10-08 19:19:50 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-10-08 19:19:17 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-10-08 19:19:17 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-10-08 19:19:17 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-10-08 19:19:16 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-10-08 19:19:05 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-10-08 19:19:02 ----D---- C:\Documents and Settings\RECORDS\Application Data\InstallShield
2009-10-08 19:17:12 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-10-08 19:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-10-08 19:16:43 ----N---- C:\WINDOWS\system32\difxapi.dll
2009-10-08 19:16:43 ----D---- C:\Program Files\VIA
2009-10-08 19:16:10 ----D---- C:\WINDOWS\system32\Tools
2009-10-08 19:12:35 ----A---- C:\WINDOWS\system32\usbui.dll
2009-10-08 19:11:41 ----A---- C:\WINDOWS\imsins.BAK
2009-10-08 19:11:37 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-10-08 19:11:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-08 19:11:37 ----A---- C:\WINDOWS\ODBCINST.INI
2009-10-08 19:11:34 ----RD---- C:\Program Files
2009-10-08 19:11:34 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-10-08 19:11:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-08 19:11:34 ----D---- C:\Program Files\Fichiers communs
2009-10-08 19:11:31 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-10-08 19:11:31 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-10-08 19:11:31 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-10-08 19:11:29 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-10-08 19:11:29 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-10-08 19:11:29 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-10-08 19:11:28 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-10-08 19:11:26 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-10-08 19:11:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-10-08 19:11:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-10-08 19:11:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-10-08 19:11:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-10-08 19:11:24 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-10-08 19:11:21 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-10-08 19:11:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-10-08 19:11:19 ----A---- C:\WINDOWS\system32\irclass.dll
2009-10-08 19:11:19 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-10-08 19:11:19 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-10-08 19:11:18 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-10-08 19:11:18 ----A---- C:\WINDOWS\system32\batt.dll
2009-10-08 19:11:15 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-10-08 19:11:15 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-10-08 19:11:15 ----A---- C:\WINDOWS\notepad.exe
2009-10-08 19:11:14 ----A---- C:\WINDOWS\system32\storprop.dll
2009-10-08 19:11:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-10-08 19:11:07 ----RA---- C:\WINDOWS\SET7.tmp
2009-10-08 19:11:05 ----RA---- C:\WINDOWS\SET3.tmp
2009-10-08 19:10:59 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-08 19:10:59 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-08 19:10:54 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-08 19:10:44 ----A---- C:\WINDOWS\setuplog.txt
2009-10-08 19:10:41 ----D---- C:\Documents and Settings
2009-10-08 19:01:37 ----A---- C:\WINDOWS\Readiris.ini
2009-10-08 19:01:35 ----A---- C:\WINDOWS\system32\irisco32.dll
2009-10-08 19:01:15 ----D---- C:\Program Files\Readiris Pro 9
2009-10-08 19:00:48 ----A---- C:\WINDOWS\system32\Vbar332.dll
2009-10-08 19:00:48 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-10-08 19:00:48 ----A---- C:\WINDOWS\system32\Msxbse35.dll
2009-10-08 19:00:48 ----A---- C:\WINDOWS\system32\Msrd2x35.dll
2009-10-08 19:00:47 ----A---- C:\WINDOWS\system32\msjter35.dll
2009-10-08 19:00:47 ----A---- C:\WINDOWS\system32\msjint35.dll
2009-10-08 19:00:44 ----D---- C:\Program Files\NewSoft
2009-10-08 19:00:43 ----A---- C:\WINDOWS\IsUn040c.exe
2009-10-08 19:00:35 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-08 19:00:24 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-10-08 19:00:00 ----D---- C:\Documents and Settings\RECORDS\Application Data\Dossier de téléchargement Share-to-Web
2009-10-08 19:00:00 ----D---- C:\Documents and Settings\RECORDS\Application Data\Dossier de téléchargement Share-to-Web
2009-10-08 18:59:25 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2009-10-08 18:59:18 ----D---- C:\Program Files\Hewlett-Packard
2009-10-08 18:52:59 ----HDC---- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-10-08 18:11:28 ----D---- C:\Program Files\Microsoft Works
2009-10-08 18:11:22 ----D---- C:\Program Files\MSBuild
2009-10-08 18:11:14 ----D---- C:\Program Files\Microsoft Visual Studio
2009-10-08 18:11:14 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-10-08 18:08:30 ----D---- C:\WINDOWS\SHELLNEW
2009-10-08 18:08:18 ----D---- C:\Program Files\Microsoft Office
2009-10-08 18:08:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-10-08 18:08:00 ----RHD---- C:\MSOCache
2009-10-08 18:03:43 ----D---- C:\WINDOWS\SoftwareDistribution
2009-10-08 18:03:40 ----D---- C:\WINDOWS\Prefetch
2009-10-08 18:03:39 ----SD---- C:\WINDOWS\system32\Microsoft
2009-10-08 17:53:17 ----N---- C:\WINDOWS\system32\spiisupd.exe
2009-10-08 17:53:17 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-10-08 17:53:17 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\dsprpres.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\d3d9.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\btpanui.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\bthserv.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\bthci.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\blastcln.exe
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\auditusr.exe
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ati3duag.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-10-08 17:53:14 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\msftedit.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\msdadiag.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdukx.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdno1.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdinben.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\ieencode.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\httpapi.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\hccoin.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\fwcfg.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\fsquirt.exe
