Probléme avec un Trojan.Peed .Gen sur hp

Question

Bonjour, voila je suis débutant en informatique et j'ai un souci sur mon hp qui marche sous vista.
IL y aquelques jours j'ai attraper un virus du nom de trojan.peed.gen en effectuant une analyse complète de mon système avec bit defender alors que avec une analyse aproffondi il ne trouve rien.Mon pc na pas de souci particulier mais ce virus me fait peur .Sur le fichier "malade" cé marqué C:\program Files(x86)HPGames\SudokuQuest\Sudoku-WT.exe}=] Je ne sais pas quoi faire aidez moi svp.
Je né pas fait de restauration système je ne sais pas faire 
MERCI D AVANCE

Lyonnais92 · Answer

Bonjour,

fais ceci :

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur,  RSIT  le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. 

Poste le contenu de  log.txt  (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB :  Les rapports sont sauvegardés dans le dossier C:\rsit

moonoye · Answer

Bonjour, j'ai exactement le meme probleme que cette personne, pouvez vous m'aider?

Lyonnais92 · Answer

Bonjour,

comme il y a peu de chance qu'il réponde, on va rester ici.

Fais ce que je lui avais demandé.

moonoye · Answer

j'ai déjà suivi les premières étapes, mais tu veux que je mette tout le texte? (desolé je debute)

Lyonnais92 · Answer

Re,

mets moi le contenu intégral de log.txt.

Pour l'autre, je te le demanderai si nécessaire.

moonoye · Answer

pas moyen de tout mettre, c'est trop long la page charge et ne marche plus...

Lyonnais92 · Answer

Tr,

coupe le en 2 ou 3 morceaux.

Je le reconstituerai.

moonoye · Answer

Logfile of random's system information tool 1.04 (written by random/random)
Run by gaelle at 2008-10-16 11:34:52
Microsoft® Windows Vista&#8482; Édition Familiale Premium  Service Pack 1
System drive C: has 219 GB (74%) free of 296 GB
Total RAM: 3068 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:10, on 16/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32undll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\gaelle\Desktop\RSIT.exe
C:\Program Files	rend micro\gaelle.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe"  /dontopenmycards
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BitDefender Total Security 2009.lnk = C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbaresources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l&#8217;iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

