maxr397

Ayant le même problème (3.12Go de disponible pour 4 Go d'installé) avec Seven (en 32 bits bien sur), j'ai un peu cherché et je suis tombé sur cette page . Les PAE est donc bien disponible pour Windows 7 32 bit et Windows Vista 32-bit. J'ai donc tenté de faire les modifs en fixant pae à ForceEnable mais cela n'a rien changé. Si quelqu'un a du nouveau à ce sujet je suis preneur.

ok, j'ai relancé un scan MBAM et kaspersky pour voir s'il ne reste rien.

voici le rapport: 2010/08/06 11:18:12.0297 TDSS rootkit removing tool 2.4.1.0 Aug 4 2010 15:06:41 2010/08/06 11:18:12.0297 ================================================================================ 2010/08/06 11:18:12.0297 SystemInfo: 2010/08/06 11:18:12.0297 2010/08/06 11:18:12.0297 OS Version: 6.1.7600 ServicePack: 0.0 2010/08/06 11:18:12.0297 Product type: Workstation 2010/08/06 11:18:12.0297 ComputerName: MARSALIS 2010/08/06 11:18:12.0298 UserName: maxime 2010/08/06 11:18:12.0298 Windows directory: C:\Windows 2010/08/06 11:18:12.0298 System windows directory: C:\Windows 2010/08/06 11:18:12.0298 Processor architecture: Intel x86 2010/08/06 11:18:12.0298 Number of processors: 4 2010/08/06 11:18:12.0298 Page size: 0x1000 2010/08/06 11:18:12.0298 Boot type: Normal boot 2010/08/06 11:18:12.0298 ================================================================================ 2010/08/06 11:18:12.0650 Initialize success 2010/08/06 11:18:21.0515 ================================================================================ 2010/08/06 11:18:21.0515 Scan started 2010/08/06 11:18:21.0515 Mode: Manual; 2010/08/06 11:18:21.0515 ================================================================================ 2010/08/06 11:18:21.0762 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 2010/08/06 11:18:21.0775 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 2010/08/06 11:18:21.0787 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 2010/08/06 11:18:21.0809 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2010/08/06 11:18:21.0829 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2010/08/06 11:18:21.0849 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2010/08/06 11:18:21.0873 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys 2010/08/06 11:18:21.0888 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 2010/08/06 11:18:21.0902 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2010/08/06 11:18:21.0915 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 2010/08/06 11:18:21.0933 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 2010/08/06 11:18:21.0949 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 2010/08/06 11:18:21.0960 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2010/08/06 11:18:21.0970 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2010/08/06 11:18:21.0982 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys 2010/08/06 11:18:21.0994 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2010/08/06 11:18:22.0005 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys 2010/08/06 11:18:22.0017 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 2010/08/06 11:18:22.0036 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2010/08/06 11:18:22.0047 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2010/08/06 11:18:22.0068 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/08/06 11:18:22.0078 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 2010/08/06 11:18:22.0136 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys 2010/08/06 11:18:22.0202 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2010/08/06 11:18:22.0220 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2010/08/06 11:18:22.0239 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2010/08/06 11:18:22.0257 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2010/08/06 11:18:22.0270 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys 2010/08/06 11:18:22.0282 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2010/08/06 11:18:22.0292 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2010/08/06 11:18:22.0307 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2010/08/06 11:18:22.0320 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2010/08/06 11:18:22.0329 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2010/08/06 11:18:22.0342 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2010/08/06 11:18:22.0354 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2010/08/06 11:18:22.0372 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2010/08/06 11:18:22.0387 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 2010/08/06 11:18:22.0405 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2010/08/06 11:18:22.0423 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2010/08/06 11:18:22.0446 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/08/06 11:18:22.0461 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 2010/08/06 11:18:22.0490 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2010/08/06 11:18:22.0501 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2010/08/06 11:18:22.0512 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 2010/08/06 11:18:22.0526 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2010/08/06 11:18:22.0546 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 2010/08/06 11:18:22.0569 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys 2010/08/06 11:18:22.0595 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2010/08/06 11:18:22.0612 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2010/08/06 11:18:22.0628 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys 2010/08/06 11:18:22.0637 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2010/08/06 11:18:22.0654 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys 2010/08/06 11:18:22.0703 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2010/08/06 11:18:22.0751 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2010/08/06 11:18:22.0768 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 2010/08/06 11:18:22.0788 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2010/08/06 11:18:22.0803 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2010/08/06 11:18:22.0819 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2010/08/06 11:18:22.0834 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2010/08/06 11:18:22.0847 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2010/08/06 11:18:22.0859 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/08/06 11:18:22.0870 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2010/08/06 11:18:22.0897 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2010/08/06 11:18:22.0908 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2010/08/06 11:18:22.0931 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 2010/08/06 11:18:22.0953 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2010/08/06 11:18:22.0968 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2010/08/06 11:18:22.0980 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 2010/08/06 11:18:22.0994 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/08/06 11:18:23.0007 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2010/08/06 11:18:23.0017 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2010/08/06 11:18:23.0028 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2010/08/06 11:18:23.0042 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 2010/08/06 11:18:23.0065 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 2010/08/06 11:18:23.0079 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 2010/08/06 11:18:23.0098 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 2010/08/06 11:18:23.0112 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/08/06 11:18:23.0125 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys 2010/08/06 11:18:23.0140 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2010/08/06 11:18:23.0157 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 2010/08/06 11:18:23.0168 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2010/08/06 11:18:23.0180 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/08/06 11:18:23.0193 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2010/08/06 11:18:23.0205 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2010/08/06 11:18:23.0217 irda (9f7e491fb0ba0f9e370163834fc1fe31) C:\Windows\system32\DRIVERS\irda.sys 2010/08/06 11:18:23.0230 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2010/08/06 11:18:23.0246 irsir (5896b5ff6332ab2be1582523e9656a67) C:\Windows\system32\DRIVERS\irsir.sys 2010/08/06 11:18:23.0258 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 2010/08/06 11:18:23.0269 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/08/06 11:18:23.0288 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/08/06 11:18:23.0302 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/08/06 11:18:23.0319 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys 2010/08/06 11:18:23.0332 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys 2010/08/06 11:18:23.0354 KLIF (998ec9c7f4ea3fc64e442e96a4ae2367) C:\Windows\system32\DRIVERS\klif.sys 2010/08/06 11:18:23.0378 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys 2010/08/06 11:18:23.0398 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys 2010/08/06 11:18:23.0409 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys 2010/08/06 11:18:23.0419 KSecPkg (330e54c07d87fb1a3752e9d239cf9540) C:\Windows\system32\Drivers\ksecpkg.sys 2010/08/06 11:18:23.0420 Suspicious file (Forged): C:\Windows\system32\Drivers\ksecpkg.sys. Real md5: 330e54c07d87fb1a3752e9d239cf9540, Fake md5: 365c6154bbbc5377173f1ca7bfb6cc59 2010/08/06 11:18:23.0420 KSecPkg - detected Rootkit.Win32.TDSS.tdl3 (0) 2010/08/06 11:18:23.0442 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/08/06 11:18:23.0464 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2010/08/06 11:18:23.0475 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2010/08/06 11:18:23.0486 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2010/08/06 11:18:23.0498 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2010/08/06 11:18:23.0510 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2010/08/06 11:18:23.0528 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\Windows\system32\drivers\mbamswissarmy.sys 2010/08/06 11:18:23.0540 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2010/08/06 11:18:23.0552 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2010/08/06 11:18:23.0567 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2010/08/06 11:18:23.0577 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2010/08/06 11:18:23.0587 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2010/08/06 11:18:23.0599 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2010/08/06 11:18:23.0614 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 2010/08/06 11:18:23.0627 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 2010/08/06 11:18:23.0639 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2010/08/06 11:18:23.0654 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 2010/08/06 11:18:23.0666 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/08/06 11:18:23.0679 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/08/06 11:18:23.0697 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/08/06 11:18:23.0709 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 2010/08/06 11:18:23.0719 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 2010/08/06 11:18:23.0741 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2010/08/06 11:18:23.0753 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2010/08/06 11:18:23.0766 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 2010/08/06 11:18:23.0783 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2010/08/06 11:18:23.0796 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/08/06 11:18:23.0810 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2010/08/06 11:18:23.0830 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2010/08/06 11:18:23.0849 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/08/06 11:18:23.0868 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2010/08/06 11:18:23.0883 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2010/08/06 11:18:23.0898 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2010/08/06 11:18:23.0919 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2010/08/06 11:18:23.0939 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 2010/08/06 11:18:23.0956 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2010/08/06 11:18:23.0966 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/08/06 11:18:23.0981 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/08/06 11:18:23.0992 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/08/06 11:18:24.0005 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 2010/08/06 11:18:24.0025 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2010/08/06 11:18:24.0043 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 2010/08/06 11:18:24.0068 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2010/08/06 11:18:24.0081 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2010/08/06 11:18:24.0101 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2010/08/06 11:18:24.0129 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys 2010/08/06 11:18:24.0153 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2010/08/06 11:18:24.0168 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys 2010/08/06 11:18:24.0180 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys 2010/08/06 11:18:24.0193 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 2010/08/06 11:18:24.0207 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/08/06 11:18:24.0227 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2010/08/06 11:18:24.0241 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 2010/08/06 11:18:24.0252 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2010/08/06 11:18:24.0268 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 2010/08/06 11:18:24.0278 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 2010/08/06 11:18:24.0289 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2010/08/06 11:18:24.0301 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2010/08/06 11:18:24.0317 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2010/08/06 11:18:24.0371 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2010/08/06 11:18:24.0383 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2010/08/06 11:18:24.0403 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2010/08/06 11:18:24.0428 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2010/08/06 11:18:24.0450 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2010/08/06 11:18:24.0463 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2010/08/06 11:18:24.0474 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2010/08/06 11:18:24.0484 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2010/08/06 11:18:24.0500 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/08/06 11:18:24.0517 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/08/06 11:18:24.0528 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2010/08/06 11:18:24.0540 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 2010/08/06 11:18:24.0552 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2010/08/06 11:18:24.0562 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/08/06 11:18:24.0576 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 2010/08/06 11:18:24.0593 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2010/08/06 11:18:24.0606 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2010/08/06 11:18:24.0620 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 2010/08/06 11:18:24.0636 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 2010/08/06 11:18:24.0662 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2010/08/06 11:18:24.0675 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys 2010/08/06 11:18:24.0688 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 2010/08/06 11:18:24.0702 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 2010/08/06 11:18:24.0716 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 2010/08/06 11:18:24.0740 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/08/06 11:18:24.0763 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2010/08/06 11:18:24.0777 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2010/08/06 11:18:24.0791 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2010/08/06 11:18:24.0813 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 2010/08/06 11:18:24.0822 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2010/08/06 11:18:24.0832 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys 2010/08/06 11:18:24.0842 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2010/08/06 11:18:24.0857 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 2010/08/06 11:18:24.0869 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2010/08/06 11:18:24.0880 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2010/08/06 11:18:24.0892 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2010/08/06 11:18:24.0911 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2010/08/06 11:18:24.0939 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys 2010/08/06 11:18:24.0940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505 2010/08/06 11:18:24.0940 sptd - detected Locked file (1) 2010/08/06 11:18:24.0952 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys 2010/08/06 11:18:24.0968 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys 2010/08/06 11:18:24.0985 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys 2010/08/06 11:18:25.0000 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys 2010/08/06 11:18:25.0012 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2010/08/06 11:18:25.0027 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 2010/08/06 11:18:25.0041 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 2010/08/06 11:18:25.0066 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2010/08/06 11:18:25.0103 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys 2010/08/06 11:18:25.0136 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys 2010/08/06 11:18:25.0152 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 2010/08/06 11:18:25.0168 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 2010/08/06 11:18:25.0178 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 2010/08/06 11:18:25.0193 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 2010/08/06 11:18:25.0208 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 2010/08/06 11:18:25.0239 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/08/06 11:18:25.0254 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 2010/08/06 11:18:25.0269 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2010/08/06 11:18:25.0284 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 2010/08/06 11:18:25.0314 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 2010/08/06 11:18:25.0329 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 2010/08/06 11:18:25.0339 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2010/08/06 11:18:25.0358 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/08/06 11:18:25.0376 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 2010/08/06 11:18:25.0393 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 2010/08/06 11:18:25.0406 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys 2010/08/06 11:18:25.0416 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 2010/08/06 11:18:25.0426 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2010/08/06 11:18:25.0438 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/08/06 11:18:25.0448 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/08/06 11:18:25.0464 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 2010/08/06 11:18:25.0478 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/08/06 11:18:25.0489 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2010/08/06 11:18:25.0500 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 2010/08/06 11:18:25.0512 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 2010/08/06 11:18:25.0525 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2010/08/06 11:18:25.0535 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 2010/08/06 11:18:25.0547 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 2010/08/06 11:18:25.0559 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 2010/08/06 11:18:25.0569 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 2010/08/06 11:18:25.0581 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2010/08/06 11:18:25.0600 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 2010/08/06 11:18:25.0614 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2010/08/06 11:18:25.0628 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2010/08/06 11:18:25.0645 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2010/08/06 11:18:25.0656 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2010/08/06 11:18:25.0659 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2010/08/06 11:18:25.0683 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2010/08/06 11:18:25.0698 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2010/08/06 11:18:25.0730 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2010/08/06 11:18:25.0741 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2010/08/06 11:18:25.0775 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2010/08/06 11:18:25.0800 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/08/06 11:18:25.0823 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 2010/08/06 11:18:25.0836 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/08/06 11:18:25.0852 ================================================================================ 2010/08/06 11:18:25.0852 Scan finished 2010/08/06 11:18:25.0852 ================================================================================ 2010/08/06 11:18:25.0858 Detected object count: 2 2010/08/06 11:19:17.0192 KSecPkg (330e54c07d87fb1a3752e9d239cf9540) C:\Windows\system32\Drivers\ksecpkg.sys 2010/08/06 11:19:17.0193 Suspicious file (Forged): C:\Windows\system32\Drivers\ksecpkg.sys. Real md5: 330e54c07d87fb1a3752e9d239cf9540, Fake md5: 365c6154bbbc5377173f1ca7bfb6cc59 2010/08/06 11:19:17.0243 Backup copy found, using it.. 2010/08/06 11:19:17.0260 C:\Windows\system32\Drivers\ksecpkg.sys - will be cured after reboot 2010/08/06 11:19:17.0260 Rootkit.Win32.TDSS.tdl3(KSecPkg) - User select action: Cure 2010/08/06 11:19:17.0260 Locked file(sptd) - User select action: Skip 2010/08/06 11:19:20.0257 Deinitialize success encore merci pour ton aide. J'espère pouvoir corriger ce problème d'ici ce soir...