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\fltmc.exe
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\fltlib.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\encdec.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\encapi.dll
2009-10-08 17:53:13 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\xpob2res.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\wmerror.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\winshfhc.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\winhttp.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\winbrand.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\w3ssl.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\twext.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\strmfilt.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\smbinst.exe
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\slserv.exe
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\slgen.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\sbeio.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\sbe.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\powercfg.exe
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\p2psvc.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\p2p.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-10-08 17:53:12 ----N---- C:\WINDOWS\system32\mssap.dll
2009-10-08 17:53:12 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-10-08 17:53:12 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-10-08 17:53:12 ----A---- C:\WINDOWS\system32\MsPMSNSv.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\xmlprov.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wuweb.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wups.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wucltui.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wuapi.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wshbth.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wscsvc.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wscntfy.exe
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wmpasf.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\system32\wmp.dll
2009-10-08 17:53:11 ----N---- C:\WINDOWS\slrundll.exe
2009-10-08 17:53:11 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-10-08 17:53:11 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2009-10-08 17:53:11 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-10-08 17:53:11 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-10-08 17:53:10 ----D---- C:\WINDOWS\provisioning
2009-10-08 17:53:10 ----D---- C:\WINDOWS\peernet
2009-10-08 17:52:12 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-08 17:50:14 ----A---- C:\WINDOWS\002233_.tmp
2009-10-08 17:50:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-10-08 17:49:57 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-10-08 17:48:35 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-10-08 17:48:33 ----D---- C:\WINDOWS\EHome
2009-10-08 17:30:21 ----SHD---- C:\WINDOWS\Installer
2009-10-08 17:30:19 ----D---- C:\Documents and Settings\RECORDS\Application Data\Identities
2009-10-08 17:30:16 ----HD---- C:\Program Files\Uninstall Information
2009-10-08 17:30:13 ----SD---- C:\Documents and Settings\RECORDS\Application Data\Microsoft
2009-10-08 17:30:13 ----ASH---- C:\Documents and Settings\RECORDS\Application Data\desktop.ini
2009-10-08 17:29:35 ----SHD---- C:\System Volume Information
2009-10-08 17:29:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-08 17:27:15 ----D---- C:\WINDOWS\system32\xircom
2009-10-08 17:27:15 ----D---- C:\Program Files\xerox
2009-10-08 17:27:15 ----D---- C:\Program Files\microsoft frontpage
2009-10-08 17:27:01 ----A---- C:\WINDOWS\control.ini
2009-10-08 17:27:01 ----A---- C:\AUTOEXEC.BAT
2009-10-08 17:26:55 ----A---- C:\WINDOWS\OEWABLog.txt
2009-10-08 17:26:52 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-10-08 17:26:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-08 17:26:17 ----RD---- C:\WINDOWS\Offline Web Pages
2009-10-08 17:26:17 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-10-08 17:26:13 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-10-08 17:25:51 ----D---- C:\WINDOWS\srchasst
2009-10-08 17:25:38 ----D---- C:\WINDOWS\system32\Macromed
2009-10-08 17:25:38 ----D---- C:\WINDOWS\system32\DirectX
2009-10-08 17:25:04 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-10-08 17:25:04 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-08 17:25:02 ----D---- C:\Program Files\Movie Maker
2009-10-08 17:24:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-10-08 17:24:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-10-08 17:24:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-10-08 17:24:40 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-10-08 17:24:39 ----A---- C:\WINDOWS\system32\atrace.dll
2009-10-08 17:24:34 ----A---- C:\WINDOWS\system32\desktop.ini
2009-10-08 17:24:34 ----A---- C:\WINDOWS\desktop.ini
2009-10-08 17:24:24 ----D---- C:\WINDOWS\system32\Restore
2009-10-08 17:24:24 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-10-08 17:24:24 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-10-08 17:24:24 ----A---- C:\WINDOWS\system32\srclient.dll
2009-10-08 17:24:23 ----D---- C:\Program Files\Windows Media Player
2009-10-08 17:24:22 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-10-08 17:24:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-10-08 17:24:22 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-10-08 17:24:22 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-10-08 17:24:22 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-10-08 17:24:22 ----A---- C:\WINDOWS\system32\ils.dll
2009-10-08 17:24:21 ----A---- C:\WINDOWS\system32\msconf.dll
2009-10-08 17:24:17 ----D---- C:\WINDOWS\PCHEALTH
2009-10-08 17:24:17 ----D---- C:\Program Files\NetMeeting
2009-10-08 17:24:17 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-10-08 17:24:17 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-10-08 17:24:17 ----A---- C:\WINDOWS\system32\acctres.dll
2009-10-08 17:24:16 ----D---- C:\Program Files\Fichiers communs\Services
2009-10-08 17:24:14 ----A---- C:\WINDOWS\system32\inetres.dll
2009-10-08 17:24:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-10-08 17:24:09 ----D---- C:\Program Files\Outlook Express
2009-10-08 17:24:08 ----SD---- C:\WINDOWS\Tasks
2009-10-08 17:24:08 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-10-08 17:24:08 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-10-08 17:24:08 ----A---- C:\WINDOWS\system32\mstask.dll
2009-10-08 17:24:07 ----A---- C:\WINDOWS\system32\isign32.dll
