Supprimer un rootkit
Fermé
Bonjour,
J'ai un rootkit sur mon PC. Mais c'est impossible de le supprimer. En effet celui-ci bloque les recherches Internet sur les rootkits, et redémarre dès qu'AVG veut faire une analyse anti-rootkit. J'ai téléchargé Gmer mais dès qu'il a été lancé, le PC a redemarré. Je suis obligée de faire des recherches sur les rootkits depuis un autre PC.
Je suis sous XP.
Que faire?
Merci de votre aide
J'ai un rootkit sur mon PC. Mais c'est impossible de le supprimer. En effet celui-ci bloque les recherches Internet sur les rootkits, et redémarre dès qu'AVG veut faire une analyse anti-rootkit. J'ai téléchargé Gmer mais dès qu'il a été lancé, le PC a redemarré. Je suis obligée de faire des recherches sur les rootkits depuis un autre PC.
Je suis sous XP.
Que faire?
Merci de votre aide
A voir également:
- Supprimer un rootkit
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- Impossible de supprimer un fichier - Guide
- Supprimer pub youtube - Accueil - Streaming
- Comment supprimer un compte gmail - Guide
7 réponses
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
15 avril 2010 à 17:44
15 avril 2010 à 17:44
bonjour
on va analyser ton pc.
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
on va analyser ton pc.
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
Merci pour cette réponse rapidevoici le resultat d'analyse contenu dans le le ficher log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2010-04-15 18:09:12
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 152 GB (50%) free of 305 GB
Total RAM: 2047 MB (72% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-09 1602912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"LogitechQuickCamRibbon"=C:\Documents and Settings\Utilisateur\Bureau\Fred\Logiciel\installation\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-09 2064224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-03-17 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Connection Wizard Setup Tool]
C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-11-15 267048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\Documents and Settings\Utilisateur\jtcjl.exe \u []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-11-14 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMonitor1]
C:\WINDOWS\system32\qtplugin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-08-01 16049664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2006-08-19 49152]
C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-09 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-11-07 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\SuperCopier2\SC2Config.exe"="C:\Program Files\SuperCopier2\SC2Config.exe:*:Enabled:Accéder au menu"
"C:\Program Files\HyperLobbyPro3\hlpro.exe"="C:\Program Files\HyperLobbyPro3\hlpro.exe:*:Enabled:HyperLobby Pro 3.x Client"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe:*:Enabled:Configurer"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\AOEIII\AOEIII JEUX\age3.exe"="C:\Program Files\AOEIII\AOEIII JEUX\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}]
shell\AutoRun\command - stw1ojde.bat
shell\explore\command - stw1ojde.bat
shell\open\command - stw1ojde.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13efb509-7b4e-11dd-927e-00138febbe35}]
shell\AutoRun\command - explorer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5330b520-5edc-11dd-922d-00138febbe35}]
shell\Auto\command - I:\AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d07194be-65fd-11dd-9240-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
======List of files/folders created in the last 2 months======
2010-04-15 18:09:13 ----D---- C:\Program Files\trend micro
2010-04-15 18:09:12 ----D---- C:\rsit
2010-04-15 04:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 04:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 04:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 04:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 04:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 04:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 04:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 10:03:43 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-04-09 09:58:25 ----HD---- C:\$AVG
2010-04-09 09:57:44 ----D---- C:\Program Files\AVG
2010-04-09 09:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-04-02 15:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-26 17:21:25 ----D---- C:\AVG AntiVirus Pro v9.0.700a1738
2010-03-17 16:09:17 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2010-03-17 16:08:27 ----D---- C:\Program Files\MarkAny
2010-03-17 15:54:54 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-17 15:27:35 ----D---- C:\Program Files\MarkAnyContentSAFER
2010-03-17 15:08:40 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-03-17 15:08:39 ----D---- C:\Documents and Settings\Utilisateur\Application Data\PC Suite
2010-03-17 15:08:20 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-03-17 15:07:23 ----D---- C:\Program Files\PC Connectivity Solution
2010-03-15 13:11:22 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 11:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-09 15:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-03-05 14:48:37 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvci1201278.dll
2010-02-24 03:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-23 13:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-23 13:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-23 13:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 00:10:17 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2010-02-23 00:08:55 ----D---- C:\WINDOWS\SHELLNEW
2010-02-23 00:05:58 ----RHD---- C:\MSOCache
2010-02-22 23:59:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-02-22 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-22 18:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-22 18:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-22 18:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-22 18:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-22 18:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-22 18:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-22 18:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-22 18:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-22 18:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-02-22 18:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-22 18:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-22 18:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-22 18:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-22 18:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-22 18:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-22 18:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-22 18:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-22 18:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-22 18:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-22 18:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-22 18:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-22 18:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-22 18:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-22 18:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-22 18:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-22 18:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-22 18:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-22 18:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-22 18:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-22 18:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-22 18:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-22 18:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-22 18:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-22 18:31:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-22 18:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-22 18:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-22 15:37:37 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-22 14:53:59 ----D---- C:\Program Files\Microsoft
2010-02-22 14:53:45 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-22 14:50:35 ----D---- C:\Program Files\Fichiers communs\Windows Live
2010-02-22 14:30:02 ----D---- C:\Program Files\SFR
2010-02-21 17:33:05 ----D---- C:\Documents and Settings\Utilisateur\Application Data\MSNInstaller
======List of files/folders modified in the last 2 months======
2010-04-15 18:09:13 ----RD---- C:\Program Files
2010-04-15 18:08:56 ----D---- C:\WINDOWS\Prefetch
2010-04-15 18:08:13 ----AD---- C:\WINDOWS\Temp
2010-04-15 17:04:23 ----D---- C:\WINDOWS
2010-04-15 16:46:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-15 12:37:17 ----D---- C:\WINDOWS\system32
2010-04-15 04:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 04:05:43 ----SHD---- C:\WINDOWS\Installer
2010-04-15 04:05:37 ----HD---- C:\WINDOWS\inf
2010-04-15 04:05:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 04:05:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 04:05:29 ----A---- C:\WINDOWS\imsins.BAK
2010-04-15 04:05:28 ----D---- C:\WINDOWS\system32\drivers
2010-04-14 01:50:42 ----D---- C:\Program Files\FlashGet
2010-04-14 01:41:45 ----D---- C:\Downloads
2010-04-09 09:57:43 ----D---- C:\WINDOWS\WinSxS
2010-04-09 09:56:50 ----SD---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft
2010-04-09 09:32:24 ----RSH---- C:\boot.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\win.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\system.ini
2010-04-09 09:32:22 ----D---- C:\WINDOWS\pss
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-03 21:23:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-03 18:10:55 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 19:12:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-02 16:51:21 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Skype
2010-04-01 14:23:34 ----A---- C:\WINDOWS\system32\svchost.exe
2010-03-31 00:59:48 ----D---- C:\WINDOWS\system32\fr-fr
2010-03-31 00:59:48 ----D---- C:\Program Files\Internet Explorer
2010-03-31 00:59:39 ----D---- C:\WINDOWS\ie7updates
2010-03-31 00:47:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-17 16:10:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-17 16:09:17 ----D---- C:\Program Files\Samsung