moonoye · Answer

======Scheduled tasks folder======

C:\Windows	asks\Norton Internet Security - Effectuer une analyse complète du système - gaelle.job
C:\Windows	asks\sauvegarde.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-03-27 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-10-02 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll [2008-10-02 651760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-10-02 193136]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-10-04 90112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-14 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-14 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-06-25 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"e-TF1"=C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-04 716800]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-10-04 69632]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"eCarteBleue-SG-P3"=C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe [2002-12-20 184320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BitDefender Total Security 2009.lnk - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-10-16 11:34:53 ----D---- C:\Program Files	rend micro
2008-10-16 11:34:52 ----D---- C:sit
2008-10-14 23:33:02 ----A---- C:\Windows\system32
toskrnl.exe
2008-10-14 23:33:02 ----A---- C:\Windows\system32
tkrnlpa.exe
2008-10-14 23:32:59 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 23:32:59 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 23:32:58 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 23:32:58 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 23:32:58 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 23:32:57 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 23:32:57 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-09 00:35:10 ----D---- C:\Program Files\e-Carte Bleue Société Générale
2008-10-09 00:26:55 ----D---- C:\Program Files\e-Carte Bleue
2008-10-05 16:11:58 ----D---- C:\Users\gaelle\AppData\Roaming\Opera
2008-10-05 16:11:35 ----D---- C:\Program Files\Opera
2008-10-04 17:40:19 ----D---- C:\Windows\system32\logs
2008-10-04 17:39:49 ----D---- C:\Users\gaelle\AppData\Roaming\BitDefender
2008-10-04 17:39:49 ----D---- C:\Program Files\Common Files\MSSoap
2008-10-04 17:39:49 ----D---- C:\Binaries
2008-10-04 17:39:09 ----D---- C:\ProgramData\BitDefender
2008-10-04 17:39:09 ----D---- C:\Program Files\BitDefender
2008-10-04 17:38:12 ----D---- C:\Program Files\Common Files\BitDefender
2008-10-04 17:18:25 ----D---- C:\Program Files\iPod
2008-10-04 17:18:24 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-04 17:18:24 ----D---- C:\Program Files\iTunes
2008-10-04 01:12:40 ----D---- C:\Users\gaelle\AppData\Roaming\PlayFirst
2008-10-04 00:01:18 ----D---- C:\Users\gaelle\AppData\Roaming\CyberLink
2008-10-03 23:51:12 ----A---- C:\Windows\system32\unrar.dll
2008-10-03 23:51:11 ----A---- C:\Windows\avisplitter.ini
2008-10-03 23:51:10 ----A---- C:\Windows\system32\yv12vfw.dll
2008-10-03 23:51:10 ----A---- C:\Windows\system32\xvidvfw.dll
2008-10-03 23:51:10 ----A---- C:\Windows\system32\xvidcore.dll
2008-10-03 23:51:09 ----A---- C:\Windows\system32\qt-dx331.dll
2008-10-03 23:51:09 ----A---- C:\Windows\system32\dpl100.dll
2008-10-03 23:51:09 ----A---- C:\Windows\system32\divx.dll
2008-10-03 23:51:08 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2008-10-03 23:51:08 ----A---- C:\Windows\system32\ff_vfw.dll
2008-10-03 23:51:07 ----D---- C:\Program Files\K-Lite Codec Pack
2008-10-03 20:13:40 ----D---- C:\Program Files\TF1Vision
2008-10-03 11:15:59 ----D---- C:\Users\gaelle\AppData\Roaming\Template
2008-10-02 22:53:54 ----D---- C:\Users\gaelle\AppData\Roaming\Apple Computer
2008-10-02 22:53:36 ----DC---- C:\Windows\system32\DRVSTORE
2008-10-02 22:53:36 ----A---- C:\Windows\system32\GEARAspi.dll
2008-10-02 22:52:48 ----D---- C:\Program Files\Bonjour
2008-10-02 22:52:15 ----D---- C:\Program Files\QuickTime
2008-10-02 22:52:14 ----D---- C:\ProgramData\Apple Computer
2008-10-02 22:51:55 ----D---- C:\Program Files\Apple Software Update
2008-10-02 22:51:14 ----D---- C:\ProgramData\Apple
2008-10-02 22:51:14 ----D---- C:\Program Files\Common Files\Apple
2008-10-02 22:37:33 ----D---- C:\Users\gaelle\AppData\Roaming\Google
2008-10-02 22:37:24 ----D---- C:\ProgramData\Google
2008-10-02 22:35:41 ----D---- C:\Program Files\Google
2008-10-02 22:12:32 ----D---- C:\Users\gaelle\AppData\Roaming\WildTangent
2008-10-02 19:41:56 ----D---- C:\Users\gaelle\AppData\Roaming\Mozilla
2008-10-02 19:41:50 ----D---- C:\Program Files\Mozilla Firefox
2008-10-02 19:21:37 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-02 19:21:32 ----D---- C:\Program Files\Windows Live
2008-10-02 19:20:57 ----D---- C:\ProgramData\WLInstaller
2008-10-02 19:16:01 ----D---- C:\Users\gaelle\AppData\Roaming\skypePM
2008-10-02 19:12:08 ----D---- C:\Users\gaelle\AppData\Roaming\Skype
2008-10-02 19:11:45 ----D---- C:\Program Files\Skype
2008-10-02 19:11:44 ----D---- C:\Program Files\Common Files\Skype
2008-10-02 19:11:35 ----D---- C:\ProgramData\Skype
2008-10-02 11:04:01 ----A---- C:\Windows\system32	zres.dll
2008-10-02 11:03:07 ----A---- C:\Windows\system32\msshooks.dll
2008-10-02 11:03:06 ----A---- C:\Windows\system32\msscb.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32	hawbrkr.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\srchadmin.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-10-02 11:03:05 ----A---- C:\Windows\system32\propsys.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\propdefs.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\msstrc.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\mssprxy.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\mssitlb.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\msshsq.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\korwbrkr.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\xmlfilter.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\wsepno.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32	query.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-10-02 11:03:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-10-02 11:03:04 ----A---- C:\Windows\system32tffilt.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\offfilt.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32
lhtml.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssvp.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssrch.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssphtb.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssph.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\msscntrs.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mimefilt.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\chtbrkr.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\chsbrkr.dll
2008-10-02 11:00:34 ----D---- C:\Program Files\MSXML 4.0
2008-10-02 10:21:30 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-10-02 10:21:28 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-10-02 10:21:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-10-02 10:21:02 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-10-02 10:20:57 ----A---- C:\Windows\system32\EncDec.dll
2008-10-02 10:20:56 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-02 10:20:27 ----A---- C:\Windows\system32pcrt4.dll
2008-10-02 10:20:26 ----A---- C:\Windows\system32\pacerprf.dll
2008-10-02 10:20:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-10-02 10:20:12 ----A---- C:\Windows\system32\gameux.dll
2008-10-02 10:20:12 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-10-02 10:19:31 ----A---- C:\Windows\system32\shell32.dll
2008-10-02 10:19:06 ----A---- C:\Windows\system32\es.dll
2008-10-02 10:19:02 ----A---- C:\Windows\system32\wmpeffects.dll
2008-10-02 10:18:52 ----A---- C:\Windows\system32\inetcomm.dll
2008-10-02 10:08:37 ----A---- C:\Windows\system32\emdmgmt.dll
2008-10-02 10:08:37 ----A---- C:\Windows\system32\dataclen.dll
2008-10-02 10:08:37 ----A---- C:\Windows\system32\cdd.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\wshext.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\wscript.exe
2008-10-02 10:07:49 ----A---- C:\Windows\system32\vbscript.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\scrrun.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\scrobj.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\jscript.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\cscript.exe
2008-10-02 10:07:38 ----A---- C:\Windows\system32\quartz.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wups2.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wucltux.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wuaueng.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wuauclt.exe
2008-10-02 09:53:41 ----A---- C:\Windows\system32\wups.dll