2009-10-08 17:24:07 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-10-08 17:24:07 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-10-08 17:24:07 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-10-08 17:24:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-10-08 17:24:04 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-10-08 17:23:59 ----D---- C:\Program Files\Fichiers communs\System
2009-10-08 17:23:55 ----D---- C:\Program Files\Internet Explorer
2009-10-08 17:23:27 ----D---- C:\Program Files\ComPlus Applications
2009-10-08 17:23:26 ----A---- C:\WINDOWS\vbaddin.ini
2009-10-08 17:23:26 ----A---- C:\WINDOWS\vb.ini
2009-10-08 17:23:23 ----D---- C:\WINDOWS\Registration
2009-10-08 17:23:17 ----HD---- C:\Program Files\WindowsUpdate
2009-10-08 17:23:17 ----D---- C:\Program Files\Services en ligne
2009-10-08 17:23:13 ----D---- C:\Program Files\Messenger
2009-10-08 17:23:06 ----D---- C:\Program Files\MSN
2009-10-08 17:23:02 ----D---- C:\Program Files\MSN Gaming Zone
2009-10-08 17:23:02 ----A---- C:\WINDOWS\system32\write.exe
2009-10-08 17:22:51 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-10-08 17:22:51 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-10-08 17:22:50 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-10-08 17:22:50 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-10-08 17:22:50 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-10-08 17:22:50 ----A---- C:\WINDOWS\system32\hticons.dll
2009-10-08 17:22:49 ----D---- C:\Program Files\Windows NT
2009-10-08 17:22:49 ----A---- C:\WINDOWS\system32\winchat.exe
2009-10-08 17:22:49 ----A---- C:\WINDOWS\system32\avwav.dll
2009-10-08 17:22:49 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-10-08 17:22:49 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-10-08 17:22:47 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-10-08 17:22:40 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-10-08 17:22:38 ----A---- C:\WINDOWS\system32\getuname.dll
2009-10-08 17:22:38 ----A---- C:\WINDOWS\system32\charmap.exe
2009-10-08 17:22:38 ----A---- C:\WINDOWS\system32\calc.exe
2009-10-08 17:22:37 ----A---- C:\WINDOWS\system32\winmine.exe
2009-10-08 17:22:37 ----A---- C:\WINDOWS\system32\spider.exe
2009-10-08 17:22:37 ----A---- C:\WINDOWS\system32\sol.exe
2009-10-08 17:22:37 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-10-08 17:22:36 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-10-08 17:22:36 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-10-08 17:22:36 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-10-08 17:22:36 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-10-08 17:22:36 ----A---- C:\WINDOWS\system32\freecell.exe
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\reset.exe
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-10-08 17:22:35 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\tskill.exe
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-10-08 17:22:34 ----A---- C:\WINDOWS\system32\tscon.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\shadow.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\regini.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-10-08 17:22:33 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-10-08 17:22:32 ----A---- C:\WINDOWS\system32\msg.exe
2009-10-08 17:22:32 ----A---- C:\WINDOWS\system32\logoff.exe
2009-10-08 17:22:32 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-10-08 17:22:32 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-10-08 17:22:32 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-10-08 17:22:31 ----D---- C:\WINDOWS\system32\MsDtc
2009-10-08 17:22:31 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-10-08 17:22:31 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-10-08 17:22:31 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-10-08 17:22:30 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-10-08 17:22:30 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-10-08 17:22:30 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-10-08 17:22:30 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-10-08 17:22:30 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-10-08 17:22:28 ----D---- C:\WINDOWS\system32\Com
2009-10-08 17:22:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-10-08 17:22:28 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-10-08 17:22:28 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-10-08 17:22:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-10-08 17:22:28 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-10-08 17:22:28 ----A---- C:\WINDOWS\system32\colbact.dll
2009-10-08 17:22:27 ----A---- C:\WINDOWS\system32\stclient.dll
2009-10-08 17:22:27 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-10-08 17:22:27 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-10-08 17:22:27 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-10-08 17:22:26 ----A---- C:\WINDOWS\system32\comuid.dll
2009-10-08 17:22:26 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-10-08 17:22:26 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-10-08 17:22:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-10-08 17:22:26 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-10-08 17:22:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-10-08 17:22:12 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-10-08 17:22:12 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-10-08 17:22:12 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-10-08 17:22:11 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-10-08 17:22:11 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-10-08 19:11:33 ----A---- C:\WINDOWS\system.ini
2009-10-08 18:59:53 ----A---- C:\WINDOWS\win.ini
2009-10-08 17:50:46 ----RASH---- C:\NTDETECT.COM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-10-08 82380]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-10-15 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-10-15 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-10-15 108552]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-09 28520]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-09 55656]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-09-28 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-28 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-09-20 53632]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-09-20 22016]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2007-12-12 212992]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-09 185089]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-10-15 297752]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

