BapZeMagnific

Membres

Afficher le profil Afficher son activité

Compteur de contenus
21
Inscription
le 8 septembre 2008
Dernière visite
le 11 avril 2010

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par BapZeMagnific

Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

OK. XP sur l'ASZ. Softwares + Données en externe. C'est clair.
- le 11 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Faire une sauvegarde du disque système, du disque des applications et enfin de celui des données sur l'ASZ étendue à l'ensemble du disque interne ? C'est une solution qui semble très valable. Si j'ai le temps, je vais essayer la manip ce weekend. Je te tiens au courant du résultat ... Merci pour les conseils
- le 11 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Autrement dit, je lance le clonage du disque système C: sur une partition du disque dur externe en USB sans passer par le CD bootable. En cas de plantage dudit système, je boote sur l'utilitaire d'ACRONIS dûment graver sur CD et je réinstalle XP sur C: à partir du clone. Je pensais l'opération plus compliquée et donc je reculais l'échéance du clonage. Et même si les back-ups me sont plus familiers, je préférais la solution matérielle du RAID 1. Pour ma défense, j'ai à mon actif un nombre assez impressionnant de plantages logiciels que j'accorde plus volontiers ma confiance au hardware.
- le 11 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Tout compte fait, je viens de créer une zone sûre de 250 Go à l'aide de l'utilitaire d'ACRONIS. Après quoi, je fais un back-up de l'ensemble de mon disque dur de données, y compris le dossier "Documents and Settings" que j'avais pris le soin d'exporter du disque Système. Ensuite, il restera la délicate manipulation du clonage de XP SP2 avant d'effectuer sa mise à jour vers le SP3 et d'installer (enfin !) Seven sur mon SSD. Concernant le clonage de C:Système : puis-je le faire sur l'espace restant (250 Go) du disque de sauvegarde hors ASZ ? Enfin, (et c'est la manip qui m'inquiète !) le fait de cloner le Système va-t- il déplacer XP sur le disque de sauvegarde ou bien en faire seulement une copie conforme clonable en cas de crash du système ?
- le 9 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Qu'est-ce que c'est qu'une ASZ ?
- le 7 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Donc tu me conseilles vivement de laisser mon premier disque dur tel quel et d'en faire un clone régulièrement avec True Image. Remarque quand je me suis aperçu du plantage de RAID, j'étais plutôt tenté de le garder en l'état. Mon seul soucis maintenant est le paramétrage de ces sauvegardes de mes données. Je vais voir ça. Comme mon disque est actif avec la présence de l'ensemble du dossier Documents & Settings, ça m'impose un clonage à partir d'un CD bootable du logiciel d'ACRONIS.
- le 7 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Bonjour, Merci pour les conseils. Et je vais mettre en oeuvre la deuxième solution. Concernant l'intérêt du RAID1, bah, je ne suis pas très à l'aise avec la solution logiciel du clonage de disques et le fait d'avoir deux HDs identiques instantanément sans avoir à me formaliser me rassure davantage.
- le 6 mars 2010
- 16 réponses
Reformer un RAID1 de données

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Hardware

Je clone avec True Image d'ACRONIS. La version 11. Je l'ai déjà utilisée pour faire des backups mais pas encore du clonage de partition système.
- le 28 février 2010
- 16 réponses
Pour un effacement de fichiers VRAIMENT efficace ...

BapZeMagnific a répondu à un(e) sujet de fabou4 dans Optimisation, Trucs & Astuces

Bonsoir, Pour effacer définitivement des fichiers, j'utilise ce petit software http://www.clubic.com/telecharger-fiche11144-eraser.html La version 6 de ERASER semble poser quelques soucis mais la précédente fonctionne parfaitement. Il permet aussi d'eraser l'espace libre ou libéré des disques durs.
- le 28 février 2010
- 18 réponses
Reformer un RAID1 de données