Hello, j'ai du nouveau: kaspersky m'a détecté un virus, Rootkit.Win32.TDSS.d. J'ai donc fait la procédure spéciale de réparation, réparé et redémarrer, 2 fois de suite, mais cela n'a rien donné. A la troisième détection j'ai donc choisi "Ne pas exécuter" afin de continuer le scan. Voici le rapport kaspersky : Analyse Complète: arrêtée : il y a 36 minutes (événements : 2, objets : 0, durée : 00:15:40) 06.08.2010 10:14:35 Détectés: Rootkit.Win32.TDSS.d System Memory 06.08.2010 10:19:25 Détectés: Rootkit.Win32.TDSS.d System Memory Réparation des menaces actives: terminée : il y a 53 minutes (événements : 3, objets : 6374, durée : 00:01:17) 06.08.2010 10:16:24 Détectés: Rootkit.Win32.TDSS.d System Memory 06.08.2010 10:16:24 Non réparés: Rootkit.Win32.TDSS.d System Memory Ne peut être réparé 06.08.2010 10:16:24 Non réparés: Rootkit.Win32.TDSS.d System Memory Ignoré par l'utilisateur Réparation des menaces actives: terminée : il y a 34 minutes (événements : 3, objets : 6604, durée : 00:01:22) 06.08.2010 10:35:05 Détectés: Rootkit.Win32.TDSS.d System Memory 06.08.2010 10:35:05 Non réparés: Rootkit.Win32.TDSS.d System Memory Ne peut être réparé 06.08.2010 10:35:05 Non réparés: Rootkit.Win32.TDSS.d System Memory Ignoré par l'utilisateur Analyse Complète: terminée : il y a 1 minute (événements : 2, objets : 1210937, durée : 00:29:34) 06.08.2010 10:39:51 Détectés: Rootkit.Win32.TDSS.d System Memory 06.08.2010 10:39:55 Non réparés: Rootkit.Win32.TDSS.d System Memory Reporté

J'ai fait l'analyse et à part des recommandations pour IE (liste des exclusions, page de démarrage, etc.), elle ne m'a rien apporté. L'ordinateur se comporte mieux, j'attends de voir si l'option de windows update se change à nouveau. Encore une fois merci pour ton aide.