2010-03-17 16:09:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-17 16:09:07 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-03-17 16:08:42 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Samsung
2010-03-17 16:08:31 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-17 15:07:57 ----D---- C:\Program Files\DIFX
2010-03-15 17:31:58 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Hamachi
2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\advpack.dll
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2010-03-10 11:02:10 ----D---- C:\Program Files\Movie Maker
2010-03-09 13:10:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-03-05 15:10:15 ----D---- C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2010-03-05 14:52:38 ----D---- C:\Program Files\Java
2010-03-05 14:48:36 ----D---- C:\WINDOWS\twain_32
2010-03-05 14:48:36 ----D---- C:\Program Files\Fichiers communs\Logishrd
2010-03-05 14:48:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-05 14:47:01 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2010-02-25 20:34:57 ----RSD---- C:\WINDOWS\Fonts
2010-02-25 20:34:38 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-02-25 02:24:35 ----D---- C:\Documents and Settings\Utilisateur\Application Data\dvdcss
2010-02-23 07:18:28 ----A---- C:\WINDOWS\system32\ieakui.dll
2010-02-23 00:10:29 ----A---- C:\WINDOWS\ODBC.INI
2010-02-23 00:09:12 ----D---- C:\Program Files\Microsoft Office
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs
2010-02-23 00:06:01 ----D---- C:\WINDOWS\system
2010-02-22 23:39:24 ----D---- C:\WINDOWS\AppPatch
2010-02-22 18:32:53 ----D---- C:\Program Files\Outlook Express
2010-02-22 17:30:06 ----D---- C:\WINDOWS\Help
2010-02-22 15:38:55 ----D---- C:\Program Files\Alwil Software
2010-02-22 14:53:23 ----D---- C:\Program Files\Windows Live
2010-02-21 17:37:20 ----D---- C:\Program Files\FusionSoft DVD Player XP
2010-02-21 17:34:25 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-21 17:33:06 ----D---- C:\Program Files\MSN
2010-02-21 17:32:02 ----D---- C:\Program Files\Starcraft
2010-02-16 21:06:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-02-16 21:06:56 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-09 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-09 29512]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-09 242696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2010-03-17 5632]
R1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2007-06-16 31616]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-09-26 10384]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-08-09 223128]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-15 25280]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-09-26 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-09-26 79120]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 LVUVC;Logitech Webcam 200(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2009-05-01 6754712]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\mc23.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-04-09 916760]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-04-09 308064]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-06-08 233472]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-11-15 504104]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2010-04-15 18:09:12
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 152 GB (50%) free of 305 GB
Total RAM: 2047 MB (72% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-09 1602912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"LogitechQuickCamRibbon"=C:\Documents and Settings\Utilisateur\Bureau\Fred\Logiciel\installation\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-09 2064224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-03-17 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Connection Wizard Setup Tool]
C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-11-15 267048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\Documents and Settings\Utilisateur\jtcjl.exe \u []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-11-14 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMonitor1]
C:\WINDOWS\system32\qtplugin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-08-01 16049664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2006-08-19 49152]
C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-09 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-11-07 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\SuperCopier2\SC2Config.exe"="C:\Program Files\SuperCopier2\SC2Config.exe:*:Enabled:Accéder au menu"
"C:\Program Files\HyperLobbyPro3\hlpro.exe"="C:\Program Files\HyperLobbyPro3\hlpro.exe:*:Enabled:HyperLobby Pro 3.x Client"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe:*:Enabled:Configurer"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\AOEIII\AOEIII JEUX\age3.exe"="C:\Program Files\AOEIII\AOEIII JEUX\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}]
shell\AutoRun\command - stw1ojde.bat
shell\explore\command - stw1ojde.bat
shell\open\command - stw1ojde.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13efb509-7b4e-11dd-927e-00138febbe35}]
shell\AutoRun\command - explorer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5330b520-5edc-11dd-922d-00138febbe35}]
shell\Auto\command - I:\AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d07194be-65fd-11dd-9240-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
======List of files/folders created in the last 2 months======
2010-04-15 18:09:13 ----D---- C:\Program Files\trend micro
2010-04-15 18:09:12 ----D---- C:\rsit
2010-04-15 04:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 04:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 04:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 04:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 04:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 04:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 04:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 10:03:43 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-04-09 09:58:25 ----HD---- C:\$AVG
2010-04-09 09:57:44 ----D---- C:\Program Files\AVG
2010-04-09 09:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-04-02 15:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-26 17:21:25 ----D---- C:\AVG AntiVirus Pro v9.0.700a1738
2010-03-17 16:09:17 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2010-03-17 16:08:27 ----D---- C:\Program Files\MarkAny
2010-03-17 15:54:54 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-17 15:27:35 ----D---- C:\Program Files\MarkAnyContentSAFER
2010-03-17 15:08:40 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-03-17 15:08:39 ----D---- C:\Documents and Settings\Utilisateur\Application Data\PC Suite
2010-03-17 15:08:20 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-03-17 15:07:23 ----D---- C:\Program Files\PC Connectivity Solution
2010-03-15 13:11:22 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 11:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-09 15:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-03-05 14:48:37 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvci1201278.dll
2010-02-24 03:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-23 13:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-23 13:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-23 13:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 00:10:17 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2010-02-23 00:08:55 ----D---- C:\WINDOWS\SHELLNEW
2010-02-23 00:05:58 ----RHD---- C:\MSOCache
2010-02-22 23:59:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-02-22 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-22 18:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-22 18:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-22 18:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-22 18:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-22 18:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-22 18:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-22 18:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-22 18:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-22 18:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-02-22 18:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-22 18:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-22 18:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-22 18:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-22 18:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-22 18:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-22 18:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-22 18:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-22 18:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-22 18:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-22 18:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-22 18:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-22 18:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-22 18:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-22 18:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-22 18:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-22 18:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-22 18:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-22 18:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-22 18:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-22 18:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-22 18:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-22 18:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-22 18:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-22 18:31:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-22 18:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-22 18:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-22 15:37:37 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-22 14:53:59 ----D---- C:\Program Files\Microsoft
2010-02-22 14:53:45 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-22 14:50:35 ----D---- C:\Program Files\Fichiers communs\Windows Live
2010-02-22 14:30:02 ----D---- C:\Program Files\SFR
2010-02-21 17:33:05 ----D---- C:\Documents and Settings\Utilisateur\Application Data\MSNInstaller
======List of files/folders modified in the last 2 months======
2010-04-15 18:09:13 ----RD---- C:\Program Files
2010-04-15 18:08:56 ----D---- C:\WINDOWS\Prefetch