2008-10-02 09:53:41 ----A---- C:\Windows\system32\wudriver.dll
2008-10-02 09:53:41 ----A---- C:\Windows\system32\wuapi.dll
2008-10-02 09:53:31 ----A---- C:\Windows\system32\wuwebv.dll
2008-10-02 09:53:31 ----A---- C:\Windows\system32\wuapp.exe
2008-10-02 00:55:26 ----A---- C:\ProgramData\MobileTV.exe
2008-10-02 00:55:26 ----A---- C:\ProgramData\DVD.exe
2008-10-02 00:55:25 ----A---- C:\ProgramData\MPV.exe
2008-10-02 00:55:25 ----A---- C:\ProgramData\Karaoke.exe
2008-10-02 00:55:25 ----A---- C:\ProgramData\Games.exe
2008-10-02 00:55:24 ----D---- C:\ProgramData\FRA
2008-10-02 00:55:24 ----A---- C:\ProgramData\hpqp.txt
2008-10-01 23:22:54 ----D---- C:\Temp
2008-10-01 23:16:40 ----D---- C:\Users\gaelle\AppData\Roaming\Symantec
2008-10-01 23:16:16 ----D---- C:\Users\gaelle\AppData\Roaming\DigitalPersona
2008-10-01 23:15:37 ----D---- C:\Users\gaelle\AppData\Roaming\Identities
2008-10-01 23:10:43 ----D---- C:\Users\gaelle\AppData\Roaming\Macromedia
2008-10-01 23:10:15 ----D---- C:\Users\gaelle\AppData\Roaming\Adobe
2008-10-01 23:10:05 ----D---- C:\Users\gaelle\AppData\Roaming\Hewlett-Packard
2008-10-01 23:10:00 ----D---- C:\ProgramData\Viewpoint
2008-10-01 23:09:59 ----D---- C:\Program Files\Viewpoint
2008-10-01 23:09:31 ----D---- C:\Program Files\Common Files\AOL
2008-10-01 23:09:30 ----D---- C:\Program Files\AIM6
2008-10-01 23:08:00 ----D---- C:\Users\gaelle\AppData\Roaming\Macrovision
2008-10-01 23:06:58 ----SD---- C:\Users\gaelle\AppData\Roaming\Microsoft
2008-10-01 23:06:58 ----D---- C:\Users\gaelle\AppData\Roaming\Media Center Programs
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Modèles
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Menu Démarrer
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Favoris
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Bureau
2008-10-01 23:00:41 ----SHD---- C:\Program Files\Fichiers communs
2008-08-29 10:18:58 ----A---- C:\Windows\system32\dns-sd.exe
2008-08-29 09:53:50 ----A---- C:\Windows\system32\dnssd.dll
2008-08-19 16:28:49 ----D---- C:\ProgramData\NVIDIA
2008-08-19 16:27:23 ----A---- C:\ProgramData\hpqp.ini
2008-08-19 16:27:17 ----D---- C:\ProgramData\CyberLink
2008-08-19 16:26:46 ----D---- C:\Windows\system32	r
2008-08-19 16:26:46 ----D---- C:\Windows\system32u
2008-08-19 16:26:46 ----D---- C:\Windows\system32\ko
2008-08-19 16:26:46 ----D---- C:\Windows\system32\ja
2008-08-19 16:26:45 ----D---- C:\Windows\system32\it
2008-08-19 16:26:45 ----D---- C:\Windows\system32\es
2008-08-19 16:26:45 ----D---- C:\Windows\system32\de
2008-08-19 16:26:45 ----D---- C:\Windows\DPDrv
2008-08-19 16:26:29 ----D---- C:\ProgramData\Macrovision
2008-08-19 16:26:29 ----D---- C:\Program Files\DigitalPersona
2008-08-19 16:21:35 ----D---- C:\Program Files\Common Files\LightScribe
2008-08-19 15:52:43 ----A---- C:\Windows\system32\stlang.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\idtmini1.exe
2008-08-19 15:52:43 ----A---- C:\Windows\system32\aestecap.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\AESTCom.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\aestaren.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\aestacap.dll
2008-08-19 15:52:43 ----A---- C:\Windows\sttray.exe
2008-08-19 15:52:08 ----A---- C:\Windows\system32\staco.dll
2008-08-19 15:51:55 ----A---- C:\Windows\system32\stcplx.dll
2008-08-19 15:51:55 ----A---- C:\Windows\system32\stapo.dll
2008-08-19 15:51:55 ----A---- C:\Windows\system32\stapi32.dll
2008-08-19 15:51:53 ----D---- C:\Program Files\IDT
2008-08-19 15:51:49 ----A---- C:\Windows\xUninstall.bat
2008-08-19 15:49:39 ----D---- C:\Windows\JMCR_DIR
2008-08-19 15:49:39 ----A---- C:\Windows\system32\JmCrIcon.dll
2008-08-19 15:49:20 ----D---- C:\Program Files\Validity Sensors, Inc
2008-08-19 15:48:01 ----D---- C:\Program Files\Synaptics
2008-08-19 15:47:43 ----A---- C:\Windows\system32\WdfCoInstaller01000.dll
2008-08-19 15:47:40 ----A---- C:\Windows\system32\SynTPCo4.dll
2008-08-19 15:47:40 ----A---- C:\Windows\system32\SynTPAPI.dll
2008-08-19 15:47:39 ----A---- C:\Windows\system32\SynCtrl.dll
2008-08-19 15:47:39 ----A---- C:\Windows\system32\SynCOM.dll
2008-08-19 15:46:56 ----D---- C:\Program Files\Realtek
2008-08-19 15:46:36 ----D---- C:\Windows\system32\HPMDP
2008-08-19 15:46:17 ----A---- C:\Windows\system32
vexpbar.dll
2008-08-19 15:46:17 ----A---- C:\Windows\system32
vcpluir.dll
2008-08-19 15:46:17 ----A---- C:\Windows\system32
vcplui.exe
2008-08-19 15:45:16 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-08-19 15:43:42 ----D---- C:\Program Files\Intel
2008-08-19 15:43:42 ----A---- C:\Windows\system32\CSVer.dll
2008-08-19 15:43:28 ----D---- C:\Intel
2008-08-19 15:42:57 ----A---- C:\Windows\system32\NETw5r32.dll
2008-08-19 15:42:57 ----A---- C:\Windows\system32\NETw5c32.dll
2008-08-19 15:38:40 ----D---- C:\Windows\SoftwareDistribution
2008-08-19 15:34:36 ----D---- C:\Windows\Prefetch
2008-07-30 10:11:15 ----A---- C:\Windows\system32\gdi32.dll
2008-07-30 10:08:59 ----D---- C:\Windows\Users
2008-07-30 10:08:55 ----A---- C:\Windows\system32\winresume.exe
2008-07-30 10:08:55 ----A---- C:\Windows\system32\winload.exe
2008-07-30 10:08:55 ----A---- C:\Windows\system32\kbd106n.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\srdelayed.exe
2008-07-30 10:08:54 ----A---- C:\Windows\system32\srcore.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\srclient.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32strui.exe
2008-07-30 10:08:54 ----A---- C:\Windows\system32\kd1394.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\ci.dll
2008-07-30 10:07:53 ----D---- C:\Windows\panther
2008-07-30 10:05:56 ----D---- C:\Windows\fr-FR
2008-07-30 10:05:54 ----D---- C:\Windows\system32\fr
2008-07-30 10:05:54 ----D---- C:\Windows\system32\040C
2008-07-30 10:01:23 ----HD---- C:\HP
2008-07-30 02:20:38 ----D---- C:\Windows\Temp
2008-07-30 02:18:34 ----A---- C:\Windows\system32\javaws.exe
2008-07-30 02:18:34 ----A---- C:\Windows\system32\javaw.exe
2008-07-30 02:18:34 ----A---- C:\Windows\system32\java.exe
2008-07-30 02:18:01 ----D---- C:\Program Files\Java
2008-07-30 02:18:01 ----D---- C:\Program Files\Common Files\Java
2008-07-30 02:13:02 ----A---- C:\Windows\system32\ShellvRTF64.dll
2008-07-30 02:13:02 ----A---- C:\Windows\system32\ShellvRTF.dll
2008-07-30 02:11:47 ----D---- C:\Windows\Downloaded Installations
2008-07-30 02:09:02 ----D---- C:\ProgramData\AOL
2008-07-30 02:09:02 ----D---- C:\Program Files\AOL
2008-07-30 02:07:07 ----A---- C:\Windows\system32\ezsvc7x.dll
2008-07-30 02:07:07 ----A---- C:\Windows\system32\ezsvc7.dll
2008-07-30 02:07:06 ----D---- C:\Program Files\EasyBits For Kids
2008-07-30 01:59:30 ----D---- C:\Program Files\CyberLink
2008-07-30 01:58:56 ----D---- C:\ProgramData\Adobe
2008-07-30 01:58:51 ----D---- C:\Program Files\Common Files\Adobe
2008-07-30 01:58:51 ----D---- C:\Program Files\Adobe
2008-07-30 01:57:31 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2008-07-30 01:57:26 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2008-07-30 01:56:57 ----A---- C:\Windows\system32\msonpmon.dll
2008-07-30 01:56:38 ----D---- C:\Program Files\Common Files\DESIGNER
2008-07-30 01:56:30 ----D---- C:\Windows\PCHEALTH
2008-07-30 01:56:30 ----D---- C:\Program Files\Microsoft.NET
2008-07-30 01:55:05 ----D---- C:\ProgramData\Microsoft Help
2008-07-30 01:54:17 ----RHD---- C:\MSOCache
2008-07-30 01:44:08 ----D---- C:\Program Files\muvee Technologies
2008-07-30 01:44:08 ----D---- C:\Program Files\Common Files\muvee Technologies
2008-07-30 01:44:08 ----A---- C:\Windows\system32\Mfc42loc.dll
2008-07-30 01:44:04 ----D---- C:\ProgramData\muvee Technologies
2008-07-30 01:33:34 ----D---- C:\Program Files\Microsoft Office
2008-07-30 01:32:53 ----D---- C:\Program Files\Microsoft Works
2008-07-30 01:32:23 ----D---- C:\Windows\system32\Macromed
2008-07-30 01:18:45 ----D---- C:\ProgramData\WildTangent
2008-07-30 01:18:45 ----D---- C:\ProgramData\Hewlett-Packard
2008-07-30 01:18:45 ----D---- C:\Program Files\HP Games
2008-07-30 01:18:44 ----RD---- C:\Program Files\Online Services
2008-07-30 01:17:30 ----A---- C:\Windows\CSUP.txt
2008-07-30 01:06:10 ----A---- C:\Windows\system32\BttnCmns_64.dll
2008-07-30 01:06:10 ----A---- C:\Windows\system32\BttnCmns.dll
2008-07-30 01:06:10 ----A---- C:\Windows\system32\BttnCmn.dll
2008-07-30 00:59:39 ----A---- C:\Windows\system32\msxml4a.dll
2008-07-30 00:59:24 ----D---- C:\Program Files\HP
2008-07-30 00:59:24 ----A---- C:\Windows\system32\atl71.dll
2008-07-30 00:42:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-07-30 00:31:33 ----SHD---- C:\Windows\Installer
2008-07-30 00:30:43 ----HD---- C:\Program Files\InstallShield Installation Information
2008-07-30 00:30:42 ----D---- C:\Program Files\Common Files\InstallShield
2008-07-30 00:26:43 ----D---- C:\Program Files\Hewlett-Packard
2008-07-30 00:25:14 ----SHD---- C:\$RECYCLE.BIN
2008-07-30 00:15:57 ----SHD---- C:\System Volume Information