BapZeMagnific a posté un sujet dans Hardware

Bonjour, Ma configuration est la suivante : un petit RAPTOR 36 Go pour XP Pro, un second RAPTOR 150 Go pour les applications et enfin, un RAID1 de deux WD Caviar 500 Go pour les données. Suite à un plantage sans possibilité de récupération (le plantage s'est produit après la mise à jour des pilotes du chipset), je réinstalle le système sans problème ; certaines applications ont morflé (1/3) et demandent une réinstallation mais toutes les données sont sauves. Un moindre mal. Je précise que je mets aussi l'ensemble du dossier Documents and Settings et le PageFile sur le disque de données. Comme ma grappe RAID1 est à reformer (j'utilise l'utilitaire INTEL), je ne sais pas trop comment m'y prendre pour effectuer cette opération délicate. 1/ soit je clone le disque de données sur un disque dur externe en USB, je monte les disques 500 Go en miroir et je clone à l'envers le disque USB sur le RAID1 tout neuf. 2/ soit j'effectue une sauvegarde des données brutes en externe, je remets le dossier Documents and Settings et le PageFile - le temps du montage des disques en miroir - sur le disque système. Puis manipulation inverse pour les données, Documents and Settings et le PageFile. J'espère que mon explication est assez claire ? A priori, je penchais pour la solution 1/ avec un doute sur la fiabilité de la connexion en USB pour certains dossiers Système ? En rédigeant ce message, je m'aperçois que la solution 2/ est plus cohérente car - le temps du montage du RAID1 - elle reforme le système sur un seul et même disque dur. Quelqu'un peut-il éclairer ma lanterne ? Je suis novice en matière de clonage et si je pouvais éviter d'installer une nouvelle fois XP !
- le 28 février 2010
- 16 réponses
Log HiJackThis

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Grand Merci Falkra Je suis rassuré. Pour ce qui concerne le Service Pack 3 d'XP, j' y pense mais je vais d'abord cloner mon système. Je suis en cours de réinstallation de mon PC pour accueillir Windows 7 sur un SSD. Suite à une mauvaise manipulation, j'ai endommagé mon RAID1 de données qui héberge aussi quelques dossiers du système ... un vrai pataquès que je cherche à remettre d'aplomb avant de parfaire ma nouvelle installation.
- le 28 février 2010
- 5 réponses
Log HiJackThis

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Bonjour et Merci Falkra, Voici le log de GMER RootKit : GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-02-27 19:22:10 Windows 5.1.2600 Service Pack 2 Running: gk71cys7.exe; Driver: E:\DOCUME~1\JEAN-M~1\LOCALS~1\Temp\pxtciaoc.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\REGMON701 \Device\Regmon701 REGSYS701.SYS AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG08.00.00.01WORKSTATION E039CE1252EBE1826A966D84B43083AD2BD200BE5D9A6A39BD03021121D47AC2FC934455090C6A7D 49EC6A7D1C00066EDFF5F3FD3DE4FC743DDB56EF9CA24EA29A31A91DB24CB263EE5BDFCBD2FC1F780 8CD12DF477ADE3BAE13DAC97E292EBDE1323E4B4D4EF0AA95502682B82AF10611B3ED4FDA573A2F52 137A004A816D3B812A66D39BE8C39FFCA9BACB73B804A9EC773CCA1F2A1CC367B5C384C57844942D2 1A93F27A52A5FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC 9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA9C6AECB7A5D1407A9C6A ECB7A5D140725C5CC150E2FD4F4ACA002CDF12638832E85C51FC4ED5339651B93483F073E04E49023 64D5BC008F52F551A503E8C435246B1E6B0E091BAB7F9CB4A1E9A24A141C90896EA77833533BBEFE3 5EF0FC2382C82A4E5987F7574E3548020B81C6866A4D8E79EE1E8FCB1353A6B7C58DB0C23A2D65444 637024701E3AA7CE2B11633D5A7147F4A648526F8C9E9B919D445BE06869484F3330CC4FBF3E804B8 551682AA0D4D8835C0389289491B49A68755331E0B0436390C57915DCBF86C752E10B98DCF06EF2AC BA5D48A4308554234BF625F113A97448EC16198E97D48BDE7A42C4772BFDFC86C5EE92970B7B10FCD 92F2489710284E8957486708E30EFBB08663E5ED8A4F11CAC401 ---- EOF - GMER 1.0.15 ----
- le 27 février 2010
- 5 réponses
Log HiJackThis