J'ai donc compacté tous les dossiers mais je suis assez surpris par le comportement de Thunderbird (merci du conseil). Je viens de terminer le scan avec Kaspersky dont voici le rapport (il n'a rien trouvé) Analyse Complète: terminée : il y a 16 minutes (événements : 426, objets : 1138932, durée : 00:33:07) 05.08.2010 13:52:09 Fin de la tâche 05.08.2010 13:44:17 Compacté: Com2Exe C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_share.exe_bbb4488d/ExePack 05.08.2010 13:44:17 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_share.exe_bbb4488d 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_nlsfunc.exe_68d576d3 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_mem.exe_e5748c01 05.08.2010 13:44:16 Compacté: Com2Exe C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_fastopen.exe_34b8aa0e/ExePack 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_fastopen.exe_34b8aa0e 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_exe2bin.exe_584b170f 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_edlin.exe_420aa87c 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_edit.com_fc89ce91 05.08.2010 13:44:16 Compacté: ExePack C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7600.16385_none_fde3cf3dd3e16d0d_debug.exe_bdafe3af 05.08.2010 13:40:32 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\netnvmx.inf_x86_neutral_7af3f06863f3b983\nvm60x32.sys 05.08.2010 13:40:32 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\netefe32.inf_x86_neutral_9590f3b23d1d64f3\e100b325.sys 05.08.2010 13:40:32 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\net8185.inf_x86_neutral_20a13cfe2956ed8a\RTL85n86.sys 05.08.2010 13:40:31 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\net44x32.inf_x86_neutral_70a6663fd52fa256\bcm4sbxp.sys 05.08.2010 13:40:27 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\mdmcxav3.inf_x86_neutral_3c9275be906b01dd\VSTVIA3.SYS 05.08.2010 13:40:27 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\mdmcxav3.inf_x86_neutral_3c9275be906b01dd\VSTSIS3.SYS 05.08.2010 13:40:27 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\mdmcxav3.inf_x86_neutral_3c9275be906b01dd\VSTICH3.SYS 05.08.2010 13:40:26 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\mdmcxav3.inf_x86_neutral_3c9275be906b01dd\VSTATI3.SYS 05.08.2010 13:40:26 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\mdmcxav3.inf_x86_neutral_3c9275be906b01dd\VSTALI3.SYS 05.08.2010 13:40:25 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\mdmagrm.inf_x86_neutral_8ff94c5737626019\ltmdmnt.sys 05.08.2010 13:40:19 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\djsvs.inf_x86_neutral_836a3a3240941631\djsvs.sys 05.08.2010 13:40:19 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\dimaint.sys 05.08.2010 13:40:19 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\dicowan.sys 05.08.2010 13:40:18 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\dicapi.sys 05.08.2010 13:40:16 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\dc21x4vm.inf_x86_neutral_8887242a56ee027e\dc21x4vm.sys 05.08.2010 13:40:13 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\brmfcwia.inf_x86_neutral_2d38149df9cd17c4\BrUsbScn.sys 05.08.2010 13:40:13 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\brmfcwia.inf_x86_neutral_2d38149df9cd17c4\BrParImg.sys 05.08.2010 13:40:12 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\brmfcmf.inf_x86_neutral_33717b093227cd8c\BrParwdm.sys 05.08.2010 13:40:12 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\brmfcmf.inf_x86_neutral_33717b093227cd8c\BrFilt.sys 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\avmisdnc.inf_x86_neutral_e8031e434b323b61\fxusbase.sys 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\avmisdnc.inf_x86_neutral_e8031e434b323b61\fus2base.sys 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\avmisdnc.inf_x86_neutral_e8031e434b323b61\fpcmbase.sys 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\avmisdnc.inf_x86_neutral_e8031e434b323b61\fpcibase.sys 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\avmisdnc.inf_x86_neutral_e8031e434b323b61\b1cbase.sys 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\avmisdnc.inf_x86_neutral_e8031e434b323b61\avmcowan.sys 05.08.2010 13:40:11 Compacté: MIME.Broken C:\Windows\System32\DriverStore\FileRepository\atiriolh.inf_x86_neutral_cdb610d99bcbc631\CTRL.s3 05.08.2010 13:40:11 Compacté: PE_Patch C:\Windows\System32\DriverStore\FileRepository\atiriolh.inf_x86_neutral_cdb610d99bcbc631\atinavrr.sys 05.08.2010 13:40:00 Compacté: VBSComment C:\Windows\Installer\ca7136.msi/Data1.cab/test_errno.py.0160FC08_F3D9_4869_9D41_C611C16F42D5 05.08.2010 13:39:53 Compacté: PECompact C:\Windows\System32\Adobe\Shockwave 11\gt.exe/PE_Patch.PECompact/PecBundle 05.08.2010 13:39:53 Compacté: PecBundle C:\Windows\System32\Adobe\Shockwave 11\gt.exe/PE_Patch.PECompact 05.08.2010 13:39:53 Compacté: PE_Patch.PECompact C:\Windows\System32\Adobe\Shockwave 11\gt.exe 05.08.2010 13:39:52 Compacté: PECompact C:\Windows\Installer\ca714b.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:39:52 Compacté: PecBundle C:\Windows\Installer\ca714b.msi/ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:39:52 Compacté: PE_Patch.PECompact C:\Windows\Installer\ca714b.msi/ISSetup.dll 05.08.2010 13:39:47 Compacté: Com2Exe C:\Windows\System32\share.exe/ExePack 05.08.2010 13:39:47 Compacté: ExePack C:\Windows\System32\share.exe 05.08.2010 13:39:43 Compacté: ExePack C:\Windows\System32\nlsfunc.exe 05.08.2010 13:39:40 Compacté: ExePack C:\Windows\System32\mem.exe 05.08.2010 13:39:35 Compacté: Com2Exe C:\Windows\System32\fastopen.exe/ExePack 05.08.2010 13:39:35 Compacté: ExePack C:\Windows\System32\fastopen.exe 05.08.2010 13:39:35 Compacté: ExePack C:\Windows\System32\exe2bin.exe 05.08.2010 13:39:35 Compacté: ExePack C:\Windows\System32\edlin.exe 05.08.2010 13:39:34 Compacté: ExePack C:\Windows\System32\debug.exe 05.08.2010 13:39:34 Compacté: PECompact C:\Windows\Installer\ca7147.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:39:34 Compacté: PecBundle C:\Windows\Installer\ca7147.msi/ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:39:34 Compacté: PE_Patch.PECompact C:\Windows\Installer\ca7147.msi/ISSetup.dll 05.08.2010 13:39:00 Compacté: PECompact C:\Windows\Installer\ca7136.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:38:59 Compacté: PecBundle C:\Windows\Installer\ca7136.msi/ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:38:59 Compacté: PE_Patch.PECompact C:\Windows\Installer\ca7136.msi/ISSetup.dll 05.08.2010 13:38:59 Compacté: PECompact C:\Windows\Installer\ca6e9b.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:38:59 Compacté: PecBundle C:\Windows\Installer\ca6e9b.msi/ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:38:59 Compacté: PE_Patch.PECompact C:\Windows\Installer\ca6e9b.msi/ISSetup.dll 05.08.2010 13:38:57 Compacté: Swf2Swc C:\Windows\Installer\28de48.msi/Data1.cab/MEDIAPLAYER_UA_FILE_ID/public_html/soundmanager2_flash9.swf 05.08.2010 13:38:57 Compacté: Swf2Swc C:\Windows\Installer\28de48.msi/Data1.cab/MEDIAPLAYER_UA_FILE_ID/public_html/soundmanager2wii.swf 05.08.2010 13:38:57 Compacté: Swf2Swc C:\Windows\Installer\28de48.msi/Data1.cab/MEDIAPLAYER_UA_FILE_ID/public_html/soundmanager2.swf 05.08.2010 13:38:57 Compacté: Swf2Swc C:\Windows\Installer\28de48.msi/Data1.cab/MEDIAPLAYER_UA_FILE_ID/public_html/MessageProxy.swf 05.08.2010 13:38:53 Compacté: ASPack C:\Windows\Installer\28de48.msi/Data1.cab/NETSCAPE_EXE_FILE_ID 05.08.2010 13:38:53 Compacté: UPX C:\Windows\Installer\28de48.msi/Data1.cab/OUNIANSI_DLL_FILE_ID/PE_Patch.UPX 05.08.2010 13:38:53 Compacté: PE_Patch.UPX C:\Windows\Installer\28de48.msi/Data1.cab/OUNIANSI_DLL_FILE_ID 05.08.2010 13:38:51 Compacté: UPX C:\Windows\Installer\28de48.msi/Data1.cab/OPERA_DLL_FILE_ID/PE_Patch.UPX 05.08.2010 13:38:50 Compacté: PE_Patch.UPX C:\Windows\Installer\28de48.msi/Data1.cab/OPERA_DLL_FILE_ID 05.08.2010 13:38:48 Compacté: PECompact C:\Windows\Installer\1fe3414b.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:38:48 Compacté: PecBundle C:\Windows\Installer\1fe3414b.msi/ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:38:48 Compacté: PE_Patch.PECompact C:\Windows\Installer\1fe3414b.msi/ISSetup.dll 05.08.2010 13:37:45 Compacté: Swf2Swc C:\Users\****\workspace\****\****\images\.svn\text-base\open-flash-chart.swf.svn-base 05.08.2010 13:37:45 Compacté: Swf2Swc C:\Users\****\workspace\****\****\images\open-flash-chart.swf 05.08.2010 13:36:28 Compacté: UPX C:\Users\****\Downloads\HJTInstall.exe/#/PE_Patch.UPX 05.08.2010 13:36:28 Compacté: PECompact C:\Users\****\Downloads\Shockwave_Installer_Slim.exe/data0022/PE_Patch.PECompact/PecBundle 05.08.2010 13:36:28 Compacté: PE_Patch.UPX C:\Users\****\Downloads\HJTInstall.exe/# 05.08.2010 13:36:28 Compacté: PecBundle C:\Users\****\Downloads\Shockwave_Installer_Slim.exe/data0022/PE_Patch.PECompact 05.08.2010 13:36:28 Compacté: PE_Patch.PECompact C:\Users\****\Downloads\Shockwave_Installer_Slim.exe/data0022 05.08.2010 13:36:27 Compacté: UPX C:\Users\****\Downloads\HJTInstall.exe/data0000.res/PE_Patch.UPX 05.08.2010 13:36:27 Compacté: PE_Patch.UPX C:\Users\****\Downloads\HJTInstall.exe/data0000.res 05.08.2010 13:35:19 Compacté: ASProtect C:\Users\****\Documents\Plateforme_JAVA.zip/Plateforme_JAVA/EMS/PostgreSQL Manager 3 Lite/Upgrade.exe/PE_Patch 05.08.2010 13:35:19 Compacté: PE_Patch C:\Users\****\Documents\Plateforme_JAVA.zip/Plateforme_JAVA/EMS/PostgreSQL Manager 3 Lite/Upgrade.exe 05.08.2010 13:35:18 Compacté: ASProtect C:\Users\****\Documents\Plateforme_JAVA.zip/Plateforme_JAVA/EMS/PostgreSQL Manager 3 Lite/PgManager.exe/PE_Patch 05.08.2010 13:35:18 Compacté: ASProtect C:\Users\****\Documents\Plateforme_JAVA\EMS\PostgreSQL Manager 3 Lite\PgManager.exe/PE_Patch 05.08.2010 13:35:17 Compacté: PE_Patch C:\Users\****\Documents\Plateforme_JAVA.zip/Plateforme_JAVA/EMS/PostgreSQL Manager 3 Lite/PgManager.exe 05.08.2010 13:35:17 Compacté: ASProtect C:\Users\****\Documents\Plateforme_JAVA\EMS\PostgreSQL Manager 3 Lite\Upgrade.exe/PE_Patch 05.08.2010 13:35:17 Compacté: PE_Patch C:\Users\****\Documents\Plateforme_JAVA\EMS\PostgreSQL Manager 3 Lite\PgManager.exe 05.08.2010 13:35:17 Compacté: PE_Patch C:\Users\****\Documents\Plateforme_JAVA\EMS\PostgreSQL Manager 3 Lite\Upgrade.exe 05.08.2010 13:31:53 Compacté: VBSComment C:\Users\****\Desktop\SPSS 17\SPSS 17 Setup.exe/WWD.cab/script_with_parameter.wwd 05.08.2010 13:31:51 Compacté: PE_Patch C:\Users\****\Desktop\SPSS 17\SPSS 17 Setup.exe/WindowsInstaller-KB893803-x86.exe 05.08.2010 13:31:51 Compacté: PECompact C:\Users\****\Desktop\SPSS 17\SPSS 17 Setup.exe/SPSS Statistics 17.0.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:31:51 Compacté: PecBundle C:\Users\****\Desktop\SPSS 17\SPSS 17 Setup.exe/SPSS Statistics 17.0.msi/ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:31:51 Compacté: PE_Patch.PECompact C:\Users\****\Desktop\SPSS 17\SPSS 17 Setup.exe/SPSS Statistics 17.0.msi/ISSetup.dll 05.08.2010 13:31:09 Compacté: UPX C:\Users\****\Documents\Downloads\utorrent.exe 05.08.2010 13:31:07 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/tools/ubcd2iso/mkisofs.exe 05.08.2010 13:31:06 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/gwscn511/GWSCAN.EXE 05.08.2010 13:31:06 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/gwscn315/gwscan.exe 05.08.2010 13:31:06 Compacté: Diet C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/gwscn315/gwscan.exe 05.08.2010 13:31:06 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/fprot/FPROT.EXE 05.08.2010 13:31:05 Compacté: PkLite C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/filelink/FILELINK.EXE 05.08.2010 13:31:05 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/fdisk/fdisk.exe/Apack 05.08.2010 13:31:05 Compacté: Apack C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/fdisk/fdisk.exe 05.08.2010 13:31:05 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/dlgdiag5/DLGDIAG5.EXE 05.08.2010 13:31:05 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/dlgdiag4/dlgdiag.exe 05.08.2010 13:31:05 Compacté: Com2Exe C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/diskman4/diskman4.exe/Apack 05.08.2010 13:31:05 Compacté: Apack C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/diskman4/diskman4.exe 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/copyrdma/copyr.exe 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/cmospwd/cmospwd.exe 05.08.2010 13:31:05 Compacté: ExePack C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/cdindex/cdi.exe 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/bughunt/LOCATE.COM 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/bughunt/BUGHUNT.EXE 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/bios/Bios.exe 05.08.2010 13:31:05 Compacté: WWPACK C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/bench/bench.exe 05.08.2010 13:31:05 Compacté: PkLite C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/atainf/scsiping.exe 05.08.2010 13:31:05 Compacté: PkLite C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/atainf/atainf09.exe 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/astra/astra.prg 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/astra/ASTRA32.DLL 05.08.2010 13:31:05 Compacté: Apack C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/astra/ASTRA.EXE 05.08.2010 13:31:05 Compacté: UPX C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/aida16/aida.exe 05.08.2010 13:31:04 Compacté: ExePack C:\Users\****\Documents\Downloads\ubcd411.zip/ubcd411.iso/dosapps/3dbench/3dbench.exe 05.08.2010 13:31:00 Compacté: UPX C:\Users\****\Documents\Downloads\Super_Pi.exe 05.08.2010 13:30:59 Compacté: PE_Patch C:\Users\****\Documents\Downloads\Silverlight.exe 05.08.2010 13:30:58 Compacté: PECompact C:\Users\****\Documents\Downloads\Shockwave_Installer_Slim.exe/data0022/PE_Patch.PECompact/PecBundle 05.08.2010 13:30:57 Compacté: PecBundle C:\Users\****\Documents\Downloads\Shockwave_Installer_Slim.exe/data0022/PE_Patch.PECompact 05.08.2010 13:30:57 Compacté: PE_Patch.PECompact C:\Users\****\Documents\Downloads\Shockwave_Installer_Slim.exe/data0022 05.08.2010 13:30:46 Compacté: PE_Patch C:\Users\****\Documents\Downloads\picasa36-setup.exe/data0000.res/data0000.res/data0022 05.08.2010 13:30:46 Compacté: PE_Patch C:\Users\****\Documents\Downloads\picasa36-setup.exe/data0000.res/data0000.res/data0011 05.08.2010 13:30:45 Compacté: UPX C:\Users\****\Documents\Downloads\pdfediteur!.exe/# 05.08.2010 13:30:44 Compacté: UPX C:\Users\****\Documents\Downloads\pdfediteur!.exe/data0000 05.08.2010 13:30:22 Compacté: UPX C:\Users\****\Desktop\SPSS 17\keygen.exe/PE_Patch.UPX 05.08.2010 13:30:22 Compacté: Swf2Swc C:\Users\****\Documents\4383.swf 05.08.2010 13:30:22 Compacté: PE_Patch.UPX C:\Users\****\Desktop\SPSS 17\keygen.exe 05.08.2010 13:29:57 Compacté: PE_Patch C:\Users\****\Desktop\office 2007\riz-office07sp1fr.iso/Enterpri.WW/EnterWW.cab/GROOVE.EXE 05.08.2010 13:29:51 Compacté: Swf2Swc C:\Users\****\Desktop\old Desktop\inter****-tomcat\images\flash\en\diaryExample.swf 05.08.2010 13:29:51 Compacté: Swf2Swc C:\Users\****\Desktop\old Desktop\inter****-tomcat\images\audio\xspf_player_slim.swf 05.08.2010 13:29:51 Compacté: Swf2Swc C:\Users\****\Desktop\old Desktop\inter****-tomcat\images\audio\mp3player.swf 05.08.2010 13:28:57 Compacté: Swf2Swc C:\Users\****\AppData\Local\Mozilla\Firefox\Profiles\maerialm.default\Cache\DA17B4E5d01 05.08.2010 13:28:55 Compacté: Edit C:\Users\****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EK710QSF\style[1].css 05.08.2010 13:28:55 Compacté: Swf2Swc C:\Users\****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EK710QSF\AE154A2D56898EAB1FD34E82ECD20[1].swf 05.08.2010 13:28:55 Compacté: Swf2Swc C:\Users\****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EK710QSF\1276001317_300x250_Boursorama_sansfrais[1].swf 05.08.2010 13:28:52 Compacté: PE_Patch C:\Users\****\Desktop\office 2007\add-in-odf-pour-microsoft-word_add-in_odf_pour_microsoft_word_francais_31748.exe/data0000.cab/office2003-kb907417sfxcab-ENU.exe 05.08.2010 13:28:51 Compacté: UPX C:\Users\****\Desktop\Mozilla\Thunderbird\Thunderbird Setup 3.0.exe/PE_Patch.UPX 05.08.2010 13:28:51 Compacté: PE_Patch.UPX C:\Users\****\Desktop\Mozilla\Thunderbird\Thunderbird Setup 3.0.exe 05.08.2010 13:28:51 Compacté: UPX C:\Users\****\Desktop\Mozilla\Thunderbird\Thunderbird Setup 2.0.0.23.exe/PE_Patch.UPX 05.08.2010 13:28:51 Compacté: PE_Patch.UPX C:\Users\****\Desktop\Mozilla\Thunderbird\Thunderbird Setup 2.0.0.23.exe 05.08.2010 13:28:47 Compacté: UPX C:\Users\****\Desktop\Mozilla\Sunbird\sunbird-0.9.en-US.win32.installer.exe 05.08.2010 13:28:43 Compacté: UPX C:\Users\****\Desktop\Mozilla\Firefox\Firefox Setup 3.6.3.exe/PE_Patch.UPX 05.08.2010 13:28:43 Compacté: PE_Patch.UPX C:\Users\****\Desktop\Mozilla\Firefox\Firefox Setup 3.6.3.exe 05.08.2010 13:28:41 Compacté: Swf2Swc C:\Users\****\workspace.zip/workspace/****/****/images/open-flash-chart.swf 05.08.2010 13:28:41 Compacté: Swf2Swc C:\Users\****\workspace.zip/workspace/****/****/images/.svn/text-base/open-flash-chart.swf.svn-base 05.08.2010 13:28:39 Compacté: UPX C:\Users\****\Desktop\Mozilla\Firefox\Firefox Setup 3.5.2.exe/PE_Patch.UPX 05.08.2010 13:28:39 Compacté: PE_Patch.UPX C:\Users\****\Desktop\Mozilla\Firefox\Firefox Setup 3.5.2.exe 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0199 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0194 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0188 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0183 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0178 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0174 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0164 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0159 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0154 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0199 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0151 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0141 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0137 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0194 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0188 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0125 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0183 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0178 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0121 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0112 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0174 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0164 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0109 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0159 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0101 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0154 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0151 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0141 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0098 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0137 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0090 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0086 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0125 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0076 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.23-340.zip/cs2_setup.exe/data0069 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0121 05.08.2010 13:28:35 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0112 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0109 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0101 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0098 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0090 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0086 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0076 05.08.2010 13:28:34 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio2.22-335.zip/cs2_setup.exe/data0069 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0246 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0237 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0231 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0222 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0217 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0209 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0199 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0189 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0184 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0181 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0167 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0163 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0147 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0199 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0194 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0188 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0183 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0178 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0174 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0164 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0159 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0154 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0142 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0129 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0151 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0141 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0137 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0125 05.08.2010 13:28:32 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0125 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0113 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0121 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0112 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0109 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0097 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0093 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0079 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0109 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0101 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.25.zip/cs2_setup.exe/data0072 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0098 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0090 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0086 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0076 05.08.2010 13:28:31 Compacté: Swf2Swc C:\Users\****\Desktop\CaseStudio\casestudio-2.23.1-341.zip/cs2setup.exe/data0069 05.08.2010 13:27:53 Compacté: Edit C:\SVN\****\aes.war/WEB-INF/lib/svg.jar/dtds/svg-20001102.dtd 05.08.2010 13:27:53 Compacté: Edit C:\SVN\****\aes.war/WEB-INF/lib/svg.jar/dtds/svg-20000802.dtd 05.08.2010 13:27:53 Compacté: Edit C:\SVN\****\aes.war/WEB-INF/lib/svg.jar/dtds/svg-20000629.dtd 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\no\sarahStep2.