moonoye · Answer

======Scheduled tasks folder======

C:\Windows	asks\Norton Internet Security - Effectuer une analyse complète du système - gaelle.job
C:\Windows	asks\sauvegarde.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-03-27 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-10-02 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll [2008-10-02 651760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-10-02 193136]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-10-04 90112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-14 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-14 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-06-25 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"e-TF1"=C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-04 716800]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-10-04 69632]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"eCarteBleue-SG-P3"=C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe [2002-12-20 184320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BitDefender Total Security 2009.lnk - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
etwork\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-10-16 11:34:53 ----D---- C:\Program Files	rend micro
2008-10-16 11:34:52 ----D---- C:sit
2008-10-14 23:33:02 ----A---- C:\Windows\system32
toskrnl.exe
2008-10-14 23:33:02 ----A---- C:\Windows\system32
tkrnlpa.exe
2008-10-14 23:32:59 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 23:32:59 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 23:32:58 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 23:32:58 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 23:32:58 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 23:32:57 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 23:32:57 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-09 00:35:10 ----D---- C:\Program Files\e-Carte Bleue Société Générale
2008-10-09 00:26:55 ----D---- C:\Program Files\e-Carte Bleue
2008-10-05 16:11:58 ----D---- C:\Users\gaelle\AppData\Roaming\Opera
2008-10-05 16:11:35 ----D---- C:\Program Files\Opera
2008-10-04 17:40:19 ----D---- C:\Windows\system32\logs
2008-10-04 17:39:49 ----D---- C:\Users\gaelle\AppData\Roaming\BitDefender
2008-10-04 17:39:49 ----D---- C:\Program Files\Common Files\MSSoap
2008-10-04 17:39:49 ----D---- C:\Binaries
2008-10-04 17:39:09 ----D---- C:\ProgramData\BitDefender
2008-10-04 17:39:09 ----D---- C:\Program Files\BitDefender
2008-10-04 17:38:12 ----D---- C:\Program Files\Common Files\BitDefender
2008-10-04 17:18:25 ----D---- C:\Program Files\iPod
2008-10-04 17:18:24 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-04 17:18:24 ----D---- C:\Program Files\iTunes
2008-10-04 01:12:40 ----D---- C:\Users\gaelle\AppData\Roaming\PlayFirst
2008-10-04 00:01:18 ----D---- C:\Users\gaelle\AppData\Roaming\CyberLink
2008-10-03 23:51:12 ----A---- C:\Windows\system32\unrar.dll
2008-10-03 23:51:11 ----A---- C:\Windows\avisplitter.ini
2008-10-03 23:51:10 ----A---- C:\Windows\system32\yv12vfw.dll
2008-10-03 23:51:10 ----A---- C:\Windows\system32\xvidvfw.dll
2008-10-03 23:51:10 ----A---- C:\Windows\system32\xvidcore.dll
2008-10-03 23:51:09 ----A---- C:\Windows\system32\qt-dx331.dll
2008-10-03 23:51:09 ----A---- C:\Windows\system32\dpl100.dll
2008-10-03 23:51:09 ----A---- C:\Windows\system32\divx.dll
2008-10-03 23:51:08 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2008-10-03 23:51:08 ----A---- C:\Windows\system32\ff_vfw.dll
2008-10-03 23:51:07 ----D---- C:\Program Files\K-Lite Codec Pack
2008-10-03 20:13:40 ----D---- C:\Program Files\TF1Vision
2008-10-03 11:15:59 ----D---- C:\Users\gaelle\AppData\Roaming\Template
2008-10-02 22:53:54 ----D---- C:\Users\gaelle\AppData\Roaming\Apple Computer
2008-10-02 22:53:36 ----DC---- C:\Windows\system32\DRVSTORE
2008-10-02 22:53:36 ----A---- C:\Windows\system32\GEARAspi.dll
2008-10-02 22:52:48 ----D---- C:\Program Files\Bonjour
2008-10-02 22:52:15 ----D---- C:\Program Files\QuickTime
2008-10-02 22:52:14 ----D---- C:\ProgramData\Apple Computer
2008-10-02 22:51:55 ----D---- C:\Program Files\Apple Software Update
2008-10-02 22:51:14 ----D---- C:\ProgramData\Apple
2008-10-02 22:51:14 ----D---- C:\Program Files\Common Files\Apple
2008-10-02 22:37:33 ----D---- C:\Users\gaelle\AppData\Roaming\Google
2008-10-02 22:37:24 ----D---- C:\ProgramData\Google
2008-10-02 22:35:41 ----D---- C:\Program Files\Google
2008-10-02 22:12:32 ----D---- C:\Users\gaelle\AppData\Roaming\WildTangent
2008-10-02 19:41:56 ----D---- C:\Users\gaelle\AppData\Roaming\Mozilla
2008-10-02 19:41:50 ----D---- C:\Program Files\Mozilla Firefox
2008-10-02 19:21:37 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-10-02 19:21:32 ----D---- C:\Program Files\Windows Live
2008-10-02 19:20:57 ----D---- C:\ProgramData\WLInstaller
2008-10-02 19:16:01 ----D---- C:\Users\gaelle\AppData\Roaming\skypePM
2008-10-02 19:12:08 ----D---- C:\Users\gaelle\AppData\Roaming\Skype
2008-10-02 19:11:45 ----D---- C:\Program Files\Skype
2008-10-02 19:11:44 ----D---- C:\Program Files\Common Files\Skype
2008-10-02 19:11:35 ----D---- C:\ProgramData\Skype
2008-10-02 11:04:01 ----A---- C:\Windows\system32	zres.dll
2008-10-02 11:03:07 ----A---- C:\Windows\system32\msshooks.dll
2008-10-02 11:03:06 ----A---- C:\Windows\system32\msscb.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32	hawbrkr.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\srchadmin.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-10-02 11:03:05 ----A---- C:\Windows\system32\propsys.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\propdefs.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\msstrc.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\mssprxy.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\mssitlb.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\msshsq.dll
2008-10-02 11:03:05 ----A---- C:\Windows\system32\korwbrkr.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\xmlfilter.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\wsepno.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32	query.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-10-02 11:03:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-10-02 11:03:04 ----A---- C:\Windows\system32tffilt.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\offfilt.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32
lhtml.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssvp.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssrch.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssphtb.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mssph.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\msscntrs.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\mimefilt.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\chtbrkr.dll
2008-10-02 11:03:04 ----A---- C:\Windows\system32\chsbrkr.dll
2008-10-02 11:00:34 ----D---- C:\Program Files\MSXML 4.0
2008-10-02 10:21:30 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-10-02 10:21:28 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-10-02 10:21:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-10-02 10:21:02 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-10-02 10:20:57 ----A---- C:\Windows\system32\EncDec.dll
2008-10-02 10:20:56 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-02 10:20:27 ----A---- C:\Windows\system32pcrt4.dll
2008-10-02 10:20:26 ----A---- C:\Windows\system32\pacerprf.dll
2008-10-02 10:20:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-10-02 10:20:12 ----A---- C:\Windows\system32\gameux.dll
2008-10-02 10:20:12 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-10-02 10:19:31 ----A---- C:\Windows\system32\shell32.dll
2008-10-02 10:19:06 ----A---- C:\Windows\system32\es.dll
2008-10-02 10:19:02 ----A---- C:\Windows\system32\wmpeffects.dll
2008-10-02 10:18:52 ----A---- C:\Windows\system32\inetcomm.dll
2008-10-02 10:08:37 ----A---- C:\Windows\system32\emdmgmt.dll
2008-10-02 10:08:37 ----A---- C:\Windows\system32\dataclen.dll
2008-10-02 10:08:37 ----A---- C:\Windows\system32\cdd.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\wshext.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\wscript.exe
2008-10-02 10:07:49 ----A---- C:\Windows\system32\vbscript.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\scrrun.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\scrobj.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\jscript.dll
2008-10-02 10:07:49 ----A---- C:\Windows\system32\cscript.exe
2008-10-02 10:07:38 ----A---- C:\Windows\system32\quartz.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wups2.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wucltux.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wuaueng.dll
2008-10-02 09:54:05 ----A---- C:\Windows\system32\wuauclt.exe
2008-10-02 09:53:41 ----A---- C:\Windows\system32\wups.dll