2010-04-15 18:08:13 ----AD---- C:\WINDOWS\Temp
2010-04-15 17:04:23 ----D---- C:\WINDOWS
2010-04-15 16:46:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-15 12:37:17 ----D---- C:\WINDOWS\system32
2010-04-15 04:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 04:05:43 ----SHD---- C:\WINDOWS\Installer
2010-04-15 04:05:37 ----HD---- C:\WINDOWS\inf
2010-04-15 04:05:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 04:05:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 04:05:29 ----A---- C:\WINDOWS\imsins.BAK
2010-04-15 04:05:28 ----D---- C:\WINDOWS\system32\drivers
2010-04-14 01:50:42 ----D---- C:\Program Files\FlashGet
2010-04-14 01:41:45 ----D---- C:\Downloads
2010-04-09 09:57:43 ----D---- C:\WINDOWS\WinSxS
2010-04-09 09:56:50 ----SD---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft
2010-04-09 09:32:24 ----RSH---- C:\boot.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\win.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\system.ini
2010-04-09 09:32:22 ----D---- C:\WINDOWS\pss
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-03 21:23:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-03 18:10:55 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 19:12:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-02 16:51:21 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Skype
2010-04-01 14:23:34 ----A---- C:\WINDOWS\system32\svchost.exe
2010-03-31 00:59:48 ----D---- C:\WINDOWS\system32\fr-fr
2010-03-31 00:59:48 ----D---- C:\Program Files\Internet Explorer
2010-03-31 00:59:39 ----D---- C:\WINDOWS\ie7updates
2010-03-31 00:47:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-17 16:10:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-17 16:09:17 ----D---- C:\Program Files\Samsung
2010-03-17 16:09:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-17 16:09:07 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-03-17 16:08:42 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Samsung
2010-03-17 16:08:31 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-17 15:07:57 ----D---- C:\Program Files\DIFX
2010-03-15 17:31:58 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Hamachi
2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\advpack.dll
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2010-03-10 11:02:10 ----D---- C:\Program Files\Movie Maker
2010-03-09 13:10:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-03-05 15:10:15 ----D---- C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2010-03-05 14:52:38 ----D---- C:\Program Files\Java
2010-03-05 14:48:36 ----D---- C:\WINDOWS\twain_32
2010-03-05 14:48:36 ----D---- C:\Program Files\Fichiers communs\Logishrd
2010-03-05 14:48:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-05 14:47:01 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2010-02-25 20:34:57 ----RSD---- C:\WINDOWS\Fonts
2010-02-25 20:34:38 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-02-25 02:24:35 ----D---- C:\Documents and Settings\Utilisateur\Application Data\dvdcss
2010-02-23 07:18:28 ----A---- C:\WINDOWS\system32\ieakui.dll
2010-02-23 00:10:29 ----A---- C:\WINDOWS\ODBC.INI
2010-02-23 00:09:12 ----D---- C:\Program Files\Microsoft Office
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs
2010-02-23 00:06:01 ----D---- C:\WINDOWS\system
2010-02-22 23:39:24 ----D---- C:\WINDOWS\AppPatch
2010-02-22 18:32:53 ----D---- C:\Program Files\Outlook Express
2010-02-22 17:30:06 ----D---- C:\WINDOWS\Help
2010-02-22 15:38:55 ----D---- C:\Program Files\Alwil Software
2010-02-22 14:53:23 ----D---- C:\Program Files\Windows Live
2010-02-21 17:37:20 ----D---- C:\Program Files\FusionSoft DVD Player XP
2010-02-21 17:34:25 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-21 17:33:06 ----D---- C:\Program Files\MSN
2010-02-21 17:32:02 ----D---- C:\Program Files\Starcraft
2010-02-16 21:06:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-02-16 21:06:56 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-09 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-09 29512]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-09 242696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2010-03-17 5632]
R1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2007-06-16 31616]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-09-26 10384]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-08-09 223128]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-15 25280]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-09-26 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-09-26 79120]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 LVUVC;Logitech Webcam 200(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2009-05-01 6754712]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\mc23.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-04-09 916760]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-04-09 308064]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-06-08 233472]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-11-15 504104]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
-----------------EOF-----------------
Merci pour cette réponse rapide.
Voici le résultat de log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2010-04-15 18:09:12
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 152 GB (50%) free of 305 GB
Total RAM: 2047 MB (72% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-09 1602912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"LogitechQuickCamRibbon"=C:\Documents and Settings\Utilisateur\Bureau\Fred\Logiciel\installation\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-09 2064224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-03-17 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Connection Wizard Setup Tool]
C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-11-15 267048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\Documents and Settings\Utilisateur\jtcjl.exe \u []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-11-14 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMonitor1]
C:\WINDOWS\system32\qtplugin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-08-01 16049664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2006-08-19 49152]
C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-09 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-11-07 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\SuperCopier2\SC2Config.exe"="C:\Program Files\SuperCopier2\SC2Config.exe:*:Enabled:Accéder au menu"
"C:\Program Files\HyperLobbyPro3\hlpro.exe"="C:\Program Files\HyperLobbyPro3\hlpro.exe:*:Enabled:HyperLobby Pro 3.x Client"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe:*:Enabled:Configurer"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\AOEIII\AOEIII JEUX\age3.exe"="C:\Program Files\AOEIII\AOEIII JEUX\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}]
shell\AutoRun\command - stw1ojde.bat
shell\explore\command - stw1ojde.bat
shell\open\command - stw1ojde.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13efb509-7b4e-11dd-927e-00138febbe35}]
shell\AutoRun\command - explorer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5330b520-5edc-11dd-922d-00138febbe35}]
shell\Auto\command - I:\AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d07194be-65fd-11dd-9240-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
======List of files/folders created in the last 2 months======
2010-04-15 18:09:13 ----D---- C:\Program Files\trend micro
2010-04-15 18:09:12 ----D---- C:\rsit
2010-04-15 04:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 04:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 04:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 04:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 04:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 04:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 04:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 10:03:43 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-04-09 09:58:25 ----HD---- C:\$AVG
2010-04-09 09:57:44 ----D---- C:\Program Files\AVG
2010-04-09 09:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-04-02 15:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-26 17:21:25 ----D---- C:\AVG AntiVirus Pro v9.0.700a1738
2010-03-17 16:09:17 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2010-03-17 16:08:27 ----D---- C:\Program Files\MarkAny
2010-03-17 15:54:54 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-17 15:27:35 ----D---- C:\Program Files\MarkAnyContentSAFER
2010-03-17 15:08:40 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-03-17 15:08:39 ----D---- C:\Documents and Settings\Utilisateur\Application Data\PC Suite
2010-03-17 15:08:20 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-03-17 15:07:23 ----D---- C:\Program Files\PC Connectivity Solution
2010-03-15 13:11:22 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 11:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-09 15:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-03-05 14:48:37 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvci1201278.dll
2010-02-24 03:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-23 13:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-23 13:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-23 13:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 00:10:17 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2010-02-23 00:08:55 ----D---- C:\WINDOWS\SHELLNEW
2010-02-23 00:05:58 ----RHD---- C:\MSOCache