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\no\example1step5a.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\nl\exampleEmotions_nl.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\nl\diaryExample.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\it\sarahStep2.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\fr\diaryExample.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\es\sarahStep2.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\en\diaryExample.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\flash\de\diaryExample.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\audio\xspf_player_slim.swf 05.08.2010 13:27:51 Compacté: Swf2Swc C:\Tomcat-5.0\webapps\****\images\audio\mp3player.swf 05.08.2010 13:27:46 Compacté: Edit C:\SVN\****\shg\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20001102.dtd 05.08.2010 13:27:46 Compacté: Edit C:\SVN\****\shg\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000802.dtd 05.08.2010 13:27:46 Compacté: Edit C:\SVN\****\shg\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000629.dtd 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\sv\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\sv\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\no\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\no\.svn\text-base\example1step5a.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\no\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\nl\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\no\example1step5a.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\nl\.svn\text-base\example1step5a.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\nl\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\it\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\nl\example1step5a.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\it\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\fr\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\fr\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\es\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\es\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\en\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\en\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\de\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\de\sarahStep2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\.svn\text-base\animsun3.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\.svn\text-base\animsun2.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\.svn\text-base\animsun.swf.svn-base 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\animsun3.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\animsun2.swf 05.08.2010 13:27:32 Compacté: Swf2Swc C:\SVN\****\shg\images\flash\animsun.swf 05.08.2010 13:27:27 Compacté: Swf2Swc C:\SVN\****\aes.war/images/flash/en/sarahStep2.swf 05.08.2010 13:27:27 Compacté: Swf2Swc C:\SVN\****\aes.war/images/flash/de/sarahStep2.swf 05.08.2010 13:27:27 Compacté: Swf2Swc C:\SVN\****\aes.war/images/flash/animsun3.swf 05.08.2010 13:27:27 Compacté: Swf2Swc C:\SVN\****\aes.war/images/flash/animsun2.swf 05.08.2010 13:27:27 Compacté: Swf2Swc C:\SVN\****\aes.war/images/flash/animsun.swf 05.08.2010 13:27:16 Compacté: Edit C:\SVN\****_PSH\****\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20001102.dtd 05.08.2010 13:27:16 Compacté: Edit C:\SVN\****_PSH\****\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000802.dtd 05.08.2010 13:27:16 Compacté: Edit C:\SVN\****_PSH\****\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000629.dtd 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\no\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\no\.svn\text-base\example1step5a.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\no\sarahStep2.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\no\example1step5a.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\nl\.svn\text-base\exampleEmotions_nl.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\nl\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\nl\exampleEmotions_nl.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\nl\diaryExample.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\it\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\it\sarahStep2.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\fr\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\es\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\fr\diaryExample.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\es\sarahStep2.swf 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\en\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:27:06 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\flash\en\diaryExample.swf 05.08.2010 13:27:05 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\audio\.svn\text-base\xspf_player_slim.swf.svn-base 05.08.2010 13:27:05 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\audio\.svn\text-base\mp3player.swf.svn-base 05.08.2010 13:27:05 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\audio\xspf_player_slim.swf 05.08.2010 13:27:05 Compacté: Swf2Swc C:\SVN\****_PSH\****\images\audio\mp3player.swf 05.08.2010 13:27:00 Compacté: Edit C:\SVN\****\inter****.war/WEB-INF/lib/svg.jar/dtds/svg-20001102.dtd 05.08.2010 13:27:00 Compacté: Edit C:\SVN\****\inter****.war/WEB-INF/lib/svg.jar/dtds/svg-20000802.dtd 05.08.2010 13:27:00 Compacté: Edit C:\SVN\****\inter****.war/WEB-INF/lib/svg.jar/dtds/svg-20000629.dtd 05.08.2010 13:26:52 Compacté: Edit C:\SVN\****\****\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20001102.dtd 05.08.2010 13:26:52 Compacté: Edit C:\SVN\****\****\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000802.dtd 05.08.2010 13:26:52 Compacté: Edit C:\SVN\****\****\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000629.dtd 05.08.2010 13:26:44 Compacté: Edit C:\SVN\****\jeu\WEB-INF\lib\svg.jar/dtds/svg-20001102.dtd 05.08.2010 13:26:44 Compacté: Edit C:\SVN\****\jeu\WEB-INF\lib\svg.jar/dtds/svg-20000802.dtd 05.08.2010 13:26:44 Compacté: Edit C:\SVN\****\jeu\WEB-INF\lib\svg.jar/dtds/svg-20000629.dtd 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\no\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\no\.svn\text-base\example1step5a.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\no\sarahStep2.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\no\example1step5a.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\nl\.svn\text-base\exampleEmotions_nl.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\nl\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\it\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\nl\exampleEmotions_nl.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\nl\diaryExample.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\it\sarahStep2.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\fr\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\fr\diaryExample.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\es\.svn\text-base\sarahStep2.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\en\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\es\sarahStep2.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\en\diaryExample.swf 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\de\.svn\text-base\diaryExample.swf.svn-base 05.08.2010 13:26:31 Compacté: Swf2Swc C:\SVN\****\****\images\flash\de\diaryExample.swf 05.08.2010 13:26:30 Compacté: Swf2Swc C:\SVN\****\****\images\audio\.svn\text-base\xspf_player_slim.swf.svn-base 05.08.2010 13:26:30 Compacté: Swf2Swc C:\SVN\****\****\images\audio\.svn\text-base\mp3player.swf.svn-base 05.08.2010 13:26:30 Compacté: Swf2Swc C:\SVN\****\****\images\audio\xspf_player_slim.swf 05.08.2010 13:26:30 Compacté: Swf2Swc C:\SVN\****\****\images\audio\mp3player.swf 05.08.2010 13:26:29 Compacté: Swf2Swc C:\SVN\****\inter****.war/images/flash/en/diaryExample.swf 05.08.2010 13:26:29 Compacté: Swf2Swc C:\SVN\****\inter****.war/images/audio/xspf_player_slim.swf 05.08.2010 13:26:29 Compacté: Swf2Swc C:\SVN\****\inter****.war/images/audio/mp3player.swf 05.08.2010 13:26:19 Compacté: Edit C:\SVN\****\jeu\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20001102.dtd 05.08.2010 13:26:19 Compacté: Edit C:\SVN\****\jeu\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000802.dtd 05.08.2010 13:26:19 Compacté: Edit C:\SVN\****\jeu\WEB-INF\lib\.svn\text-base\svg.jar.svn-base/dtds/svg-20000629.dtd 05.08.2010 13:26:07 Compacté: Swf2Swc C:\SVN\****\jeu\images\flash\fr\.svn\text-base\cerveauArrow.swf.svn-base 05.08.2010 13:26:07 Compacté: Swf2Swc C:\SVN\****\jeu\images\flash\fr\cerveauArrow.swf 05.08.2010 13:26:07 Compacté: Swf2Swc C:\SVN\****\jeu\images\flash\fr\.svn\text-base\intro.swf.svn-base 05.08.2010 13:26:07 Compacté: Swf2Swc C:\SVN\****\jeu\images\flash\fr\intro.swf 05.08.2010 13:25:44 Compacté: UPX C:\Program Files\uTorrent\uTorrent.exe 05.08.2010 13:25:43 Compacté: UPX C:\Program Files\trend micro\****.exe/PE_Patch.UPX 05.08.2010 13:25:43 Compacté: PE_Patch.UPX C:\Program Files\trend micro\****.exe 05.08.2010 13:25:38 Compacté: VBSComment C:\Program Files\SPSSInc\Statistics17\Samples\Script with parameter.wwd 05.08.2010 13:25:20 Compacté: UPX C:\Program Files\SPSSInc\Statistics17\law.exe 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\SimpleBlue\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\SimpleBlue\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\SeptemberIE\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\SeptemberIE\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Printer\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Printer\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Mozilla\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Mozilla\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Fox\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Fox\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Cool\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Cool\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Classic\Yellow\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Classic\Yellow\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Classic\Violet\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Classic\Violet\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Classic\Green\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Classic\Green\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Aqua_yellow\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Aqua_yellow\leftFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Aqua_blue\topFrame.swf 05.08.2010 13:25:19 Compacté: Swf2Swc C:\Program Files\RKSoft\CASEStudio2\Styles\Aqua_blue\leftFrame.swf 05.08.2010 13:25:15 Compacté: Swf2Swc C:\Program Files\Opera\unite\mediaPlayer.ua/public_html/soundmanager2_flash9.swf 05.08.2010 13:25:15 Compacté: Swf2Swc C:\Program Files\Opera\unite\mediaPlayer.ua/public_html/soundmanager2wii.swf 05.08.2010 13:25:15 Compacté: Swf2Swc C:\Program Files\Opera\unite\mediaPlayer.ua/public_html/soundmanager2.swf 05.08.2010 13:25:15 Compacté: Swf2Swc C:\Program Files\Opera\unite\mediaPlayer.ua/public_html/MessageProxy.swf 05.08.2010 13:25:14 Compacté: UPX C:\Program Files\Opera\opera.dll/PE_Patch.UPX 05.08.2010 13:25:14 Compacté: ASPack C:\Program Files\Opera\program\netscape.exe 05.08.2010 13:25:13 Compacté: PE_Patch.UPX C:\Program Files\Opera\opera.dll 05.08.2010 13:25:13 Compacté: UPX C:\Program Files\Opera\OUniAnsi.dll/PE_Patch.UPX 05.08.2010 13:25:13 Compacté: PE_Patch.UPX C:\Program Files\Opera\OUniAnsi.dll 05.08.2010 13:24:12 Compacté: UPX C:\Program Files\InstallShield Installation Information\{F8855CFD-73C1-42E5-A431-78CAE7ACBBF1}\ISSetup.dll 05.08.2010 13:24:11 Compacté: UPX C:\Program Files\InstallShield Installation Information\{CC5EE390-9E19-496E-B776-0238620130D9}\ISSetup.dll 05.08.2010 13:24:11 Compacté: PECompact C:\Program Files\InstallShield Installation Information\{91029ED4-04B8-40EF-A70F-30C9AA538358}\ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:24:11 Compacté: PecBundle C:\Program Files\InstallShield Installation Information\{91029ED4-04B8-40EF-A70F-30C9AA538358}\ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:24:11 Compacté: PE_Patch.PECompact C:\Program Files\InstallShield Installation Information\{91029ED4-04B8-40EF-A70F-30C9AA538358}\ISSetup.dll 05.08.2010 13:24:11 Compacté: PECompact C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll/PE_Patch.PECompact/PecBundle 05.08.2010 13:24:11 Compacté: PecBundle C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll/PE_Patch.PECompact 05.08.2010 13:24:11 Compacté: PE_Patch.PECompact C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\ISSetup.dll 05.08.2010 13:24:11 Compacté: WiseSFXDropper C:\Program Files\InstallShield Installation Information\{682F7326-6DAF-4088-8313-23E7DA9F78E8}\SM\SPanel\Help\Flash_Shockwave_Full.exe/WiseSFXDropper/SHOCKWAVE_INSTALLER_FULL.EXE 05.08.2010 13:24:11 Compacté: WiseSFXDropper C:\Program Files\InstallShield Installation Information\{682F7326-6DAF-4088-8313-23E7DA9F78E8}\SM\SPanel\Help\Flash_Shockwave_Full.exe 05.08.2010 13:24:10 Compacté: UPX C:\Program Files\InstallShield Installation Information\{682F7326-6DAF-4088-8313-23E7DA9F78E8}\ISSetup.dll 05.08.2010 13:24:09 Compacté: WiseSFXDropper C:\Program Files\DELL\Dell 2335dn MFP\SPanel\Help\Flash_Shockwave_Full.exe/WiseSFXDropper/SHOCKWAVE_INSTALLER_FULL.EXE 05.08.2010 13:24:09 Compacté: WiseSFXDropper C:\Program Files\DELL\Dell 2335dn MFP\SPanel\Help\Flash_Shockwave_Full.exe 05.08.2010 13:24:01 Compacté: VBSComment C:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Python Libraries\Lib\test\test_errno.py 05.08.2010 13:23:31 Compacté: PE_Patch C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\WindowsInstallerKB893803v2x86.exe 05.08.2010 13:21:01 Compacté: Edit C:\Eclipse3.5\plugins\org.eclipse.datatools.sqltools.result.ui_1.0.1.v200908070830.jar/META-INF/ECLIPSEF.SF 05.08.2010 13:21:01 Compacté: Edit C:\Eclipse3.5\plugins\org.eclipse.datatools.sqltools.result.ui_1.0.0.v200906022302.jar/META-INF/ECLIPSEF.SF 05.08.2010 13:20:17 Compacté: PE_Patch C:\Program Files\DAEMON Tools Lite\Engine.dll/data0007.res 05.08.2010 13:20:15 Compacté: UPX C:\Users\****\Desktop\RSIT.exe/PE_Patch.UPX 05.08.2010 13:20:15 Compacté: PE_Patch.UPX C:\Users\****\Desktop\RSIT.exe 05.08.2010 13:20:14 Compacté: PECompact C:\Users\****\Desktop\OTM.exe/PE_Patch.PECompact/PecBundle 05.08.2010 13:20:14 Compacté: PecBundle C:\Users\****\Desktop\OTM.exe/PE_Patch.PECompact 05.08.2010 13:20:14 Compacté: PE_Patch.PECompact C:\Users\****\Desktop\OTM.exe 05.08.2010 13:19:23 Compacté: ExePack C:\Windows\System32\edit.com 05.08.2010 13:19:17 Compacté: PE_Patch C:\Windows\System32\drivers\nfrd960.sys 05.08.2010 13:19:16 Compacté: PE_Patch C:\Windows\System32\drivers\iirsp.sys/PE_Patch 05.08.2010 13:19:16 Compacté: PE_Patch C:\Windows\System32\drivers\iirsp.sys 05.08.2010 13:19:15 Compacté: PE_Patch C:\Windows\System32\drivers\djsvs.sys 05.08.2010 13:19:09 Non réparés: Rootkit.Win32.TDSS.d System Memory Reporté 05.08.2010 13:19:02 Détectés: Rootkit.Win32.TDSS.d System Memory 05.08.2010 13:19:02 Lancement de la tâche 05.08.2010 13:16:23 Tâche arrêtée 05.08.2010 13:16:09 Détectés: Rootkit.Win32.TDSS.d System Memory 05.08.2010 13:16:09 Lancement de la tâche Réparation des menaces actives: terminée : il y a 51 minutes (événements : 27, objets : 5736, durée : 00:01:01) 05.08.2010 13:17:24 Fin de la tâche 05.08.2010 13:17:11 Compacté: PE_Patch C:\Program Files\DAEMON Tools Lite\Engine.dll/data0007.res 05.08.2010 13:17:09 Compacté: UPX C:\Users\****\Desktop\RSIT.exe/PE_Patch.UPX 05.08.2010 13:17:09 Compacté: PE_Patch.UPX C:\Users\****\Desktop\RSIT.exe 05.08.2010 13:17:08 Compacté: PECompact C:\Users\****\Desktop\OTM.exe/PE_Patch.PECompact/PecBundle 05.08.2010 13:17:08 Compacté: PecBundle C:\Users\****\Desktop\OTM.exe/PE_Patch.PECompact 05.08.2010 13:17:08 Compacté: PE_Patch.PECompact C:\Users\****\Desktop\OTM.exe 05.08.2010 13:17:07 Compacté: UPX C:\Program Files\HijackThis\HijackThis.exe/PE_Patch.UPX 05.08.2010 13:17:07 Compacté: PE_Patch.UPX C:\Program Files\HijackThis\HijackThis.exe 05.08.2010 13:17:02 Compacté: ExePack C:\Windows\System32\edit.com 05.08.2010 13:16:59 Compacté: UPX C:\Program Files\trend micro\hijackthis.exe/PE_Patch.UPX 05.08.2010 13:16:59 Compacté: PE_Patch.UPX C:\Program Files\trend micro\hijackthis.exe 05.08.2010 13:16:55 Compacté: PE_Patch C:\Windows\System32\drivers\secdrv.sys 05.08.2010 13:16:54 Compacté: PE_Patch C:\Windows\System32\drivers\nfrd960.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\iirsp.sys/PE_Patch 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\iirsp.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\BrUsbSer.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\BrUsbMdm.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\BrSerWdm.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\BrSerId.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\BrFiltUp.sys 05.08.2010 13:16:53 Compacté: PE_Patch C:\Windows\System32\drivers\BrFiltLo.sys 05.08.2010 13:16:52 Compacté: PE_Patch C:\Windows\System32\drivers\djsvs.sys 05.08.2010 13:16:23 Non réparés: Rootkit.Win32.TDSS.d System Memory Ignoré par l'utilisateur 05.08.2010 13:16:23 Non réparés: Rootkit.Win32.TDSS.d System Memory Ne peut être réparé 05.08.2010 13:16:23 Détectés: Rootkit.Win32.TDSS.d System Memory 05.08.2010 13:16:23 Lancement de la tâche Analyse des objets de démarrage: terminée : il y a 12 minutes (événements : 9, objets : 1641, durée : 00:02:48) 05.08.2010 13:56:22 Fin de la tâche 05.08.2010 13:55:10 Compacté: PE_Patch C:\Program Files\DAEMON Tools Lite\Engine.dll/data0007.res 05.08.2010 13:55:09 Compacté: UPX C:\Program Files\Opera\opera.dll/PE_Patch.UPX 05.08.2010 13:55:08 Compacté: PE_Patch.UPX C:\Program Files\Opera\opera.dll 05.08.2010 13:54:53 Compacté: PECompact C:\Users\****\Desktop\OTM.exe/PE_Patch.PECompact/PecBundle 05.08.2010 13:54:53 Compacté: PecBundle C:\Users\****\Desktop\OTM.exe/PE_Patch.PECompact 05.08.2010 13:54:53 Compacté: PE_Patch.PECompact C:\Users\****\Desktop\OTM.exe 05.08.2010 13:53:51 Compacté: PE_Patch C:\Windows\System32\drivers\djsvs.sys 05.08.2010 13:53:34 Lancement de la tâche Analyse Complète: terminée : il y a 1 minute (événements : 3, objets : 228230, durée : 00:08:10) 05.08.2010 13:59:08 Lancement de la tâche 05.08.2010 14:02:36 Compacté: Swf2Swc C:\Users\****\AppData\Local\Mozilla\Firefox\Profiles\maerialm.default\Cache\E9F24FC0d01 05.08.2010 14:07:18 Fin de la tâche