2008-10-02 09:53:41 ----A---- C:\Windows\system32\wudriver.dll
2008-10-02 09:53:41 ----A---- C:\Windows\system32\wuapi.dll
2008-10-02 09:53:31 ----A---- C:\Windows\system32\wuwebv.dll
2008-10-02 09:53:31 ----A---- C:\Windows\system32\wuapp.exe
2008-10-02 00:55:26 ----A---- C:\ProgramData\MobileTV.exe
2008-10-02 00:55:26 ----A---- C:\ProgramData\DVD.exe
2008-10-02 00:55:25 ----A---- C:\ProgramData\MPV.exe
2008-10-02 00:55:25 ----A---- C:\ProgramData\Karaoke.exe
2008-10-02 00:55:25 ----A---- C:\ProgramData\Games.exe
2008-10-02 00:55:24 ----D---- C:\ProgramData\FRA
2008-10-02 00:55:24 ----A---- C:\ProgramData\hpqp.txt
2008-10-01 23:22:54 ----D---- C:\Temp
2008-10-01 23:16:40 ----D---- C:\Users\gaelle\AppData\Roaming\Symantec
2008-10-01 23:16:16 ----D---- C:\Users\gaelle\AppData\Roaming\DigitalPersona
2008-10-01 23:15:37 ----D---- C:\Users\gaelle\AppData\Roaming\Identities
2008-10-01 23:10:43 ----D---- C:\Users\gaelle\AppData\Roaming\Macromedia
2008-10-01 23:10:15 ----D---- C:\Users\gaelle\AppData\Roaming\Adobe
2008-10-01 23:10:05 ----D---- C:\Users\gaelle\AppData\Roaming\Hewlett-Packard
2008-10-01 23:10:00 ----D---- C:\ProgramData\Viewpoint
2008-10-01 23:09:59 ----D---- C:\Program Files\Viewpoint
2008-10-01 23:09:31 ----D---- C:\Program Files\Common Files\AOL
2008-10-01 23:09:30 ----D---- C:\Program Files\AIM6
2008-10-01 23:08:00 ----D---- C:\Users\gaelle\AppData\Roaming\Macrovision
2008-10-01 23:06:58 ----SD---- C:\Users\gaelle\AppData\Roaming\Microsoft
2008-10-01 23:06:58 ----D---- C:\Users\gaelle\AppData\Roaming\Media Center Programs
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Modèles
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Menu Démarrer
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Favoris
2008-10-01 23:00:41 ----SHD---- C:\ProgramData\Bureau
2008-10-01 23:00:41 ----SHD---- C:\Program Files\Fichiers communs
2008-08-29 10:18:58 ----A---- C:\Windows\system32\dns-sd.exe
2008-08-29 09:53:50 ----A---- C:\Windows\system32\dnssd.dll
2008-08-19 16:28:49 ----D---- C:\ProgramData\NVIDIA
2008-08-19 16:27:23 ----A---- C:\ProgramData\hpqp.ini
2008-08-19 16:27:17 ----D---- C:\ProgramData\CyberLink
2008-08-19 16:26:46 ----D---- C:\Windows\system32	r
2008-08-19 16:26:46 ----D---- C:\Windows\system32u
2008-08-19 16:26:46 ----D---- C:\Windows\system32\ko
2008-08-19 16:26:46 ----D---- C:\Windows\system32\ja
2008-08-19 16:26:45 ----D---- C:\Windows\system32\it
2008-08-19 16:26:45 ----D---- C:\Windows\system32\es
2008-08-19 16:26:45 ----D---- C:\Windows\system32\de
2008-08-19 16:26:45 ----D---- C:\Windows\DPDrv
2008-08-19 16:26:29 ----D---- C:\ProgramData\Macrovision
2008-08-19 16:26:29 ----D---- C:\Program Files\DigitalPersona
2008-08-19 16:21:35 ----D---- C:\Program Files\Common Files\LightScribe
2008-08-19 15:52:43 ----A---- C:\Windows\system32\stlang.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\idtmini1.exe
2008-08-19 15:52:43 ----A---- C:\Windows\system32\aestecap.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\AESTCom.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\aestaren.dll
2008-08-19 15:52:43 ----A---- C:\Windows\system32\aestacap.dll
2008-08-19 15:52:43 ----A---- C:\Windows\sttray.exe
2008-08-19 15:52:08 ----A---- C:\Windows\system32\staco.dll
2008-08-19 15:51:55 ----A---- C:\Windows\system32\stcplx.dll
2008-08-19 15:51:55 ----A---- C:\Windows\system32\stapo.dll
2008-08-19 15:51:55 ----A---- C:\Windows\system32\stapi32.dll
2008-08-19 15:51:53 ----D---- C:\Program Files\IDT
2008-08-19 15:51:49 ----A---- C:\Windows\xUninstall.bat
2008-08-19 15:49:39 ----D---- C:\Windows\JMCR_DIR
2008-08-19 15:49:39 ----A---- C:\Windows\system32\JmCrIcon.dll
2008-08-19 15:49:20 ----D---- C:\Program Files\Validity Sensors, Inc
2008-08-19 15:48:01 ----D---- C:\Program Files\Synaptics
2008-08-19 15:47:43 ----A---- C:\Windows\system32\WdfCoInstaller01000.dll
2008-08-19 15:47:40 ----A---- C:\Windows\system32\SynTPCo4.dll
2008-08-19 15:47:40 ----A---- C:\Windows\system32\SynTPAPI.dll
2008-08-19 15:47:39 ----A---- C:\Windows\system32\SynCtrl.dll
2008-08-19 15:47:39 ----A---- C:\Windows\system32\SynCOM.dll
2008-08-19 15:46:56 ----D---- C:\Program Files\Realtek
2008-08-19 15:46:36 ----D---- C:\Windows\system32\HPMDP
2008-08-19 15:46:17 ----A---- C:\Windows\system32
vexpbar.dll
2008-08-19 15:46:17 ----A---- C:\Windows\system32
vcpluir.dll
2008-08-19 15:46:17 ----A---- C:\Windows\system32
vcplui.exe
2008-08-19 15:45:16 ----A---- C:\Windows\system32\NVUNINST.EXE
2008-08-19 15:43:42 ----D---- C:\Program Files\Intel
2008-08-19 15:43:42 ----A---- C:\Windows\system32\CSVer.dll
2008-08-19 15:43:28 ----D---- C:\Intel
2008-08-19 15:42:57 ----A---- C:\Windows\system32\NETw5r32.dll
2008-08-19 15:42:57 ----A---- C:\Windows\system32\NETw5c32.dll
2008-08-19 15:38:40 ----D---- C:\Windows\SoftwareDistribution
2008-08-19 15:34:36 ----D---- C:\Windows\Prefetch
2008-07-30 10:11:15 ----A---- C:\Windows\system32\gdi32.dll
2008-07-30 10:08:59 ----D---- C:\Windows\Users
2008-07-30 10:08:55 ----A---- C:\Windows\system32\winresume.exe
2008-07-30 10:08:55 ----A---- C:\Windows\system32\winload.exe
2008-07-30 10:08:55 ----A---- C:\Windows\system32\kbd106n.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\srdelayed.exe
2008-07-30 10:08:54 ----A---- C:\Windows\system32\srcore.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\srclient.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32strui.exe
2008-07-30 10:08:54 ----A---- C:\Windows\system32\kd1394.dll
2008-07-30 10:08:54 ----A---- C:\Windows\system32\ci.dll
2008-07-30 10:07:53 ----D---- C:\Windows\panther
2008-07-30 10:05:56 ----D---- C:\Windows\fr-FR
2008-07-30 10:05:54 ----D---- C:\Windows\system32\fr
2008-07-30 10:05:54 ----D---- C:\Windows\system32\040C
2008-07-30 10:01:23 ----HD---- C:\HP
2008-07-30 02:20:38 ----D---- C:\Windows\Temp
2008-07-30 02:18:34 ----A---- C:\Windows\system32\javaws.exe
2008-07-30 02:18:34 ----A---- C:\Windows\system32\javaw.exe
2008-07-30 02:18:34 ----A---- C:\Windows\system32\java.exe
2008-07-30 02:18:01 ----D---- C:\Program Files\Java
2008-07-30 02:18:01 ----D---- C:\Program Files\Common Files\Java
2008-07-30 02:13:02 ----A---- C:\Windows\system32\ShellvRTF64.dll
2008-07-30 02:13:02 ----A---- C:\Windows\system32\ShellvRTF.dll
2008-07-30 02:11:47 ----D---- C:\Windows\Downloaded Installations
2008-07-30 02:09:02 ----D---- C:\ProgramData\AOL
2008-07-30 02:09:02 ----D---- C:\Program Files\AOL
2008-07-30 02:07:07 ----A---- C:\Windows\system32\ezsvc7x.dll
2008-07-30 02:07:07 ----A---- C:\Windows\system32\ezsvc7.dll
2008-07-30 02:07:06 ----D---- C:\Program Files\EasyBits For Kids
2008-07-30 01:59:30 ----D---- C:\Program Files\CyberLink
2008-07-30 01:58:56 ----D---- C:\ProgramData\Adobe
2008-07-30 01:58:51 ----D---- C:\Program Files\Common Files\Adobe
2008-07-30 01:58:51 ----D---- C:\Program Files\Adobe
2008-07-30 01:57:31 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2008-07-30 01:57:26 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2008-07-30 01:56:57 ----A---- C:\Windows\system32\msonpmon.dll
2008-07-30 01:56:38 ----D---- C:\Program Files\Common Files\DESIGNER
2008-07-30 01:56:30 ----D---- C:\Windows\PCHEALTH
2008-07-30 01:56:30 ----D---- C:\Program Files\Microsoft.NET
2008-07-30 01:55:05 ----D---- C:\ProgramData\Microsoft Help
2008-07-30 01:54:17 ----RHD---- C:\MSOCache
2008-07-30 01:44:08 ----D---- C:\Program Files\muvee Technologies
2008-07-30 01:44:08 ----D---- C:\Program Files\Common Files\muvee Technologies
2008-07-30 01:44:08 ----A---- C:\Windows\system32\Mfc42loc.dll
2008-07-30 01:44:04 ----D---- C:\ProgramData\muvee Technologies
2008-07-30 01:33:34 ----D---- C:\Program Files\Microsoft Office
2008-07-30 01:32:53 ----D---- C:\Program Files\Microsoft Works
2008-07-30 01:32:23 ----D---- C:\Windows\system32\Macromed
2008-07-30 01:18:45 ----D---- C:\ProgramData\WildTangent
2008-07-30 01:18:45 ----D---- C:\ProgramData\Hewlett-Packard
2008-07-30 01:18:45 ----D---- C:\Program Files\HP Games
2008-07-30 01:18:44 ----RD---- C:\Program Files\Online Services
2008-07-30 01:17:30 ----A---- C:\Windows\CSUP.txt
2008-07-30 01:06:10 ----A---- C:\Windows\system32\BttnCmns_64.dll
2008-07-30 01:06:10 ----A---- C:\Windows\system32\BttnCmns.dll
2008-07-30 01:06:10 ----A---- C:\Windows\system32\BttnCmn.dll
2008-07-30 00:59:39 ----A---- C:\Windows\system32\msxml4a.dll
2008-07-30 00:59:24 ----D---- C:\Program Files\HP
2008-07-30 00:59:24 ----A---- C:\Windows\system32\atl71.dll
2008-07-30 00:42:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-07-30 00:31:33 ----SHD---- C:\Windows\Installer
2008-07-30 00:30:43 ----HD---- C:\Program Files\InstallShield Installation Information
2008-07-30 00:30:42 ----D---- C:\Program Files\Common Files\InstallShield
2008-07-30 00:26:43 ----D---- C:\Program Files\Hewlett-Packard
2008-07-30 00:25:14 ----SHD---- C:\$RECYCLE.BIN
2008-07-30 00:15:57 ----SHD---- C:\System Volume Information