2010-02-22 23:59:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-02-22 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-22 18:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-22 18:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-22 18:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-22 18:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-22 18:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-22 18:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-22 18:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-22 18:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-22 18:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-02-22 18:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-22 18:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-22 18:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-22 18:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-22 18:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-22 18:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-22 18:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-22 18:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-22 18:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-22 18:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-22 18:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-22 18:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-22 18:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-22 18:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-22 18:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-22 18:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-22 18:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-22 18:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-22 18:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-22 18:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-22 18:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-22 18:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-22 18:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-22 18:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-22 18:31:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-22 18:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-22 18:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-22 15:37:37 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-22 14:53:59 ----D---- C:\Program Files\Microsoft
2010-02-22 14:53:45 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-22 14:50:35 ----D---- C:\Program Files\Fichiers communs\Windows Live
2010-02-22 14:30:02 ----D---- C:\Program Files\SFR
2010-02-21 17:33:05 ----D---- C:\Documents and Settings\Utilisateur\Application Data\MSNInstaller
======List of files/folders modified in the last 2 months======
2010-04-15 18:09:13 ----RD---- C:\Program Files
2010-04-15 18:08:56 ----D---- C:\WINDOWS\Prefetch
2010-04-15 18:08:13 ----AD---- C:\WINDOWS\Temp
2010-04-15 17:04:23 ----D---- C:\WINDOWS
2010-04-15 16:46:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-15 12:37:17 ----D---- C:\WINDOWS\system32
2010-04-15 04:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 04:05:43 ----SHD---- C:\WINDOWS\Installer
2010-04-15 04:05:37 ----HD---- C:\WINDOWS\inf
2010-04-15 04:05:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 04:05:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 04:05:29 ----A---- C:\WINDOWS\imsins.BAK
2010-04-15 04:05:28 ----D---- C:\WINDOWS\system32\drivers
2010-04-14 01:50:42 ----D---- C:\Program Files\FlashGet
2010-04-14 01:41:45 ----D---- C:\Downloads
2010-04-09 09:57:43 ----D---- C:\WINDOWS\WinSxS
2010-04-09 09:56:50 ----SD---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft
2010-04-09 09:32:24 ----RSH---- C:\boot.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\win.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\system.ini
2010-04-09 09:32:22 ----D---- C:\WINDOWS\pss
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-03 21:23:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-03 18:10:55 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 19:12:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-02 16:51:21 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Skype
2010-04-01 14:23:34 ----A---- C:\WINDOWS\system32\svchost.exe
2010-03-31 00:59:48 ----D---- C:\WINDOWS\system32\fr-fr
2010-03-31 00:59:48 ----D---- C:\Program Files\Internet Explorer
2010-03-31 00:59:39 ----D---- C:\WINDOWS\ie7updates
2010-03-31 00:47:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-17 16:10:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-17 16:09:17 ----D---- C:\Program Files\Samsung
2010-03-17 16:09:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-17 16:09:07 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-03-17 16:08:42 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Samsung
2010-03-17 16:08:31 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-17 15:07:57 ----D---- C:\Program Files\DIFX
2010-03-15 17:31:58 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Hamachi
2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\advpack.dll
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2010-03-10 11:02:10 ----D---- C:\Program Files\Movie Maker
2010-03-09 13:10:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-03-05 15:10:15 ----D---- C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2010-03-05 14:52:38 ----D---- C:\Program Files\Java
2010-03-05 14:48:36 ----D---- C:\WINDOWS\twain_32
2010-03-05 14:48:36 ----D---- C:\Program Files\Fichiers communs\Logishrd
2010-03-05 14:48:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-05 14:47:01 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2010-02-25 20:34:57 ----RSD---- C:\WINDOWS\Fonts
2010-02-25 20:34:38 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-02-25 02:24:35 ----D---- C:\Documents and Settings\Utilisateur\Application Data\dvdcss
2010-02-23 07:18:28 ----A---- C:\WINDOWS\system32\ieakui.dll
2010-02-23 00:10:29 ----A---- C:\WINDOWS\ODBC.INI
2010-02-23 00:09:12 ----D---- C:\Program Files\Microsoft Office
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs
2010-02-23 00:06:01 ----D---- C:\WINDOWS\system
2010-02-22 23:39:24 ----D---- C:\WINDOWS\AppPatch
2010-02-22 18:32:53 ----D---- C:\Program Files\Outlook Express
2010-02-22 17:30:06 ----D---- C:\WINDOWS\Help
2010-02-22 15:38:55 ----D---- C:\Program Files\Alwil Software
2010-02-22 14:53:23 ----D---- C:\Program Files\Windows Live
2010-02-21 17:37:20 ----D---- C:\Program Files\FusionSoft DVD Player XP
2010-02-21 17:34:25 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-21 17:33:06 ----D---- C:\Program Files\MSN
2010-02-21 17:32:02 ----D---- C:\Program Files\Starcraft
2010-02-16 21:06:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-02-16 21:06:56 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-09 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-09 29512]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-09 242696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2010-03-17 5632]
R1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2007-06-16 31616]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-09-26 10384]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-08-09 223128]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-15 25280]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-09-26 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-09-26 79120]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 LVUVC;Logitech Webcam 200(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2009-05-01 6754712]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\mc23.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-04-09 916760]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-04-09 308064]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-06-08 233472]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-11-15 504104]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
-----------------EOF-----------------
Voici le résultat de log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2010-04-15 18:09:12
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 152 GB (50%) free of 305 GB
Total RAM: 2047 MB (72% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-09 1602912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"LogitechQuickCamRibbon"=C:\Documents and Settings\Utilisateur\Bureau\Fred\Logiciel\installation\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-09 2064224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-04-21 24264488]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-03-17 102400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Connection Wizard Setup Tool]
C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-11-15 267048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\Documents and Settings\Utilisateur\jtcjl.exe \u []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-11-14 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMonitor1]
C:\WINDOWS\system32\qtplugin.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-08-01 16049664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2006-08-19 49152]
C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-09 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-11-07 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\SuperCopier2\SC2Config.exe"="C:\Program Files\SuperCopier2\SC2Config.exe:*:Enabled:Accéder au menu"
"C:\Program Files\HyperLobbyPro3\hlpro.exe"="C:\Program Files\HyperLobbyPro3\hlpro.exe:*:Enabled:HyperLobby Pro 3.x Client"
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe"="C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2setup.exe:*:Enabled:Configurer"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\AOEIII\AOEIII JEUX\age3.exe"="C:\Program Files\AOEIII\AOEIII JEUX\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\wmicvr.exe"="C:\WINDOWS\system32\wmicvr.exe:*:Enabled:DHCP Router"
"C:\WINDOWS\system32\wmicvrts.exe"="C:\WINDOWS\system32\wmicvrts.exe:*:Enabled:DHCP Router"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}]
shell\AutoRun\command - stw1ojde.bat
shell\explore\command - stw1ojde.bat
shell\open\command - stw1ojde.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13efb509-7b4e-11dd-927e-00138febbe35}]
shell\AutoRun\command - explorer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5330b520-5edc-11dd-922d-00138febbe35}]
shell\Auto\command - I:\AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d07194be-65fd-11dd-9240-00138febbe35}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
======List of files/folders created in the last 2 months======
2010-04-15 18:09:13 ----D---- C:\Program Files\trend micro
2010-04-15 18:09:12 ----D---- C:\rsit
2010-04-15 04:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 04:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 04:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 04:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 04:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 04:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 04:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 10:03:43 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-04-09 09:58:25 ----HD---- C:\$AVG
2010-04-09 09:57:44 ----D---- C:\Program Files\AVG