effectivement, le Windows 7 Professional Service Pack 2 est assez étonnant. Quand je fait clique droit sur le poste de travail puis propriété il m'indique bien Windows 7 Professional. Voici le rapport OTM All processes killed Error: Unable to interpret <Go> in the current context! ========== FILES ========== C:\Windows\tasks\At1.job moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 50465 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: **** ->Temp folder emptied: 54213 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 7510902 bytes ->Flash cache emptied: 434 bytes User: **** ->Temp folder emptied: 354137515 bytes ->Temporary Internet Files folder emptied: 1992263 bytes ->FireFox cache emptied: 50763330 bytes User: **** ->Temp folder emptied: 1187009808 bytes ->Temporary Internet Files folder emptied: 87022172 bytes ->Java cache emptied: 455194 bytes ->FireFox cache emptied: 72443365 bytes ->Apple Safari cache emptied: 16463872 bytes ->Opera cache emptied: 13384627 bytes ->Flash cache emptied: 18348 bytes User: Public User: tmp ->Temp folder emptied: 35201 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 9327136 bytes RecycleBin emptied: 178285469 bytes Total Files Cleaned = 1'887.00 mb OTM by OldTimer - Version 3.1.15.0 log created on 08052010_084155 et le rapport Kaspersky (assez fourni) -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Thursday, August 5, 2010 Operating system: Microsoft Professional (build 7600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Thursday, August 05, 2010 02:32:08 Records in database: 4149482 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: C:\ D:\ Scan statistics: Objects scanned: 224945 Threats found: 91 Infected objects found: 1122 Suspicious objects found: 6 Scan duration: 02:21:02 File name / Threat / Threats count C:\Program Files\UltraVNC\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.gc 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Backdoor.Win32.Bredolab.bmi 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Packed.Win32.Krap.x 122 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Backdoor.Win32.Bredolab.btd 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Suspicious: Trojan-Spy.HTML.Fraud.gen 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Piker.brn 6 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Agent.dadz 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Genome.agbv 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Backdoor.Win32.Bredolab.cbb 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Genome.agcz 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Dropper.Win32.Agent.blhj 7 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Genome.agft 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Genome.agqa 6 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan.Win32.Pakes.nwx 7 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan.Win32.Pakes.nxe 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Backdoor.Win32.Small.iul 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan.Win32.Pakes.nxg 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan.Win32.Refroso.amdh 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Genome.ahet 14 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Downloader.Win32.Genome.ahoo 9 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Dropper.Win32.Agent.blua 9 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Dropper.Win32.Agent.bluf 10 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Backdoor.Win32.Bredolab.cfq 5 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX Infected: Trojan-Dropper.Win32.Agent.blwl 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Tdss.belr 17 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Tdss.beln 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Tdss.belo 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Agent.eefi 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.VBKrypt.zd 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Net-Worm.Win32.Koobface.gsu 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Worm.Win32.Mabezat.h 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.VBKrypt.yk 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Oficla.ak 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Agent.bmw 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.dz 55 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.ed 29 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.ek 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.JS.Pegel.g 72 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Oficla.bf 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.TDSS.bhjg 10 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.TDSS.bhkv 25 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.go 5 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.i 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.e 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Genome.kfpb 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.JS.Agent.flx 18 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.fj 21 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Agent.eihj 5 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Oficla.br 10 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.HTML.Agent.de 19 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.HTML.Agent.dc 31 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Zapchast.ef 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.jr 18 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.js 19 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.t 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.JS.Pegel.bk 24 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.u 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.JS.Pegel.bn 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.JS.Pegel.bm 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.HTML.Meta.d 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.HTML.Meta.g 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.jy 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.jx 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.jz 15 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.Win32.Small.kop 28 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.aj 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.ka 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.kb 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.kc 8 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.kd 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.kg 9 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Packed.Win32.Krap.hm 5 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.ki 7 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.JS.Redirector.kf 60 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.am 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.Win32.FraudLoad.gxk 52 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.Jorik.Oficla.as 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.Win32.FraudLoad.xeer 21 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Spy.Win32.Zbot.aloy 3 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Spy.Win32.Zbot.alpm 5 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan.Win32.FraudPack.bcet 2 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Backdoor.Win32.Bredolab.gii 6 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Spy.Win32.Zbot.alyp 1 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Backdoor.Win32.Bredolab.gmh 8 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.Win32.Genome.axwz 5 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Backdoor.Win32.Bredolab.gni 58 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Dropper.Win32.HDrop.jo 4 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Dropper.Win32.HDrop.jt 6 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Backdoor.Win32.Bredolab.gsg 12 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\Junk-2 Infected: Trojan-Downloader.Win32.Murlo.gxw 15 C:\Users\****\AppData\Roaming\Thunderbird\Profiles\yx6sk3ow.default\ImapMail\mail.****\INBOX.sbd\log Infected: Trojan.Win32.FakeAV.qq 1 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Backdoor.Win32.Bredolab.bmi 2 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Packed.Win32.Krap.x 67 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Backdoor.Win32.Bredolab.btd 4 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Suspicious: Trojan-Spy.HTML.Fraud.gen 3 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Downloader.Win32.Piker.brn 6 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Downloader.Win32.Agent.dadz 4 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Downloader.Win32.Genome.agbv 2 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Backdoor.Win32.Bredolab.cbb 2 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Downloader.Win32.Genome.agcz 3 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Dropper.Win32.Agent.blhj 7 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Downloader.Win32.Genome.agft 3 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan-Downloader.Win32.Genome.agqa 6 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan.Win32.Pakes.nwx 7 C:\Users\****\Documents\Thunderbird 3.0.4 (en-US) - 2010-06-03_2.pcv Infected: Trojan.Win32.Pakes.nxe 3 Selected area has been SCANNed. Concernant Java, j'ai en effet le sdk 1.4 car je travaille sur une appli nécessitant cette version.