moonoye · Answer

======List of files/folders modified in the last 3 months======

2008-10-16 11:34:53 ----RD---- C:\Program Files
2008-10-15 18:12:18 ----D---- C:\Windows\System32
2008-10-15 18:12:18 ----D---- C:\Windows\inf
2008-10-15 18:12:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-15 10:11:09 ----D---- C:\Windows\winsxs
2008-10-15 10:00:59 ----D---- C:\Windows\system32\catroot
2008-10-15 09:58:47 ----D---- C:\Windows\system32\migration
2008-10-15 09:58:47 ----D---- C:\Windows\system32\drivers
2008-10-15 09:58:47 ----D---- C:\Program Files\Windows Mail
2008-10-14 23:32:42 ----D---- C:\Windows\system32\catroot2
2008-10-14 15:55:26 ----D---- C:\Windows\system32\WDI
2008-10-12 14:12:14 ----D---- C:\Windows\system32\Tasks
2008-10-09 00:26:56 ----D---- C:\Windows
2008-10-08 23:48:45 ----RSD---- C:\Windows\assembly
2008-10-08 23:47:24 ----D---- C:\SwSetup
2008-10-07 21:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-04 22:01:01 ----D---- C:\Windows\Tasks
2008-10-04 17:39:49 ----D---- C:\Program Files\Common Files
2008-10-04 17:39:09 ----HD---- C:\ProgramData
2008-10-04 00:20:29 ----D---- C:\Windows\Debug
2008-10-03 09:57:35 ----D---- C:\Windowsescache
2008-10-03 09:45:38 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-02 22:52:40 ----D---- C:\Program Files\Internet Explorer
2008-10-02 17:30:16 ----SD---- C:\ProgramData\Microsoft
2008-10-02 14:49:30 ----D---- C:\Windows\Logs
2008-10-02 13:40:18 ----D---- C:\Windows\AppPatch
2008-10-02 13:40:16 ----D---- C:\Windows\system32\fr-FR
2008-10-02 13:40:15 ----D---- C:\Windows\PolicyDefinitions
2008-10-02 13:40:13 ----D---- C:\Windows\ehome
2008-10-02 11:01:28 ----D---- C:\Windows\Microsoft.NET
2008-10-02 10:42:31 ----D---- C:\Windows\system32\NDF
2008-10-02 00:49:51 ----D---- C:\Windows\SMINST
2008-10-01 23:15:20 ----D---- C:\Windows\system
2008-10-01 23:09:49 ----SD---- C:\Windows\Downloaded Program Files
2008-10-01 23:08:38 ----HD---- C:\System.sav
2008-10-01 23:08:38 ----D---- C:\Windows\system32estore
2008-10-01 23:06:57 ----RD---- C:\Users
2008-10-01 23:00:41 ----D---- C:\Program Files\Windows NT
2008-08-19 16:29:18 ----D---- C:\Windows\system32\sysprep
2008-08-19 16:26:46 ----D---- C:\Windows\system32\pt-PT
2008-08-19 16:26:46 ----D---- C:\Windows\system32\pt-BR
2008-08-19 16:26:46 ----D---- C:\Windows\system32
l-NL
2008-08-19 16:26:45 ----D---- C:\Windows\system32\zh-TW
2008-08-19 16:26:45 ----D---- C:\Windows\system32\zh-CN
2008-08-19 16:26:45 ----D---- C:\Windows\system32\en-US
2008-08-19 16:23:17 ----RSD---- C:\Windows\Fonts
2008-08-19 15:46:07 ----D---- C:\Windows\Help
2008-07-30 12:24:41 ----SHD---- C:\boot
2008-07-30 10:11:09 ----D---- C:\Windows\system32\oobe
2008-07-30 10:09:12 ----D---- C:\Windows\system32\Boot
2008-07-30 10:07:39 ----D---- C:\Windows\WindowsMobile
2008-07-30 10:07:39 ----D---- C:\Windows\system32\winrm
2008-07-30 10:07:39 ----D---- C:\Windows\system32\slmgr
2008-07-30 10:07:39 ----D---- C:\Windows\system32\setup
2008-07-30 10:07:39 ----D---- C:\Windows\system32\migwiz
2008-07-30 10:07:39 ----D---- C:\Windows\system32\Branding
2008-07-30 10:07:39 ----D---- C:\Windows\servicing
2008-07-30 10:07:39 ----D---- C:\Windows\MSAgent
2008-07-30 10:07:39 ----D---- C:\Windows\IME
2008-07-30 10:07:39 ----D---- C:\Windows\DigitalLocker
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Sidebar
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Photo Gallery
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Media Player
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Journal
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Defender
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Collaboration
2008-07-30 10:07:39 ----D---- C:\Program Files\Windows Calendar
2008-07-30 10:07:39 ----D---- C:\Program Files\Movie Maker
2008-07-30 10:07:39 ----D---- C:\Program Files\Common Files\System
2008-07-30 10:07:38 ----D---- C:\Windows\system32\WCN
2008-07-30 10:07:38 ----D---- C:\Windows\system32\wbem
2008-07-30 10:07:38 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2008-07-30 10:07:38 ----D---- C:\Windows\system32\MUI
2008-07-30 10:07:38 ----D---- C:\Windows\system32\DriverStore
2008-07-30 10:07:38 ----D---- C:\Windows\system32\com
2008-07-30 10:05:54 ----D---- C:\Windows\system32\XPSViewer
2008-07-30 01:55:22 ----D---- C:\Windows\ShellNew
2008-07-30 01:44:29 ----A---- C:\autoexec.bat

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2008-10-04 135560]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-07-02 82568]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-10-04 108864]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-04 103944]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-10-04 228672]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2008-02-26 8448]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-08 96856]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers
vhda32v.sys [2008-05-14 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS
vlddmkm.sys [2008-05-14 7443872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-04-27 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS
vm60x32.sys [2006-11-02 429056]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERSfcomm.sys [2008-01-21 49664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-04 393216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32
vvsvc.exe [2008-05-14 118784]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-04-27 599344]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-10-04 1527808]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-09 148832]
R3 iPod Service;Service de l&#8217;iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-06 165416]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-02 156656]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Lyonnais92 · Answer

Bonsoir,

rien d'évident.

On va faire comme ça :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\program Files(x86)HPGames\SudokuQuest\Sudoku-WT.exe

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse. 