2)
info.txt logfile of random's system information tool 1.06 2009-10-18 20:06:07

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 6.0 Professional-->MsiExec.exe /I{AC76BA86-1033-0000-7760-000000000001}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Photo and Imaging 2.2 - Scanjet 8200 Series-->MsiExec.exe /I{83CDDBA5-0306-4173-9851-71F0F0E8412A}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MovieXone 4.0-->MsiExec.exe /X{86BC19C8-EC91-4260-9D32-F3A7ADC3C433}
Nero 8 Essentials-->MsiExec.exe /X{470C8EFE-AEB0-402E-B05A-91E08C201036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Readiris Pro 9-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CA9D105-113C-11D8-AB3E-000102B0F79A}\setup.exe" -l0x40c
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
WinAVI Video Converter-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: AVG Internet Security SBS Edition
AV: AntiVir Desktop (outdated)

======System event log======

Computer Name: RECORDS-E6M2SFO
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Record Number: 5
Source Name: Cdrom
Time Written: 20091008172527.000000+180
Event Type: erreur
User:

Computer Name: RECORDS-E6M2SFO
Event Code: 6011
Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers RECORDS-E6M2SFO.

Record Number: 4
Source Name: EventLog
Time Written: 20091008172137.000000+180
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 3
Source Name: EventLog
Time Written: 20091008191044.000000+180
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20091008191044.000000+180
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Pendant la validation de \Device\Serial0 en tant que port série, une FIFO a été détectée. La FIFO sera utilisée.

Record Number: 1
Source Name: Serial
Time Written: 20091008191107.000000+180
Event Type: Informations
User:

=====Application event log=====

Computer Name: RECORDS-E6M2SFO
Event Code: 1000
Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20091008172320.000000+180
Event Type: Informations
User:

Computer Name: RECORDS-E6M2SFO
Event Code: 1000
Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20091008172317.000000+180
Event Type: Informations
User:

Computer Name: RECORDS-E6M2SFO
Event Code: 1000
Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20091008172204.000000+180
Event Type: Informations
User:

Computer Name: RECORDS-E6M2SFO
Event Code: 1000
Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20091008172145.000000+180
Event Type: Informations
User:

Computer Name: RECORDS-E6M2SFO
Event Code: 1000
Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20091008172144.000000+180
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0605
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=

Afficher la suite

A voir également:

Ordi infecté par TR/Crypt.ZPACK.Gen
Comment reinitialiser un ordi - Guide
Ordi qui rame - Guide
Mon ordi ne reconnait pas ma clé usb - Guide
Comment retourner ecran ordi - Guide
Gmail ordi - Guide

1 réponse

Réponse 1 / 1

Utilisateur anonyme

Salut,

Tu as 2 antivirus installé sur ton ordinateur, je te conseil de désinstaller AVG8 et de conserver avira antivir. Il ne faut jamais avoir plus d'un antivirus sur son pc.

Maintenant, on va s'occuper de tes infections. Tu as une infection qui se propage par support amovible, fais ceci :

* Telecharge UsbFix de C_XX & Chiquitine29
* Lance l installation avec les parametres par default
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix sur ton bureau
* Choisi l'option 1 (recherche)
* Laisse travailler l'outil
* Ensuite post le rapport UsbFix.txt qui apparaîtra
* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus

Discussions similaires

Signification des abréviations RE: et TR:

Sa veux dire koi??Subject: FW: Tr :FW: TR: TR

Problème casque sennheiser 4200

Où est la touche SHIFT sur mon clavier d'ordi ?

Discussions similaires

Newsletters