tout d'abord merci de ta réponse. voici le fichier info.txt info.txt logfile of random's system information tool 1.08 2010-08-03 18:47:32 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{91029ED4-04B8-40EF-A70F-30C9AA538358}\Setup.exe" -runfromtemp -l0x0009 -removeonly µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Add-in ODF pour Microsoft Word-->MsiExec.exe /I{E6738F45-D704-4D83-9E51-24695E717D09} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Adobe Reader 9.3.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D} Apple Application Support-->MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} AVG 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL AvgAdmin 9.0-->C:\Program Files\AVG\AVG9 Admin\Common\setup.exe /UNINSTALL CASE Studio 2 ver.-->"C:\Program Files\RKSoft\CASEStudio2\Uninstall_CS2_GBI\unins000.exe" Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE} Corel PaintShop Photo Pro X3-->c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\Setup\{DEAEB5DB-04FA-489D-94EF-8600898B93EE}\SetupARP.exe /arp Corel PaintShop Photo Pro X3-->MsiExec.exe /I{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111} Dell 2335 Fax-->C:\Program Files\InstallShield Installation Information\{E3CAE4F2-97CE-4985-8732-2206EF495147}\Setup.exe -runfromtemp -l0x0009 -removeonly -removeonly Dell 2335dn MFP Software Uninstall-->C:\Program Files\DELL\Dell 2335dn MFP\Install\setup.exe /Uninstall HijackThis 2.0.2-->"C:\Program Files\HijackThis\HijackThis.exe" /uninstall ICA-->MsiExec.exe /I{DEAEB5DB-04FA-489D-94EF-8600898B93EE} IETester v0.4.2 (remove only)-->"C:\Program Files\IETester\uninstall.exe" IPM_PSP_CL-->MsiExec.exe /I{DE99075E-7D25-4B96-B32E-BFE6FBFAA644} IPM_PSP_COM-->MsiExec.exe /I{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50} Java 2 Runtime Environment, SE v1.4.2_06-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142060} Java 2 SDK, SE v1.4.2_06-->MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142060} Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Java SE Development Kit 6 Update 20-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160200} Ma-Config.com-->MsiExec.exe /X{14E3D14B-7852-477D-ACE2-895AF4322804} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Office Excel 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall EXCEL /dll OSETUP.DLL Microsoft Office Excel 2007-->MsiExec.exe /X{90120000-0016-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office PowerPoint 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall POWERPOINT /dll OSETUP.DLL Microsoft Office PowerPoint 2007-->MsiExec.exe /X{90120000-0018-0000-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Visio MUI (English) 2007-->MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE} Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE} Microsoft Office Word 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WORD /dll OSETUP.DLL Microsoft Office Word 2007-->MsiExec.exe /X{90120000-001B-0000-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MozBackup 1.4.10-->C:\Program Files\MozBackup\Uninstall.exe Mozilla Firefox (3.6.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Sunbird (0.9)-->C:\Program Files\Mozilla Sunbird\uninstall\uninst.exe Mozilla Thunderbird (3.0.6)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nero 9 Lite-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647" Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A} Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF} Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E} Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Notepad++-->C:\Program Files\Notepad++\uninstall.exe Opera 10.60-->MsiExec.exe /X{1D2C96C3-A3F3-49E7-B839-95279DED837F} PSPPContent-->MsiExec.exe /I{DE8B9311-ADE7-4EDE-B121-326CAA3D225D} PSPPRO_DCRAW-->MsiExec.exe /I{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1} PuTTY version 0.57-->"C:\Program Files\PuTTY\unins000.exe" QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} Realtek Ethernet Controller Driver For Windows Vista and Later-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Rep-Listing-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{887EF08A-011E-477C-B6CB-01E540538ADB}\setup.exe" -l0x40c -removeonly Safari-->MsiExec.exe /I{EAFEF30E-3789-49C7-A6D9-77C12E005BAC} Setup-->MsiExec.exe /I{DE612A3D-0DCC-4055-BB6A-0036F31158A0} SPSS Statistics 17.0-->MsiExec.exe /X{46B65150-F8AA-42F2-94FB-2729A8AE5F7E} TortoiseSVN 1.6.9.19725 (32 bit)-->MsiExec.exe /X{4B6A3B5E-D26E-4690-A061-F3E2FB10F0E5} UltraCompare v7.00-->MsiExec.exe /I{DA7ADA42-C7F3-436D-ADAE-B0CE1E4A5C22} UltraEdit-32 Uninstall-->C:\PROGRA~1\ULTRAE~1\UEDIT32.EXE /UNINSTALL UltraVNC 1.0.8.2-->"C:\Program Files\UltraVNC\unins000.exe" VLC media player 1.1.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe XML Spy Suite 4.4-->MsiExec.exe /I{4059B475-06E5-4E5C-8549-B7857AB33668} Zattoo4 4.0.5-->C:\Program Files\Zattoo4\uninst.exe ======System event log====== Computer Name: Marsalis.**** Event Code: 1014 Message: Name resolution for the name **** timed out after none of the configured DNS servers responded. Record Number: 860 Source Name: Microsoft-Windows-DNS-Client Time Written: 20100422093113.657210-000 Event Type: Warning User: NT AUTHORITY\NETWORK SERVICE Computer Name: Marsalis.**** Event Code: 1014 Message: Name resolution for the name **** timed out after none of the configured DNS servers responded. Record Number: 858 Source Name: Microsoft-Windows-DNS-Client Time Written: 20100422092843.616147-000 Event Type: Warning User: NT AUTHORITY\NETWORK SERVICE Computer Name: Marsalis.**** Event Code: 1014 Message: Name resolution for the name **** timed out after none of the configured DNS servers responded. Record Number: 857 Source Name: Microsoft-Windows-DNS-Client Time Written: 20100422092613.575083-000 Event Type: Warning User: NT AUTHORITY\NETWORK SERVICE Computer Name: Marsalis.**** Event Code: 1014 Message: Name resolution for the name **** timed out after none of the configured DNS servers responded. Record Number: 849 Source Name: Microsoft-Windows-DNS-Client Time Written: 20100422092351.375633-000 Event Type: Warning User: NT AUTHORITY\NETWORK SERVICE Computer Name: marsalis Event Code: 41 Message: The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly. Record Number: 334 Source Name: Microsoft-Windows-Kernel-Power Time Written: 20100422074737.022409-000 Event Type: Critical User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: marsalis Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3678589622-2439322646-1881941484-1001: Process 500 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1001 Process 500 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1001 Process 500 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1001\Software\Microsoft\SystemCertificates\My Process 500 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1001\Software\Microsoft\SystemCertificates\CA Process 500 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1001\Software\Microsoft\SystemCertificates\Disallowed Record Number: 459 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20100426103216.724574-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: ugarte Event Code: 11 Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 764) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (10). User Action: Contact your application vendor for an updated version of the application. Record Number: 399 Source Name: Microsoft-Windows-RPC-Events Time Written: 20100426085448.261988-000 Event Type: Warning User: NT AUTHORITY\LOCAL SERVICE Computer Name: ugarte Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3678589622-2439322646-1881941484-1001: Process 3628 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1001 Record Number: 377 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20100423084538.995210-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: marsalis Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3678589622-2439322646-1881941484-1000: Process 720 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3678589622-2439322646-1881941484-1000 Record Number: 198 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20100422075829.879147-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: marsalis Event Code: 1008 Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. Record Number: 115 Source Name: Microsoft-Windows-Search Time Written: 20100422083939.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: 37L4247D28-05 Event Code: 4735 Message: A security-enabled local group was changed. Subject: Security ID: S-1-5-18 Account Name: 37L4247D28-05$ Account Domain: WORKGROUP Logon ID: 0x3e7 Group: Security ID: S-1-5-32-551 Group Name: Backup Operators Group Domain: Builtin Changed Attributes: SAM Account Name: - SID History: - Additional Information: Privileges: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100421162805.761239-000 Event Type: Audit Success User: Computer Name: 37L4247D28-05 Event Code: 4731 Message: A security-enabled local group was created. Subject: Security ID: S-1-5-18 Account Name: 37L4247D28-05$ Account Domain: WORKGROUP Logon ID: 0x3e7 New Group: Security ID: S-1-5-32-551 Group Name: Backup Operators Group Domain: Builtin Attributes: SAM Account Name: Backup Operators SID History: - Additional Information: Privileges: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100421162805.761239-000 Event Type: Audit Success User: Computer Name: 37L4247D28-05 Event Code: 4902 Message: The Per-user audit policy table was created. Number of Elements: 0 Policy ID: 0x23300 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100421162805.745639-000 Event Type: Audit Success User: Computer Name: 37L4247D28-05 Event Code: 4624 Message: An account was successfully logged on. Subject: Security ID: S-1-0-0 Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 0 New Logon: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x4 Process Name: Network Information: Workstation Name: - Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: - Authentication Package: - Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100421162805.620838-000 Event Type: Audit Success User: Computer Name: 37L4247D28-05 Event Code: 4608 Message: Windows is starting up. This event is logged when LSASS.EXE starts and the auditing subsystem is initialized. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100421162805.620838-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=4 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\PROGRA~1\ULTRAE~1;C:\Program Files\TortoiseSVN\bin;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 30 Stepping 5, GenuineIntel "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=1e05 "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- et le fichier log.txt Logfile of random's system information tool 1.08 (written by random/random) Run by maxime at 2010-08-03 18:48:44 Microsoft Windows 7 Professional Service Pack 2 System drive C: has 33 GB (44%) free of 76 GB Total RAM: 3191 MB (42% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:48:47, on 03.08.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\Dell\PanelMgr\SSMMgr.exe C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\PuTTY\pageant.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files\AVG\AVG9\avgui.exe C:\Windows\system32\taskmgr.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Microsoft Office\Office12\EXCEL.EXE C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\UltraEdit\UEDIT32.EXE C:\Users\******\Desktop\RSIT.exe C:\Program Files\trend micro\maxime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Dell PanelMgr] C:\Windows\Dell\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [2335dn Scan2PC] "C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe O4 - Startup: Shortcut to pageant.exe.lnk = C:\Program Files\PuTTY\pageant.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Edit with &XML Spy - C:\Program Files\XML Spy Suite\spy.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Edit with XML Spy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\XML Spy Suite\spy.htm (HKCU) O9 - Extra 'Tools' menuitem: Edit with XML Spy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\XML Spy Suite\spy.htm (HKCU) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = **** O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = **** O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = **** O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- End of file - 4946 bytes ======Scheduled tasks folder====== C:\Windows\tasks\At1.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-10 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-23 2065760] "Dell PanelMgr"=C:\Windows\Dell\PanelMgr\SSMMgr.exe [2008-06-17 541936] "2335dn Scan2PC"=C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe [2008-07-07 495616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2010-06-27 526992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Mozilla Thunderbird.lnk - C:\Program Files\Mozilla Thunderbird\thunderbird.exe Shortcut to pageant.exe.lnk - C:\Program Files\PuTTY\pageant.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="avgrsstx.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-08-03 18:47:27 ----D---- C:\Program Files\trend micro 2010-08-03 18:47:26 ----D---- C:\rsit 2010-08-03 18:29:45 ----D---- C:\Users\****\AppData\Roaming\Malwarebytes 2010-08-03 18:29:35 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-03 18:29:34 ----D---- C:\ProgramData\Malwarebytes 2010-08-03 18:29:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-03 18:29:34 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-08-03 17:32:06 ----D---- C:\Program Files\HijackThis 2010-08-03 17:07:43 ----D---- C:\Windows\Minidump 2010-08-03 15:29:00 ----A---- C:\Windows\ntbtlog.txt 2010-08-03 15:23:23 ----D---- C:\Users\****\AppData\Roaming\QuickScan 2010-07-30 16:35:21 ----D---- C:\Users\****\AppData\Roaming\IDMComp 2010-07-30 16:35:17 ----D---- C:\Program Files\UltraCompare 2010-07-28 11:30:46 ----D---- C:\Program Files\QuickTime 2010-07-28 11:25:47 ----D---- C:\Users\****\AppData\Roaming\Media Player Classic 2010-07-23 12:23:22 ----RSH---- C:\ProgramData\28CC72B72A.sys 2010-07-23 12:23:22 ----ASH---- C:\ProgramData\KGyGaAvL.sys 2010-07-23 12:22:15 ----D---- C:\ProgramData\Corel 2010-07-23 12:22:15 ----D---- C:\Program Files\Common Files\Protexis 2010-07-23 12:21:33 ----D---- C:\Users\****\AppData\Roaming\Corel 2010-07-23 12:21:03 ----D---- C:\ProgramData\Ulead Systems 2010-07-23 12:21:03 ----D---- C:\Program Files\Common Files\Corel 2010-07-23 12:20:53 ----A---- C:\Windows\system32\xactengine2_10.dll 2010-07-23 12:20:53 ----A---- C:\Windows\system32\d3dx10_36.dll 2010-07-23 12:20:53 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\xinput1_3.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\xactengine2_9.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\xactengine2_8.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx9_36.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx9_35.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx9_34.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx10_35.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx10_34.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\xactengine2_7.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\xactengine2_6.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\xactengine2_5.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx9_33.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx9_32.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx10_33.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx10.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xinput1_2.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xinput1_1.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xactengine2_4.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xactengine2_3.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xactengine2_2.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\x3daudio1_1.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\d3dx9_31.dll 2010-07-23 12:20:49 ----A---- C:\Windows\system32\xactengine2_1.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\xactengine2_0.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\x3daudio1_0.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_30.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_29.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_28.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_27.dll 2010-07-23 12:20:46 ----A---- C:\Windows\system32\d3dx9_26.dll 2010-07-23 12:20:46 ----A---- C:\Windows\system32\d3dx9_25.dll 2010-07-23 12:20:46 ----A---- C:\Windows\system32\d3dx9_24.dll 2010-07-23 11:04:06 ----D---- C:\Program Files\Microsoft Silverlight 2010-07-22 12:12:49 ----D---- C:\Users\****\AppData\Roaming\Notepad++ 2010-07-22 12:12:49 ----D---- C:\Program Files\Notepad++ 2010-07-21 15:05:05 ----D---- C:\Users\****\AppData\Roaming\TortoiseSVN 2010-07-21 09:27:14 ----D---- C:\Program Files\Replisting 2010-07-16 16:54:43 ----D---- C:\Documents and Settings 2010-07-16 10:07:28 ----D---- C:\dataexport 2010-07-16 09:26:49 ----D---- C:\Windows\system32\Adobe 2010-07-13 09:36:11 ----D---- C:\temp 2010-07-13 08:39:27 ----A---- C:\Windows\system32\ntdll.dll 2010-07-13 08:39:26 ----A---- C:\Windows\system32\kernel32.dll 2010-07-13 08:39:26 ----A---- C:\Windows\system32\apphelp.dll 2010-07-07 14:48:42 ----A---- C:\Windows\vbaddin.ini 2010-07-07 14:48:25 ----A---- C:\Windows\ODBC.INI 2010-07-07 09:58:37 ----D---- C:\Program Files\XML Spy Suite 2010-07-07 09:58:37 ----D---- C:\Program Files\Altova 2010-07-07 09:57:35 ----D---- C:\Program Files\XML Spy Suite 4.4 2010-07-06 19:02:56 ----D---- C:\Users\****\AppData\Roaming\vlc 2010-07-06 19:02:44 ----D---- C:\Program Files\VideoLAN ======List of files/folders modified in the last 1 months====== 2010-08-03 18:48:17 ----A---- C:\Windows\UEDIT32.INI 2010-08-03 18:47:50 ----D---- C:\Windows\Temp 2010-08-03 18:47:29 ----D---- C:\Windows\Prefetch 2010-08-03 18:47:27 ----RD---- C:\Program Files 2010-08-03 18:29:35 ----D---- C:\Windows\system32\drivers 2010-08-03 18:29:34 ----HD---- C:\ProgramData 2010-08-03 18:16:08 ----D---- C:\Eclipse3.5 2010-08-03 17:49:45 ----SHD---- C:\Windows\Installer 2010-08-03 17:49:45 ----D---- C:\Windows\system32\Tasks 2010-08-03 17:49:04 ----SHD---- C:\System Volume Information 2010-08-03 17:28:50 ----D---- C:\Windows\System32 2010-08-03 17:28:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-03 17:28:49 ----D---- C:\Windows\inf 2010-08-03 17:07:43 ----D---- C:\Windows 2010-08-03 12:28:26 ----D---- C:\Windows\system32\drivers\Avg 2010-08-02 18:57:55 ----D---- C:\Windows\system32\config 2010-07-30 17:46:14 ----D---- C:\Users\****\AppData\Roaming\uTorrent 2010-07-29 09:40:46 ----D---- C:\Program Files\Safari 2010-07-29 08:43:59 ----D---- C:\Windows\system32\catroot2 2010-07-28 11:28:12 ----D---- C:\ProgramData\Apple Computer 2010-07-26 14:58:29 ----D---- C:\Program Files\Mozilla Firefox 2010-07-23 12:22:15 ----D---- C:\Program Files\Common Files 2010-07-23 12:21:03 ----D---- C:\Program Files\Corel 2010-07-23 12:20:49 ----RSD---- C:\Windows\assembly 2010-07-23 12:20:48 ----D---- C:\Windows\Microsoft.NET 2010-07-23 12:20:40 ----D---- C:\Windows\winsxs 2010-07-23 12:15:36 ----D---- C:\Windows\Tasks 2010-07-22 16:50:05 ----D---- C:\SVN 2010-07-21 11:53:44 ----D---- C:\Program Files\Mozilla Thunderbird 2010-07-21 09:27:14 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-16 10:51:58 ----SD---- C:\Users\****\AppData\Roaming\Microsoft 2010-07-16 09:27:24 ----D---- C:\Windows\system32\Macromed 2010-07-16 08:22:59 ----D---- C:\Windows\system32\wdi 2010-07-13 08:39:52 ----D---- C:\Windows\system32\en-US 2010-07-13 08:39:51 ----D---- C:\Program Files\Microsoft.NET 2010-07-13 08:39:38 ----D---- C:\Windows\AppPatch 2010-07-13 08:39:25 ----D---- C:\Windows\system32\catroot 2010-07-09 12:32:35 ----D---- C:\Windows\system32\NDF 2010-07-07 14:49:22 ----D---- C:\ProgramData\Microsoft Help 2010-07-07 14:48:34 ----D---- C:\Program Files\Common Files\microsoft shared 2010-07-07 14:48:33 ----SD---- C:\ProgramData\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 23616] R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-06-03 52872] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 369568] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 194488] R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 13904] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 133720] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 43088] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-03 691696] R0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2009-07-14 40896] R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 32832] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-06-23 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-03 29584] R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-06-23 243024] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728] R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-04-25 5120] R3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232] R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128] R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152] R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176] S3 AsrCDDrv;AsrCDDrv; \??\C:\Windows\system32\Drivers\AsrCDDrv.sys [] S3 axxratv7;axxratv7; C:\Windows\system32\drivers\axxratv7.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2010-05-01 14336] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920] S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128] R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-23 308136] R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-05-11 271728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-01 1343400] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992] -----------------EOF----------------- avant de voir ta réponse, j'avais dejà lancé une analyse MBAM dont voici le rapport: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4386 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 03.08.2010 18:58:44 mbam-log-2010-08-03 (18-38-44).txt Scan type: Full scan (C:\|D:\|G:\|) Objects scanned: 414561 Time elapsed: 26 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Users\****\AppData\Local\Temp\tpvmi.exe (Virus.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\1024.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully. voici donc le nouveau log.txt de RSIT Logfile of random's system information tool 1.08 (written by random/random) Run by maxime at 2010-08-03 19:05:00 Microsoft Windows 7 Professional Service Pack 2 System drive C: has 33 GB (44%) free of 76 GB Total RAM: 3191 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:05:02, on 03.08.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\Dell\PanelMgr\SSMMgr.exe C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe C:\Program Files\PuTTY\pageant.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\UltraCompare\uc.exe C:\Users\****\Desktop\RSIT.exe C:\Program Files\trend micro\maxime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Dell PanelMgr] C:\Windows\Dell\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [2335dn Scan2PC] "C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe O4 - Startup: Shortcut to pageant.exe.lnk = C:\Program Files\PuTTY\pageant.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Edit with &XML Spy - C:\Program Files\XML Spy Suite\spy.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Edit with XML Spy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\XML Spy Suite\spy.htm (HKCU) O9 - Extra 'Tools' menuitem: Edit with XML Spy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\XML Spy Suite\spy.htm (HKCU) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = **** O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = **** O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = **** O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- End of file - 4685 bytes ======Scheduled tasks folder====== C:\Windows\tasks\At1.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-10 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-23 2065760] "Dell PanelMgr"=C:\Windows\Dell\PanelMgr\SSMMgr.exe [2008-06-17 541936] "2335dn Scan2PC"=C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe [2008-07-07 495616] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2010-06-27 526992] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Mozilla Thunderbird.lnk - C:\Program Files\Mozilla Thunderbird\thunderbird.exe Shortcut to pageant.exe.lnk - C:\Program Files\PuTTY\pageant.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="avgrsstx.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-08-03 18:47:27 ----D---- C:\Program Files\trend micro 2010-08-03 18:47:26 ----D---- C:\rsit 2010-08-03 18:29:45 ----D---- C:\Users\****\AppData\Roaming\Malwarebytes 2010-08-03 18:29:35 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-03 18:29:34 ----D---- C:\ProgramData\Malwarebytes 2010-08-03 18:29:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-08-03 18:29:34 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-08-03 17:32:06 ----D---- C:\Program Files\HijackThis 2010-08-03 17:07:43 ----D---- C:\Windows\Minidump 2010-08-03 15:29:00 ----A---- C:\Windows\ntbtlog.txt 2010-08-03 15:23:23 ----D---- C:\Users\****\AppData\Roaming\QuickScan 2010-07-30 16:35:21 ----D---- C:\Users\****\AppData\Roaming\IDMComp 2010-07-30 16:35:17 ----D---- C:\Program Files\UltraCompare 2010-07-28 11:30:46 ----D---- C:\Program Files\QuickTime 2010-07-28 11:25:47 ----D---- C:\Users\****\AppData\Roaming\Media Player Classic 2010-07-23 12:23:22 ----RSH---- C:\ProgramData\28CC72B72A.sys 2010-07-23 12:23:22 ----ASH---- C:\ProgramData\KGyGaAvL.sys 2010-07-23 12:22:15 ----D---- C:\ProgramData\Corel 2010-07-23 12:22:15 ----D---- C:\Program Files\Common Files\Protexis 2010-07-23 12:21:33 ----D---- C:\Users\****\AppData\Roaming\Corel 2010-07-23 12:21:03 ----D---- C:\ProgramData\Ulead Systems 2010-07-23 12:21:03 ----D---- C:\Program Files\Common Files\Corel 2010-07-23 12:20:53 ----A---- C:\Windows\system32\xactengine2_10.dll 2010-07-23 12:20:53 ----A---- C:\Windows\system32\d3dx10_36.dll 2010-07-23 12:20:53 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\xinput1_3.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\xactengine2_9.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\xactengine2_8.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx9_36.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx9_35.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx9_34.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx10_35.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\d3dx10_34.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2010-07-23 12:20:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\xactengine2_7.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\xactengine2_6.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\xactengine2_5.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx9_33.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx9_32.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx10_33.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\d3dx10.dll 2010-07-23 12:20:51 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xinput1_2.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xinput1_1.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xactengine2_4.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xactengine2_3.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\xactengine2_2.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\x3daudio1_1.dll 2010-07-23 12:20:50 ----A---- C:\Windows\system32\d3dx9_31.dll 2010-07-23 12:20:49 ----A---- C:\Windows\system32\xactengine2_1.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\xactengine2_0.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\x3daudio1_0.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_30.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_29.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_28.dll 2010-07-23 12:20:47 ----A---- C:\Windows\system32\d3dx9_27.dll 2010-07-23 12:20:46 ----A---- C:\Windows\system32\d3dx9_26.dll 2010-07-23 12:20:46 ----A---- C:\Windows\system32\d3dx9_25.dll 2010-07-23 12:20:46 ----A---- C:\Windows\system32\d3dx9_24.dll 2010-07-23 11:04:06 ----D---- C:\Program Files\Microsoft Silverlight 2010-07-22 12:12:49 ----D---- C:\Users\****\AppData\Roaming\Notepad++ 2010-07-22 12:12:49 ----D---- C:\Program Files\Notepad++ 2010-07-21 15:05:05 ----D---- C:\Users\****\AppData\Roaming\TortoiseSVN 2010-07-21 09:27:14 ----D---- C:\Program Files\Replisting 2010-07-16 16:54:43 ----D---- C:\Documents and Settings 2010-07-16 10:07:28 ----D---- C:\dataexport 2010-07-16 09:26:49 ----D---- C:\Windows\system32\Adobe 2010-07-13 09:36:11 ----D---- C:\temp 2010-07-13 08:39:27 ----A---- C:\Windows\system32\ntdll.dll 2010-07-13 08:39:26 ----A---- C:\Windows\system32\kernel32.dll 2010-07-13 08:39:26 ----A---- C:\Windows\system32\apphelp.dll 2010-07-07 14:48:42 ----A---- C:\Windows\vbaddin.ini 2010-07-07 14:48:25 ----A---- C:\Windows\ODBC.INI 2010-07-07 09:58:37 ----D---- C:\Program Files\XML Spy Suite 2010-07-07 09:58:37 ----D---- C:\Program Files\Altova 2010-07-07 09:57:35 ----D---- C:\Program Files\XML Spy Suite 4.4 2010-07-06 19:02:56 ----D---- C:\Users\****\AppData\Roaming\vlc 2010-07-06 19:02:44 ----D---- C:\Program Files\VideoLAN ======List of files/folders modified in the last 1 months====== 2010-08-03 19:04:18 ----D---- C:\Windows\Prefetch 2010-08-03 19:04:07 ----D---- C:\Windows\Temp 2010-08-03 19:02:55 ----D---- C:\Windows\system32\drivers 2010-08-03 19:02:55 ----D---- C:\Windows\Offline Web Pages 2010-08-03 19:00:40 ----A---- C:\Windows\UEDIT32.INI 2010-08-03 18:47:27 ----RD---- C:\Program Files 2010-08-03 18:29:34 ----HD---- C:\ProgramData 2010-08-03 18:16:08 ----D---- C:\Eclipse3.5 2010-08-03 17:49:45 ----SHD---- C:\Windows\Installer 2010-08-03 17:49:45 ----D---- C:\Windows\system32\Tasks 2010-08-03 17:49:04 ----SHD---- C:\System Volume Information 2010-08-03 17:28:50 ----D---- C:\Windows\System32 2010-08-03 17:28:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-03 17:28:49 ----D---- C:\Windows\inf 2010-08-03 17:07:43 ----D---- C:\Windows 2010-08-03 12:28:26 ----D---- C:\Windows\system32\drivers\Avg 2010-08-02 18:57:55 ----D---- C:\Windows\system32\config 2010-07-30 17:46:14 ----D---- C:\Users\****\AppData\Roaming\uTorrent 2010-07-29 09:40:46 ----D---- C:\Program Files\Safari 2010-07-29 08:43:59 ----D---- C:\Windows\system32\catroot2 2010-07-28 11:28:12 ----D---- C:\ProgramData\Apple Computer 2010-07-26 14:58:29 ----D---- C:\Program Files\Mozilla Firefox 2010-07-23 12:22:15 ----D---- C:\Program Files\Common Files 2010-07-23 12:21:03 ----D---- C:\Program Files\Corel 2010-07-23 12:20:49 ----RSD---- C:\Windows\assembly 2010-07-23 12:20:48 ----D---- C:\Windows\Microsoft.NET 2010-07-23 12:20:40 ----D---- C:\Windows\winsxs 2010-07-23 12:15:36 ----D---- C:\Windows\Tasks 2010-07-22 16:50:05 ----D---- C:\SVN 2010-07-21 11:53:44 ----D---- C:\Program Files\Mozilla Thunderbird 2010-07-21 09:27:14 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-16 10:51:58 ----SD---- C:\Users\****\AppData\Roaming\Microsoft 2010-07-16 09:27:24 ----D---- C:\Windows\system32\Macromed 2010-07-16 08:22:59 ----D---- C:\Windows\system32\wdi 2010-07-13 08:39:52 ----D---- C:\Windows\system32\en-US 2010-07-13 08:39:51 ----D---- C:\Program Files\Microsoft.NET 2010-07-13 08:39:38 ----D---- C:\Windows\AppPatch 2010-07-13 08:39:25 ----D---- C:\Windows\system32\catroot 2010-07-09 12:32:35 ----D---- C:\Windows\system32\NDF 2010-07-07 14:49:22 ----D---- C:\ProgramData\Microsoft Help 2010-07-07 14:48:34 ----D---- C:\Program Files\Common Files\microsoft shared 2010-07-07 14:48:33 ----SD---- C:\ProgramData\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 23616] R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-06-03 52872] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 369568] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 194488] R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 13904] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 133720] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 43088] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-03 691696] R0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2009-07-14 40896] R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 32832] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-06-23 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-03 29584] R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-06-23 243024] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728] R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768] R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-04-25 5120] R3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560] R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232] R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128] R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152] R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672] S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [] S3 a04no0rb;a04no0rb; C:\Windows\system32\drivers\a04no0rb.sys [] S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728] S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176] S3 AsrCDDrv;AsrCDDrv; \??\C:\Windows\system32\Drivers\AsrCDDrv.sys [] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2010-05-01 14336] S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624] S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136] S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072] S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224] S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824] S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824] S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920] S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128] R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-23 308136] R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-05-11 271728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-01 1343400] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992] -----------------EOF----------------- Encore merci pour ton aide