2010-04-09 09:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-04-02 15:20:30 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-26 17:21:25 ----D---- C:\AVG AntiVirus Pro v9.0.700a1738
2010-03-17 16:09:17 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2010-03-17 16:08:27 ----D---- C:\Program Files\MarkAny
2010-03-17 15:54:54 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-17 15:27:35 ----D---- C:\Program Files\MarkAnyContentSAFER
2010-03-17 15:08:40 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-03-17 15:08:39 ----D---- C:\Documents and Settings\Utilisateur\Application Data\PC Suite
2010-03-17 15:08:20 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-03-17 15:07:54 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-03-17 15:07:23 ----D---- C:\Program Files\PC Connectivity Solution
2010-03-15 13:11:22 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 11:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-09 15:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-03-05 14:48:37 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2010-03-05 14:48:36 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2010-03-05 14:48:15 ----RA---- C:\WINDOWS\system32\lvci1201278.dll
2010-02-24 03:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-23 13:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-23 13:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-23 13:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 00:10:17 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2010-02-23 00:08:55 ----D---- C:\WINDOWS\SHELLNEW
2010-02-23 00:05:58 ----RHD---- C:\MSOCache
2010-02-22 23:59:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-02-22 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-22 18:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-22 18:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-22 18:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-22 18:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-22 18:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-22 18:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-22 18:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-22 18:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-22 18:34:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-02-22 18:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-22 18:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-22 18:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-22 18:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-22 18:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-22 18:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-22 18:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-22 18:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-22 18:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-22 18:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-22 18:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-22 18:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-22 18:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-22 18:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-22 18:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-22 18:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-22 18:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-22 18:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-22 18:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-22 18:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-22 18:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-22 18:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-22 18:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-22 18:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-22 18:31:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-22 18:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-22 18:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-22 15:37:37 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-22 14:53:59 ----D---- C:\Program Files\Microsoft
2010-02-22 14:53:45 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-22 14:50:35 ----D---- C:\Program Files\Fichiers communs\Windows Live
2010-02-22 14:30:02 ----D---- C:\Program Files\SFR
2010-02-21 17:33:05 ----D---- C:\Documents and Settings\Utilisateur\Application Data\MSNInstaller
======List of files/folders modified in the last 2 months======
2010-04-15 18:09:13 ----RD---- C:\Program Files
2010-04-15 18:08:56 ----D---- C:\WINDOWS\Prefetch
2010-04-15 18:08:13 ----AD---- C:\WINDOWS\Temp
2010-04-15 17:04:23 ----D---- C:\WINDOWS
2010-04-15 16:46:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-15 12:37:17 ----D---- C:\WINDOWS\system32
2010-04-15 04:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 04:05:43 ----SHD---- C:\WINDOWS\Installer
2010-04-15 04:05:37 ----HD---- C:\WINDOWS\inf
2010-04-15 04:05:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 04:05:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 04:05:29 ----A---- C:\WINDOWS\imsins.BAK
2010-04-15 04:05:28 ----D---- C:\WINDOWS\system32\drivers
2010-04-14 01:50:42 ----D---- C:\Program Files\FlashGet
2010-04-14 01:41:45 ----D---- C:\Downloads
2010-04-09 09:57:43 ----D---- C:\WINDOWS\WinSxS
2010-04-09 09:56:50 ----SD---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft
2010-04-09 09:32:24 ----RSH---- C:\boot.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\win.ini
2010-04-09 09:32:24 ----A---- C:\WINDOWS\system.ini
2010-04-09 09:32:22 ----D---- C:\WINDOWS\pss
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-03 21:23:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-03 18:10:55 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 19:12:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-02 16:51:21 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Skype
2010-04-01 14:23:34 ----A---- C:\WINDOWS\system32\svchost.exe
2010-03-31 00:59:48 ----D---- C:\WINDOWS\system32\fr-fr
2010-03-31 00:59:48 ----D---- C:\Program Files\Internet Explorer
2010-03-31 00:59:39 ----D---- C:\WINDOWS\ie7updates
2010-03-31 00:47:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-17 16:10:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-17 16:09:17 ----D---- C:\Program Files\Samsung
2010-03-17 16:09:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-17 16:09:07 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-03-17 16:08:42 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Samsung
2010-03-17 16:08:31 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-17 15:07:57 ----D---- C:\Program Files\DIFX
2010-03-15 17:31:58 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Hamachi
2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\advpack.dll
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2010-03-10 11:02:10 ----D---- C:\Program Files\Movie Maker
2010-03-09 13:10:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-03-05 15:10:15 ----D---- C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2010-03-05 14:52:38 ----D---- C:\Program Files\Java
2010-03-05 14:48:36 ----D---- C:\WINDOWS\twain_32
2010-03-05 14:48:36 ----D---- C:\Program Files\Fichiers communs\Logishrd
2010-03-05 14:48:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-05 14:47:01 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2010-02-25 20:34:57 ----RSD---- C:\WINDOWS\Fonts
2010-02-25 20:34:38 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-02-25 02:24:35 ----D---- C:\Documents and Settings\Utilisateur\Application Data\dvdcss
2010-02-23 07:18:28 ----A---- C:\WINDOWS\system32\ieakui.dll
2010-02-23 00:10:29 ----A---- C:\WINDOWS\ODBC.INI
2010-02-23 00:09:12 ----D---- C:\Program Files\Microsoft Office
2010-02-23 00:09:08 ----D---- C:\Program Files\Fichiers communs
2010-02-23 00:06:01 ----D---- C:\WINDOWS\system
2010-02-22 23:39:24 ----D---- C:\WINDOWS\AppPatch
2010-02-22 18:32:53 ----D---- C:\Program Files\Outlook Express
2010-02-22 17:30:06 ----D---- C:\WINDOWS\Help
2010-02-22 15:38:55 ----D---- C:\Program Files\Alwil Software
2010-02-22 14:53:23 ----D---- C:\Program Files\Windows Live
2010-02-21 17:37:20 ----D---- C:\Program Files\FusionSoft DVD Player XP
2010-02-21 17:34:25 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-21 17:33:06 ----D---- C:\Program Files\MSN
2010-02-21 17:32:02 ----D---- C:\Program Files\Starcraft
2010-02-16 21:06:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-02-16 21:06:56 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-09 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-09 29512]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-09 242696]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2010-03-17 5632]
R1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2007-06-16 31616]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-09-26 10384]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-08-09 223128]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-15 25280]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-09-26 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-09-26 79120]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 LVUVC;Logitech Webcam 200(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2009-05-01 6754712]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\mc23.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-04-09 916760]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-04-09 308064]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-06-08 233472]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-11-15 504104]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-04-01 14336]
-----------------EOF-----------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
15 avril 2010 à 23:00
15 avril 2010 à 23:00
je vois une infection sur tes ports usb.fait cela.on va l enlever.
y a t il des changements sur ton pc apres? (cela m etonnerait ).
on verra pour la suite.
--> Télécharge UsbFix de El desaparecido sur ton Bureau.
http://pagesperso-orange.fr/NosTools/usbfix.html
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
--> Clique droit sur le raccourci UsbFix situé sur ton Bureau et choisis Exécuter en tant qu'administrateur.
--> Choisis l'option 1 (recherche).
--> Le PC va redémarrer.
--> Après redémarrage, poste le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
refais pareil mais en option 2 apres colle le rapport que tu obtiens.
y a t il des changements sur ton pc apres? (cela m etonnerait ).
on verra pour la suite.