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

moonoye · Answer

voilà,

Antivirus	Version	Dernière mise à jour	Résultat
AhnLab-V3	2008.9.13.0	2008.09.12	-
AntiVir	7.8.1.28	2008.09.12	-
Authentium	5.1.0.4	2008.09.13	-
Avast	4.8.1195.0	2008.09.13	-
AVG	8.0.0.161	2008.09.14	-
BitDefender	7.2	2008.09.14	Trojan.Peed.Gen
CAT-QuickHeal	9.50	2008.09.13	-
ClamAV	0.93.1	2008.09.14	-
DrWeb	4.44.0.09170	2008.09.14	-
eSafe	7.0.17.0	2008.09.14	Suspicious File
eTrust-Vet	31.6.6087	2008.09.12	-
Ewido	4.0	2008.09.14	-
F-Prot	4.4.4.56	2008.09.14	-
F-Secure	8.0.14332.0	2008.09.14	-
Fortinet	3.113.0.0	2008.09.14	-
GData	19	2008.09.14	-
Ikarus	T3.1.1.34.0	2008.09.14	-
K7AntiVirus	7.10.454	2008.09.13	-
Kaspersky	7.0.0.125	2008.09.14	-
McAfee	5383	2008.09.12	-
Microsoft	1.3903	2008.09.14	-
NOD32v2	3440	2008.09.13	-
Norman	5.80.02	2008.09.12	-
Panda	9.0.0.4	2008.09.13	-
PCTools	4.4.2.0	2008.09.13	-
Prevx1	V2	2008.09.14	-
Rising	20.61.42.00	2008.09.12	-
Sophos	4.33.0	2008.09.14	-
Sunbelt	3.1.1633.1	2008.09.13	-
Symantec	10	2008.09.14	-
TheHacker	6.3.0.9.082	2008.09.14	-
TrendMicro	8.700.0.1004	2008.09.12	-
VBA32	3.12.8.5	2008.09.13	-
ViRobot	2008.9.12.1375	2008.09.12	-
VirusBuster	4.5.11.0	2008.09.14	-
Webwasher-Gateway	6.6.2	2008.09.14	Virus.Win32.FileInfector.gen!90 (suspicious)
Information additionnelle
File size: 3765768 bytes
MD5...: 1d4f33a6a9fb721b5b1cd8bed20f2599
SHA1..: 8e1bf8ca28191e4ee500789a5d89dc87f4242caa
SHA256: 8b8f099813c58443aaf8b5ab085a7e37f5875c1937e5b35f0a076461f9f14532
SHA512: f91400cb8528a1aeda38a67d022517d4749bc62d0068dae6c54217717e1355ec
2e0d71713f11728a71edb8878513acff50700acd3695846034907feda7ae83fd
PEiD..: -
TrID..: File type identification
Win32 EXE PECompact compressed (generic) (41.8%)
Win32 Executable MS Visual C++ (generic) (37.9%)
Win32 Executable Generic (8.5%)
Win32 Dynamic Link Library (generic) (7.6%)
Generic Win/DOS Executable (2.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x468426
timedatestamp.....: 0x47434da1 (Tue Nov 20 21:12:01 2007)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x954d6 0x96000 6.53 3544aa24e6708dfb5e543b9a232134a7
.pecode 0x97000 0xd8c5 0xe000 8.00 69d469e588d8d3823591ba53a397273b
.pccode 0xa5000 0x1106 0x2000 7.98 4fe69ddb9a7b4e736e69f231f151dc7d
.rdata 0xa7000 0x27170 0x28000 5.41 2256ed9900ac691a286913923a6b9a47
.data 0xcf000 0x9e94 0x4000 4.39 31cd355ddaa6d3996a84a4ee1666317f
.phs 0xd9000 0x428 0x1000 7.64 f144dd1b4f4bc237aecf1db3e3bc5682
.rsrc 0xda000 0xc418 0xd000 4.95 c36f07266122ee7c32e09d582f370d27

( 18 imports ) 
> WINMM.dll: timeGetTime, PlaySoundA
> DINPUT8.dll: DirectInput8Create
> KERNEL32.dll: GetVolumeInformationA, HeapFree, HeapAlloc, IsBadReadPtr, UnmapViewOfFile, MapViewOfFile, CreateFileMappingA, FormatMessageA, LockFile, UnlockFile, lstrcpyA, EnumResourceLanguagesA, ConvertDefaultLocale, lstrcmpA, GlobalDeleteAtom, GlobalAddAtomA, lstrcmpW, lstrcatA, GlobalFindAtomA, GlobalGetAtomNameA, GlobalFlags, GlobalReAlloc, GlobalHandle, LocalReAlloc, TlsFree, SetErrorMode, GetFileTime, GetCPInfo, GetOEMCP, DeviceIoControl, ExitProcess, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, HeapReAlloc, GetSystemTimeAsFileTime, GetFileType, GetStartupInfoA, GetCommandLineA, GetDriveTypeA, HeapSize, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, LCMapStringA, LCMapStringW, GetTimeZoneInformation, SetHandleCount, GetStdHandle, SetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetStringTypeA, GetStringTypeW, IsBadCodePtr, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, SetEnvironmentVariableA, SetLastError, WritePrivateProfileStringA, VirtualProtectEx, TlsAlloc, TlsSetValue, TlsGetValue, FlushFileBuffers, MoveFileA, GetFileAttributesExA, GetCurrentDirectoryA, GetCurrentThread, SetThreadAffinityMask, QueryPerformanceCounter, QueryPerformanceFrequency, GetWindowsDirectoryA, LocalAlloc, LocalFree, DuplicateHandle, GetPrivateProfileStringA, FileTimeToSystemTime, GetFileSize, SetEndOfFile, SetFilePointer, WriteFile, ReadFile, GetSystemTime, SystemTimeToFileTime, FileTimeToLocalFileTime, TerminateThread, GetFullPathNameA, LocalFileTimeToFileTime, SetFileTime, SetFileAttributesA, DosDateTimeToFileTime, CreateDirectoryA, FindNextFileA, FindFirstFileA, CopyFileA, CompareStringA, CompareStringW, GetVersion, EnumResourceNamesA, CreateThread, DeleteFileA, ReleaseMutex, CreateMutexA, ResumeThread, GetCurrentProcess, VirtualAllocEx, WriteProcessMemory, LoadLibraryA, CreateRemoteThread, VirtualFreeEx, GetCurrentProcessId, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, LockResource, FreeResource, MulDiv, LoadLibraryW, GetProcAddress, FindFirstFileW, FindNextFileW, FindClose, GetModuleFileNameW, GetFileAttributesW, GetNumberFormatW, GetDateFormatW, GetUserDefaultLCID, GetUserGeoID, GetUserDefaultUILanguage, GetSystemDefaultLangID, GetLocaleInfoW, EnterCriticalSection, LeaveCriticalSection, RaiseException, DeleteCriticalSection, IsDBCSLeadByte, lstrcpynA, lstrcmpiA, LoadLibraryExA, FindResourceA, LoadResource, SizeofResource, FreeLibrary, GetLastError, MultiByteToWideChar, GetModuleFileNameA, lstrlenA, GetModuleHandleA, InterlockedDecrement, InterlockedIncrement, InitializeCriticalSection, OpenProcess, OpenThread, GetExitCodeProcess, CreateEventA, TerminateProcess, ResetEvent, SetEvent, SetUnhandledExceptionFilter, IsDebuggerPresent, WaitForSingleObject, Sleep, WideCharToMultiByte, lstrlenW, CreateFileA, GetTickCount, GetCurrentThreadId, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, GetVersionExA, GetFileAttributesA, CreateProcessA, CloseHandle, RtlUnwind
> USER32.dll: PostThreadMessageA, MessageBeep, GetNextDlgGroupItem, InvalidateRgn, CopyAcceleratorTableA, SetRect, IsRectEmpty, GetSysColorBrush, DestroyMenu, WinHelpA, GetCapture, CreateWindowExA, GetClassLongA, GetClassInfoExA, SetPropA, GetPropA, RemovePropA, IsChild, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, UpdateWindow, GetMenu, AdjustWindowRectEx, EqualRect, GetClassInfoA, RegisterClassA, DefWindowProcA, CallWindowProcA, CopyRect, RegisterWindowMessageA, RegisterClipboardFormatA, SetWindowContextHelpId, MapDialogRect, SetMenuItemBitmaps, ModifyMenuA, CheckMenuItem, GetMenuCheckMarkDimensions, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetKeyState, PeekMessageA, ValidateRect, MessageBoxA, GetLastActivePopup, UnhookWindowsHookEx, GetSysColor, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, GetMenuState, GetSubMenu, GetDesktopWindow, GetActiveWindow, SetActiveWindow, CreateDialogIndirectParamA, DestroyWindow, GetNextDlgTabItem, EndDialog, GetWindowTextA, GetFocus, SetWindowPos, IsWindowEnabled, SetWindowLongA, GetDlgCtrlID, SetWindowTextA, GetWindowLongA, IsDialogMessageA, SendDlgItemMessageA, GetDlgItem, GetWindow, ChangeDisplaySettingsA, EnumDisplaySettingsA, GetDC, ReleaseDC, CharUpperA, EnableWindow, EnableMenuItem, SetWindowRgn, GetClientRect, IsIconic, DrawIcon, InvalidateRect, SendMessageA, SetTimer, GetSystemMenu, InsertMenuA, GetMenuItemCount, LoadIconA, LoadStringW, MessageBoxW, CharLowerBuffA, OffsetRect, SetCapture, ReleaseCapture, LoadCursorA, SetCursor, IsWindow, GetCursorPos, PtInRect, LoadBitmapA, CharLowerBuffW, UnregisterClassA, CharNextA, PostQuitMessage, wsprintfA, FindWindowExA, SetWindowPlacement, WaitForInputIdle, SystemParametersInfoA, MoveWindow, GetClassNameA, PostMessageA, ShowWindow, GetWindowPlacement, SendInput, GetLastInputInfo, GetForegroundWindow, AttachThreadInput, SetForegroundWindow, SetFocus, FindWindowA, EnumWindows, GetWindowThreadProcessId, IsWindowVisible, GetWindowRect, GetSystemMetrics, IntersectRect, GetParent, GetMenuItemID
> GDI32.dll: ScaleViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, ExtTextOutA, TextOutA, RectVisible, PtVisible, GetRgnBox, GetTextColor, GetBkColor, GetMapMode, CreateRectRgnIndirect, GetStockObject, CreateBitmap, DeleteDC, ExtSelectClipRgn, ScaleWindowExtEx, CreateCompatibleDC, SetViewportExtEx, GetObjectA, GetWindowExtEx, GetViewportExtEx, DeleteObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, CreateRectRgn, CreateRoundRectRgn, BitBlt, GetDeviceCaps, SetWindowExtEx
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: DocumentPropertiesA, OpenPrinterA, ClosePrinter
> ADVAPI32.dll: RegQueryValueExA, RegEnumKeyExA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCreateKeyExA, RegSetValueExA, RegQueryInfoKeyA, RegQueryValueA, RegEnumKeyA, RegOpenKeyA, RegCloseKey, GetUserNameA, RegSetKeySecurity, ImpersonateSelf, RevertToSelf
> SHELL32.dll: SHGetSpecialFolderPathA, ShellExecuteExA, SHGetFileInfoA, SHFileOperationA
> COMCTL32.dll: -
> SHLWAPI.dll: PathStripToRootA, PathIsUNCA, PathFindExtensionA, PathFileExistsA, PathFindFileNameA
> oledlg.dll: -
> ole32.dll: StgCreateDocfileOnILockBytes, CreateStreamOnHGlobal, CreateILockBytesOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, CoUninitialize, CoInitialize, CoCreateInstance, CoRevokeClassObject, StringFromCLSID, CoCreateGuid, CLSIDFromString, CoSetProxyBlanket, CoInitializeSecurity, CoInitializeEx, CLSIDFromProgID, OleUninitialize, CoFreeUnusedLibraries, OleInitialize, CoGetClassObject, StgOpenStorageOnILockBytes, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, CoTaskMemRealloc
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> urlmon.dll: URLDownloadToCacheFileA
> WS2_32.dll: -, -, -, -, -
> WININET.dll: HttpOpenRequestA, InternetGetLastResponseInfoA, InternetReadFile, InternetCloseHandle, InternetOpenA, InternetConnectA, HttpAddRequestHeadersA, HttpQueryInfoA, HttpSendRequestA, InternetQueryOptionA
> iphlpapi.dll: GetAdaptersInfo