Bonjour, je me permets de poster car aujourd'hui AVG a détecté un "Trojan Horse Crypt. YCS" qu'il a alors placé en quarantaine. Le soucis est qu'ensuite j'ai eu plusieurs choses curieuses telles que le changement de mes préférences de windows update, le changement de thème ainsi que l'explorer qui a freezé plusieurs fois. J'ai exécuté une analyse avg en mode sans échec mais je n'ai rien trouvé de plus... Voici ci-dessous le rapport HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:49:56, on 03.08.2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\Dell\PanelMgr\SSMMgr.exe C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\PuTTY\pageant.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files\AVG\AVG9\avgui.exe C:\Program Files\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskmgr.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [Dell PanelMgr] C:\Windows\Dell\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [2335dn Scan2PC] "C:\Windows\twain_32\Dell\Dell2335\Scan2Pc.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe O4 - Startup: Shortcut to pageant.exe.lnk = C:\Program Files\PuTTY\pageant.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Edit with &XML Spy - C:\Program Files\XML Spy Suite\spy.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Edit with XML Spy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\XML Spy Suite\spy.htm (HKCU) O9 - Extra 'Tools' menuitem: Edit with XML Spy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\XML Spy Suite\spy.htm (HKCU) O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ** O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ** O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ** O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- End of file - 4531 bytes Merci d'avance pour votre réponse.