--> Télécharge UsbFix de El desaparecido sur ton Bureau.
http://pagesperso-orange.fr/NosTools/usbfix.html
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
--> Clique droit sur le raccourci UsbFix situé sur ton Bureau et choisis Exécuter en tant qu'administrateur.
--> Choisis l'option 1 (recherche).
--> Le PC va redémarrer.
--> Après redémarrage, poste le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
refais pareil mais en option 2 apres colle le rapport que tu obtiens.
Bonjour (désolé pour le retard mais c'est compliqué de faire tout ça sur 2 pc différents).
Alors j'ai bien télécharger usbfix.
J'ai effectué l'option 1
ca n'a pas fait redémarrer mon PC
J'ai eu un rapport que je joins à ce post
j'ai ensuite fait la deuxieme action (option 2)
là ca m'a fait redémarrer mon PC
et ensuite quand ca a redémarré
ca m'a mis que ca effacait les eventuels virus (tout ca pendant que ca redémarrait)
ensuite quand ca s'est terminé
ca m'a ouvert une page internet
pour que j'envoie le fichier infecté ce que j'ai fait.
Je précise qu'avant d'avoir éxécuter usbfix, quand j'allumais le pc, la barre des tâches était inactive pendant au moins 10 minutes. Après avoir executer usbfix, elle est active mais tout est très long à se lancer.
Voici le premier rapport :
############################## | UsbFix V6.104 |
User : Utilisateur (Administrateurs) # UTILISAT-2E306C
Update on 14/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:17:13 | 16/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Processor model unknown
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 298,08 Go (148,06 Go free) # NTFS
D:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
E:\ -> Disque amovible # 7,46 Go (2,67 Go free) [Transcend] # FAT32
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible # 3,72 Go (1,73 Go free) # FAT32
J:\ -> Disque CD-ROM # 539,38 Mo (0 Mo free) [AOE III DISC 1] # CDFS
K:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
N:\ -> Disque CD-ROM # 5,53 Go (0 Mo free) [FIFA09] # UDF
O:\ -> Disque amovible
P:\ -> Disque amovible # 6,56 Go (5,99 Go free) # FAT32
################## | Elements infectieux |
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\448.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\689.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\885.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ytb.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\100.dat
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\448.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\689.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\885.exe
E:\msvcr71.dll
E:\IVANA\bovan.exe
E:\IVANA\desktop.ini
E:\IVANA
J:\autorun.inf
J:\autorun.exe
N:\autorun.inf
N:\msvcr71.dll
N:\autorun.exe
N:\DATA\SYSTEM
################## | Registre |
[HKLM\software\microsoft\windows nt\currentversion\winlogon] "Taskman"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableConfig"
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}
Shell\AutoRun\command =stw1ojde.bat
Shell\explore\Command =stw1ojde.bat
Shell\open\Command =stw1ojde.bat
HKCU\..\..\Explorer\MountPoints2\{13efb509-7b4e-11dd-927e-00138febbe35}
Shell\AutoRun\command =explorer.exe
HKCU\..\..\Explorer\MountPoints2\{5330b520-5edc-11dd-922d-00138febbe35}
Shell\Auto\command =I:\AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}
Shell\Auto\command =AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
HKCU\..\..\Explorer\MountPoints2\{d07194be-65fd-11dd-9240-00138febbe35}
Shell\Auto\command =AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
################## | Vaccin |
################## | ! Fin du rapport # UsbFix V6.104 ! |
Alors j'ai bien télécharger usbfix.
J'ai effectué l'option 1
ca n'a pas fait redémarrer mon PC
J'ai eu un rapport que je joins à ce post
j'ai ensuite fait la deuxieme action (option 2)
là ca m'a fait redémarrer mon PC
et ensuite quand ca a redémarré
ca m'a mis que ca effacait les eventuels virus (tout ca pendant que ca redémarrait)
ensuite quand ca s'est terminé
ca m'a ouvert une page internet
pour que j'envoie le fichier infecté ce que j'ai fait.
Je précise qu'avant d'avoir éxécuter usbfix, quand j'allumais le pc, la barre des tâches était inactive pendant au moins 10 minutes. Après avoir executer usbfix, elle est active mais tout est très long à se lancer.
Voici le premier rapport :
############################## | UsbFix V6.104 |
User : Utilisateur (Administrateurs) # UTILISAT-2E306C
Update on 14/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:17:13 | 16/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Processor model unknown
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 298,08 Go (148,06 Go free) # NTFS
D:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
E:\ -> Disque amovible # 7,46 Go (2,67 Go free) [Transcend] # FAT32
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible # 3,72 Go (1,73 Go free) # FAT32
J:\ -> Disque CD-ROM # 539,38 Mo (0 Mo free) [AOE III DISC 1] # CDFS
K:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
N:\ -> Disque CD-ROM # 5,53 Go (0 Mo free) [FIFA09] # UDF
O:\ -> Disque amovible
P:\ -> Disque amovible # 6,56 Go (5,99 Go free) # FAT32
################## | Elements infectieux |
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\448.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\689.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\885.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ytb.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\100.dat
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\448.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\689.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\885.exe
E:\msvcr71.dll
E:\IVANA\bovan.exe
E:\IVANA\desktop.ini
E:\IVANA
J:\autorun.inf
J:\autorun.exe
N:\autorun.inf
N:\msvcr71.dll
N:\autorun.exe
N:\DATA\SYSTEM
################## | Registre |
[HKLM\software\microsoft\windows nt\currentversion\winlogon] "Taskman"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableConfig"
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}
Shell\AutoRun\command =stw1ojde.bat
Shell\explore\Command =stw1ojde.bat
Shell\open\Command =stw1ojde.bat
HKCU\..\..\Explorer\MountPoints2\{13efb509-7b4e-11dd-927e-00138febbe35}
Shell\AutoRun\command =explorer.exe
HKCU\..\..\Explorer\MountPoints2\{5330b520-5edc-11dd-922d-00138febbe35}