( 0 exports )

Lyonnais92 · Answer

Re,

tu utilises ce jeu ?

moonoye · Answer

et bien non... ^^,

Lyonnais92 · Answer

Binjour,

alors, tu fais ça :

tu cherches C:\program Files(x86)HPGames\SudokuQuest\Sudoku-WT.exe  par l'explorateur Windows, clic droit et supprimer.

Ensuite, tu vides ta Corbeille.

Si il ne veut pas, essaye en mode sans échec (si tu ne sais pas démarrer en mode sans échec, je te donnerai la procédure).

moonoye · Answer

bonjour (excuse),

Alors j'ai redemarrer en mode sans echec, j'ai supprimer le fichier, j'ai redemarrer le pc et fais une annalyse anti-virus et a première vue il n'y a plus rien.

Par contre j'aimerai savoir une chose, si jamais je fais une reinstallation du systhème un jour est ce que le trojan sera là?

Merci ^^,

Lyonnais92 · Answer

Re,

bonne question.

Fais ça et c'est sûr qu'il n'y sera plus :

Ouvre ce lien :

http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924

dans un premier temps tu le suis pour désactiver la restauration système.

Tu fermes la fenêtre.

Dans un deuxième temps, tu le suis pour réactiver la restauration.

=========

Tout fonctionne parfaitement ou tu souhaites des vérifications complémentaires ?

moonoye · Answer

Merci!

le pc fonctionne bien enfin j'ai juste un souci par rapport a mon navigateur ça arrive souvent qu'il rencontre un problème et qui me ferme ma page je ne sais pas pourquoi, j'uttilise opera. avant j'uttilisais firefox ça le fesais donc j'ai changé de navigateur.

Lyonnais92 · Answer

Re,

peut être pas la solution, mais nettoyer ne fais pas de mal.

Poiur un nettoyage "en profondeur", tu as Ccleaner.

Pour un nettoyage quotidien, tu as ATF Cleaner.

Tu les connais tous les 2 ?

moonoye · Answer

c cleaner oui je connais mais je n'ai pas encore installé ce genre de logiciel sur mon pc portable, ça fais trois semaines que je l'ai.
Je vais l'installé, autre chose a installé en plus ou ça suffira?

Lyonnais92 · Answer

Re,

CCleaner, mode d'emploi :

*Ccleaner (gratuit)
Téléchargement :
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !


->Lance CCleaner.

Suppression des fichiers temporaires

Va dans la section "Options" situé dans la marge gauche.
Décoche "Avancé"
Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes ces cases dans la marge gauche (Internet Explorer/Windows Explorer/Système)
• Clique sur [Analyse]
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur [Lancer le Nettoyage]

->Relance CCleaner.
Suppression des incohérences du registre

• Clique sur l'icône [Registre] situés dans la marge à gauche
• Puis clique sur [Analyser les erreurs]
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur [Corriger les erreurs].

Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement.
========================================


ATF Cleaner, téléchargement et mode d'emploi

    =>/b Télécharge ATF-Cleaner (Attribune) : http://www.atribune.org/ccount/click.php?id=1
    -- Met le sur ton bureau
    Note: Pour augmenter l'efficacité nous l'utiliserons ultérieurement en mode sans echec


    => Lance ATF-Cleaner :
    * Sous l'onglet Main, choisis : Select All
    * Clique sur le bouton Empty Selected

    * Sous l'onglet Firefox (si présent) : Clique sur select all
    -- Au message "are you sure you want to delete your firefox saved password" clique sur NON
    -- Clique sur Empty selected

    * Sous l'onglet Opéra (si présent) : Clique sur select all
    -- Au message "are you sure you want to delete your firefox saved password" clique sur NON
    -- Clique sur Empty selected

    * Quitte ATF-Cleaner

moonoye · Answer

ok merci beaucoup pour ton aide ^^,

@+

Lyonnais92 · Answer

Re,

ton Bit defender inclut un parefeu ou c'est seulement l'antivrus ?

Version payante ou d'essai ?

moonoye · Answer

j'ai un pare-feu egalement avec l'antivirus, c'est Bitdefender total security 2009 que j'ai acheté.

Lyonnais92 · Answer

Re,

alors je crois que ta protection est bonne.

Mettre à jour l'OS, le navigateur, les grands logiiciels (console java, adobe reader, ...)

scanner régulièrement (antivrius et antispyware)

Pas de P2P illicite, méfiance sur les courriels bizarres, ne jamais donner ses mots de passe, son MSN, ses coordonnés ban,caires.

Tout ça sont des recommandations de bon sens qui évitent de venir nous voir.

Bon surf.

moonoye · Answer

ok merci.

pour le reste oui c'est sure il faudrais etre fou! ^^,

Sinon opera continu a ce fermer, je vais regarder au niveau de l'antivirus...

Lyonnais92 · Answer

Re,

je reste disponible pour cette histoire de navigateur.

Probléme avec un Trojan.Peed .Gen sur hp

28 réponses

Votre réponse

Discussions similaires

Newsletters