si tu la vend toujours je suis peut être intéressé.

Bonjour, J'ai pu tester avec une ATI HD 2400 pro et je n'ai eu aucun souci (ca fait bizarre de voir le bios sans point blanc ! loveeyessmly.gif ) Je me met donc en quête d'une nouvelle CG (en espérant que l'alim n'est pas de problème non plus). C'est quand meme étonnant une 6800GT de foutu après un peu plus de 3 ans, non ?

merci pour ta réponse, je pense aussi à un souci de la carte graphique. As-tu un logiciel à me conseiller pour tester l'alimentation ?

Je viens d'essayer de retirer la pile, cela n'a rien changé. Je viens aussi de voir que si je désinstalle les pilotes, j'arrive alors à aller sous windows, où le problème n'est plus présent. Ce que je n'arrive pas à comprendre c'est pourquoi est-ce que je problème apparait sous le bios alors que les fonctions de la carte ne sont pourtant pas utilisées. Si quelqu'un a une idée, je suis toujours preneur (peut être que le topic mériterait d'être déplacé dans la section Hardware).

Non je n'ai pas essayé. Je pensais que cette action donnerait la meme chose que de remettre les paramètres d'usine du bios.

Bonjour, tout d'abord j'ai hésité avec de poster dans cette catégorie, je fait confiance au modo pour rediriger si le besoin s'en fait sentir en fonction de mon problème. Voilà, j'ai un gros soucis d'affichage : j'ai des points (plus gros que un pixel) qui quadrillent mon écran. Ceci se produit même au niveau du bios (c'est le plus inquiétant). Afin d'etre plus clair, voici deux photos de ce que ça donne : Je rencontre le même soucis lors du chargement de windows (les points changent de couleur). Une fois la barre de chargement disparu je reste sur un écran noir et n'arrive pas jusqu'au bureau... J'ai 2 Windows Xp d'installés et le soucis reste le même. Je rencontre aussi le problème sous ubuntu qui est installé. Je pensais donc à un problème de ma carte graphique. Sauf que lorsque je démarre en mode sans échec ca fonctionne, les points sont juste présent lors du chargement, une fois sous windows plus de soucis, et le problème disparait aussi lorsque j'utilise un liveCD. J'ai remis le bios à zéro et désinstallé les pilotes graphiques (sans grande conviction) mais ca ne change rien. J'espère vraiment que quelqu'un aura une idée car là je vois pas de quoi ce pourrait venir (à part la CG mais c'est bizarre que ca fonctionne en mode sans échec). Merci d'avance pour votre aide. P.S. : mon écran n'a pas du soucis, je l'ai testé avec un autre ordi