Shell\Auto\command =I:\AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}
Shell\Auto\command =AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL
HKCU\..\..\Explorer\MountPoints2\{d07194be-65fd-11dd-9240-00138febbe35}
Shell\Auto\command =AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
################## | Vaccin |
################## | ! Fin du rapport # UsbFix V6.104 ! |
Voici le 2nd rapport:
############################## | UsbFix V6.104 |
User : Utilisateur (Administrateurs) # UTILISAT-2E306C
Update on 14/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 22:39:07 | 20/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Processor model unknown
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 298,08 Go (147,78 Go free) # NTFS
D:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
E:\ -> Disque amovible # 7,46 Go (2,66 Go free) [Transcend] # FAT32
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM # 539,38 Mo (0 Mo free) [AOE III DISC 1] # CDFS
K:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
N:\ -> Disque CD-ROM # 5,53 Go (0 Mo free) [FIFA09] # UDF
O:\ -> Disque amovible
P:\ -> Disque amovible
################## | Elements infectieux |
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\448.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\689.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\885.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ytb.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\100.dat
Supprimé ! C:\Recycler\S-1-5-21-682003330-813497703-839522115-1004
Supprimé ! C:\Recycler\S-1-5-21-682003330-813497703-839522115-500
Supprimé ! E:\msvcr71.dll
Supprimé ! E:\IVANA\bovan.exe
Supprimé ! E:\IVANA\desktop.ini
Supprimé ! E:\IVANA
J:\autorun.inf -> fichier appelé : "J:\install.exe" ( Présent ! )
(!) Non supprimé ! J:\install.exe
J:\autorun.inf -> fichier appelé : "J:\DirectX9\dxsetup.exe" ( Présent ! )
(!) Non supprimé ! J:\DirectX9\dxsetup.exe
(!) Non supprimé ! J:\autorun.inf
(!) Non supprimé ! J:\autorun.exe
(!) Non supprimé ! N:\autorun.inf
(!) Non supprimé ! N:\msvcr71.dll
(!) Non supprimé ! N:\autorun.exe
(!) Non supprimé ! N:\DATA\SYSTEM
################## | Registre |
Supprimé ! [HKLM\software\microsoft\shared tools\msconfig\startupreg\RegistryMonitor1]
Supprimé ! [HKLM\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
Supprimé ! [HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableConfig"
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{13efb509-7b4e-11dd-927e-00138febbe35}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5330b520-5edc-11dd-922d-00138febbe35}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d07194be-65fd-11dd-9240-00138febbe35}\Shell\Auto\Command
################## | Listing des fichiers présent |
[30/07/2008 16:57|--a------|0] C:\AUTOEXEC.BAT
[09/04/2010 09:32|-r-hs----|228] C:\boot.ini
[02/03/2006 14:00|-rahs----|4952] C:\Bootfont.bin
[30/07/2008 16:57|-rahs----|0] C:\IO.SYS
[30/07/2008 16:57|-rahs----|0] C:\MSDOS.SYS
[07/04/2010 01:41|--a------|160] C:\NPS_LIMOBU.log
[02/03/2006 14:00|-rahs----|47564] C:\NTDETECT.COM
[24/12/2008 14:38|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[20/04/2010 22:44|--a------|3399] C:\UsbFix.txt
[01/01/1995 02:00|-r-------|44] D:\Track01.cda
[01/01/1995 02:01|-r-------|44] D:\Track02.cda
[01/01/1995 02:07|-r-------|44] D:\Track03.cda
[01/01/1995 02:13|-r-------|44] D:\Track04.cda
[01/01/1995 02:17|-r-------|44] D:\Track05.cda
[01/01/1995 02:21|-r-------|44] D:\Track06.cda
[01/01/1995 02:25|-r-------|44] D:\Track07.cda
[01/01/1995 02:35|-r-------|44] D:\Track08.cda
[01/01/1995 02:40|-r-------|44] D:\Track09.cda
[01/01/1995 02:45|-r-------|44] D:\Track10.cda
[20/03/2010 16:27|--a------|211302] E:\Fr'd'ric HOAREAU - CV10.pdf
[19/04/2010 00:30|--a------|8601654] E:\Justif pr'levement navigo.bmp
[12/08/2003 02:24|-r-------|1945600] J:\00001.tmp
[19/11/2002 19:38|-r-------|46291] J:\00002.tmp
[03/04/2005 23:40|-r-------|6419] J:\0x040c.ini
[22/08/2005 21:52|-r-------|68] J:\Age 3 Survey.url
[26/09/2005 23:18|-r-------|1650176] J:\Age of Empires III.msi
[15/09/2005 22:08|-r-------|231] J:\Autorun.inf
[26/09/2005 23:14|-r-------|481678076] J:\Disk1C~1.cab
[04/04/2005 03:07|-r-------|982016] J:\ISScript11.Msi
[22/09/2005 17:40|-r-------|162909] J:\Lisezmoi.rtf
[20/08/2005 03:48|-r-------|39424] J:\PidGen.dll
[12/08/2005 18:48|-r-------|40960] J:\SSE.dll
[19/11/2002 19:38|-r-h-----|4000] J:\SSIFSDAT.SYS
[26/09/2005 23:18|-r-------|2127] J:\Setup.ini
[15/09/2005 21:51|-r-------|33792] J:\SetupENU.dll
[16/05/2005 17:42|-r-------|2584848] J:\WindowsInstaller-KB893803-x86.exe
[23/09/2005 13:21|-r-------|1003520] J:\autorun.exe
[26/09/2005 22:53|-r-------|253952] J:\install.exe
[03/04/2005 23:35|-r-------|1708856] J:\instmsia.exe
[03/04/2005 23:35|-r-------|1822520] J:\instmsiw.exe
[27/09/2005 17:16|-r-------|81920] J:\mgspid.dll
[01/08/2005 11:57|-r-------|1085682] J:\setup.isn
[17/06/2003 22:22|-r-------|28097] J:\setupInc.idx
[05/08/2003 06:46|-r-------|81920] J:\splash.exe
[18/07/2005 18:49|-r-------|921656] J:\splashimage.bmp
[09/09/2008 01:50|-r-------|410888] N:\AutoRun.exe
[04/07/2008 02:31|-r-------|337232] N:\DMCmdPortalClient.dll
[09/09/2008 01:50|-r-------|414984] N:\EASetup.exe
[09/09/2008 01:43|-r-------|12473608] N:\FIFA09.exe
[09/09/2008 01:24|-r-------|114688] N:\GDFBinary.dll
[11/07/2008 00:35|-r-------|167200] N:\GL.ini
[09/09/2008 01:27|-r-------|102638363] N:\Group10.cab
[26/07/2007 00:26|-r-------|115976] N:\Setup.exe
[09/09/2008 01:50|-r-------|9193984] N:\autorun.dat
[09/09/2008 01:35|-r-------|136] N:\autorun.inf
[09/09/2008 01:18|-r-------|27281] N:\config.dat
[22/07/2008 02:33|-r-------|33430] N:\dialoglogo128x128.jpg
[30/08/2008 04:47|-r-------|319488] N:\dirtysock.dll
[07/08/2008 21:27|-r-------|7454720] N:\fifaosdkd.dll
[07/08/2008 21:27|-r-------|22064128] N:\fifaosdkd.pdb
[30/08/2008 04:49|-r-------|2699264] N:\fifaosdkz.dll
[30/08/2008 04:49|-r-------|15420416] N:\fifaosdkz.pdb
[22/08/2008 23:32|-r-------|25622] N:\fifapc.ico
[09/09/2008 01:24|-r-------|83208] N:\gamedef.dll
[12/07/2006 04:35|-r-------|348160] N:\msvcr71.dll
[07/07/2008 20:05|-r-------|262144] N:\paul.dll
[07/07/2008 20:05|-r-------|233472] N:\winui.dll
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# E:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
################## | Upload |
Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_UTILISAT-2E306C.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
############################## | UsbFix V6.104 |
User : Utilisateur (Administrateurs) # UTILISAT-2E306C
Update on 14/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 22:39:07 | 20/04/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Processor model unknown
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 298,08 Go (147,78 Go free) # NTFS
D:\ -> Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
E:\ -> Disque amovible # 7,46 Go (2,66 Go free) [Transcend] # FAT32
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM # 539,38 Mo (0 Mo free) [AOE III DISC 1] # CDFS
K:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
N:\ -> Disque CD-ROM # 5,53 Go (0 Mo free) [FIFA09] # UDF
O:\ -> Disque amovible
P:\ -> Disque amovible
################## | Elements infectieux |
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\448.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\689.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\885.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ytb.exe
Supprimé ! C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\100.dat
Supprimé ! C:\Recycler\S-1-5-21-682003330-813497703-839522115-1004
Supprimé ! C:\Recycler\S-1-5-21-682003330-813497703-839522115-500
Supprimé ! E:\msvcr71.dll
Supprimé ! E:\IVANA\bovan.exe
Supprimé ! E:\IVANA\desktop.ini
Supprimé ! E:\IVANA
J:\autorun.inf -> fichier appelé : "J:\install.exe" ( Présent ! )
(!) Non supprimé ! J:\install.exe
J:\autorun.inf -> fichier appelé : "J:\DirectX9\dxsetup.exe" ( Présent ! )
(!) Non supprimé ! J:\DirectX9\dxsetup.exe
(!) Non supprimé ! J:\autorun.inf
(!) Non supprimé ! J:\autorun.exe
(!) Non supprimé ! N:\autorun.inf
(!) Non supprimé ! N:\msvcr71.dll
(!) Non supprimé ! N:\autorun.exe
(!) Non supprimé ! N:\DATA\SYSTEM
################## | Registre |
Supprimé ! [HKLM\software\microsoft\shared tools\msconfig\startupreg\RegistryMonitor1]
Supprimé ! [HKLM\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
Supprimé ! [HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableConfig"
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{00b02d3e-88d7-11dd-92a9-00138febbe35}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{13efb509-7b4e-11dd-927e-00138febbe35}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5330b520-5edc-11dd-922d-00138febbe35}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8b097cac-c4a8-11dd-933d-00138febbe35}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d07194be-65fd-11dd-9240-00138febbe35}\Shell\Auto\Command
################## | Listing des fichiers présent |
[30/07/2008 16:57|--a------|0] C:\AUTOEXEC.BAT
[09/04/2010 09:32|-r-hs----|228] C:\boot.ini
[02/03/2006 14:00|-rahs----|4952] C:\Bootfont.bin
[30/07/2008 16:57|-rahs----|0] C:\IO.SYS
[30/07/2008 16:57|-rahs----|0] C:\MSDOS.SYS
[07/04/2010 01:41|--a------|160] C:\NPS_LIMOBU.log
[02/03/2006 14:00|-rahs----|47564] C:\NTDETECT.COM
[24/12/2008 14:38|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[20/04/2010 22:44|--a------|3399] C:\UsbFix.txt
[01/01/1995 02:00|-r-------|44] D:\Track01.cda
[01/01/1995 02:01|-r-------|44] D:\Track02.cda
[01/01/1995 02:07|-r-------|44] D:\Track03.cda
[01/01/1995 02:13|-r-------|44] D:\Track04.cda
[01/01/1995 02:17|-r-------|44] D:\Track05.cda
[01/01/1995 02:21|-r-------|44] D:\Track06.cda
[01/01/1995 02:25|-r-------|44] D:\Track07.cda
[01/01/1995 02:35|-r-------|44] D:\Track08.cda
[01/01/1995 02:40|-r-------|44] D:\Track09.cda
[01/01/1995 02:45|-r-------|44] D:\Track10.cda
[20/03/2010 16:27|--a------|211302] E:\Fr'd'ric HOAREAU - CV10.pdf
[19/04/2010 00:30|--a------|8601654] E:\Justif pr'levement navigo.bmp
[12/08/2003 02:24|-r-------|1945600] J:\00001.tmp
[19/11/2002 19:38|-r-------|46291] J:\00002.tmp
[03/04/2005 23:40|-r-------|6419] J:\0x040c.ini
[22/08/2005 21:52|-r-------|68] J:\Age 3 Survey.url
[26/09/2005 23:18|-r-------|1650176] J:\Age of Empires III.msi
[15/09/2005 22:08|-r-------|231] J:\Autorun.inf
[26/09/2005 23:14|-r-------|481678076] J:\Disk1C~1.cab
[04/04/2005 03:07|-r-------|982016] J:\ISScript11.Msi
[22/09/2005 17:40|-r-------|162909] J:\Lisezmoi.rtf
[20/08/2005 03:48|-r-------|39424] J:\PidGen.dll
[12/08/2005 18:48|-r-------|40960] J:\SSE.dll
[19/11/2002 19:38|-r-h-----|4000] J:\SSIFSDAT.SYS
[26/09/2005 23:18|-r-------|2127] J:\Setup.ini
[15/09/2005 21:51|-r-------|33792] J:\SetupENU.dll
[16/05/2005 17:42|-r-------|2584848] J:\WindowsInstaller-KB893803-x86.exe
[23/09/2005 13:21|-r-------|1003520] J:\autorun.exe
[26/09/2005 22:53|-r-------|253952] J:\install.exe
[03/04/2005 23:35|-r-------|1708856] J:\instmsia.exe
[03/04/2005 23:35|-r-------|1822520] J:\instmsiw.exe
[27/09/2005 17:16|-r-------|81920] J:\mgspid.dll
[01/08/2005 11:57|-r-------|1085682] J:\setup.isn
[17/06/2003 22:22|-r-------|28097] J:\setupInc.idx
[05/08/2003 06:46|-r-------|81920] J:\splash.exe
[18/07/2005 18:49|-r-------|921656] J:\splashimage.bmp
[09/09/2008 01:50|-r-------|410888] N:\AutoRun.exe
[04/07/2008 02:31|-r-------|337232] N:\DMCmdPortalClient.dll
[09/09/2008 01:50|-r-------|414984] N:\EASetup.exe
[09/09/2008 01:43|-r-------|12473608] N:\FIFA09.exe
[09/09/2008 01:24|-r-------|114688] N:\GDFBinary.dll
[11/07/2008 00:35|-r-------|167200] N:\GL.ini
[09/09/2008 01:27|-r-------|102638363] N:\Group10.cab
[26/07/2007 00:26|-r-------|115976] N:\Setup.exe
[09/09/2008 01:50|-r-------|9193984] N:\autorun.dat
[09/09/2008 01:35|-r-------|136] N:\autorun.inf
[09/09/2008 01:18|-r-------|27281] N:\config.dat
[22/07/2008 02:33|-r-------|33430] N:\dialoglogo128x128.jpg
[30/08/2008 04:47|-r-------|319488] N:\dirtysock.dll
[07/08/2008 21:27|-r-------|7454720] N:\fifaosdkd.dll
[07/08/2008 21:27|-r-------|22064128] N:\fifaosdkd.pdb
[30/08/2008 04:49|-r-------|2699264] N:\fifaosdkz.dll
[30/08/2008 04:49|-r-------|15420416] N:\fifaosdkz.pdb
[22/08/2008 23:32|-r-------|25622] N:\fifapc.ico
[09/09/2008 01:24|-r-------|83208] N:\gamedef.dll
[12/07/2006 04:35|-r-------|348160] N:\msvcr71.dll
[07/07/2008 20:05|-r-------|262144] N:\paul.dll
[07/07/2008 20:05|-r-------|233472] N:\winui.dll
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# E:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
################## | Upload |
Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_UTILISAT-2E306C.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
15 avril 2010 à 19:31