BapZeMagnific a posté un sujet dans Analyses et éradication malwares

Bonjour, Suite à un scan complet de RootKitRevealer (1) révélant un certain nombre de "discrepancies", j'ai décidé d'effectuer un scan avec HiJackThis (2) Quelqu'un peut-il en faire une analyse, please ? Merci (1) HKLM\SECURITY\Policy\Secrets\SAC* 22/02/2010 16:35 0 bytes Key name contains embedded nulls (*) HKLM\SECURITY\Policy\Secrets\SAI* 22/02/2010 16:35 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\ASUS\AI Gear3\EPU\MB\CurrentPower 27/02/2010 17:42 8 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 27/02/2010 17:42 80 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System* 23/02/2010 04:56 0 bytes Key name contains embedded nulls (*) C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll 22/02/2010 23:00 252.00 KB Visible in Windows API, but not in MFT or directory index. C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 22/02/2010 23:00 111.50 KB Visible in Windows API, but not in MFT or directory index. (2) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:35:38, on 27/02/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Program Files\Sécurité\ESET\ESET Smart Security\egui.exe D:\Program Files\KeyScrambler\keyscrambler.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Sécurité\ESET\ESET Smart Security\ekrn.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe D:\Program Files\EssentialPIM Pro\EssentialPIM.exe D:\Program Files\EssentialPIM Pro\EssentialPIM.exe C:\Program Files\Windows Media Player\wmplayer.exe D:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe C:\WINDOWS\System32\TuneUpDefragService.exe D:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\ConsoLCu.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe E:\SoftWares\Système\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alltheweb.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - D:\Program Files\KeyScrambler\KeyScramblerIE.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r O4 - HKLM\..\Run: [egui] "C:\Program Files\Sécurité\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [KeyScrambler] D:\Program Files\KeyScrambler\keyscrambler.exe /a O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - D:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - D:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O20 - Winlogon Notify: KeyScrambler - C:\WINDOWS\SYSTEM32\KeyScramblerLogon.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\Sécurité\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\Sécurité\ESET\ESET Smart Security\ekrn.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O24 - Desktop Component 1: D:\Program Files\DesktopEarth\current.bmp - D:\Program Files\DesktopEarth\current.bmp -- End of file - 7843 bytes
- le 27 février 2010
- 5 réponses
Pas de connexion possible à PriceMinister

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Internet & Réseaux

Bonjour, Aucune aide en vue !? Je précise que j'ai essayé de me connecter à PRICE MINISTER chez moi à partir d'un autre PC et que ça marche. Autrement dit, ce blocage vient de ma configuration de bureau. C'est étrange car je ne rencontre ce problème que sur ce site sur lequel je suis acheteur et vendeur. Quelqu'un peut-il me venir en aide, please !? Merci
- le 17 janvier 2010
- 2 réponses
Pas de connexion possible à PriceMinister

BapZeMagnific a posté un sujet dans Internet & Réseaux

Bonjour, Depuis plusieurs semaines, je ne parviens plus à me connecter au site Price Minister. A chaque fois, j'obtiens un message avec l'erreur 403, "Trop de connexions, essayez de vous connecter plus tard". Rien à faire ! J'ai vérifié le paramétrage du pare-feu, celui de l'antivirus (suite ESET). J'ajoute que j'utilise le navigateur FireFox et mon FAI est ALICE. Quelqu'un a une idée ?
- le 13 janvier 2010
- 2 réponses
Analyse des Rapports HiJackThis et MBAM

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Hello Thanos, Merci pour l'explication sur la ligne de commande servant à exporter la valeur d'une clé du registre d'XP. Suivant tes conseils, je viens d'exécuter RSIT pour la deuxième fois. Et voici le fichier texte du Log : A Plus Tard ... Logfile of random's system information tool (written by random/random) Run by Jean-Marie at 2008-09-22 17:02:50 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 17 GB (77%) free of 22 GB Total RAM: 3326 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:02:59, on 22/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE E:\Program Files\a-squared Free\a2service.exe E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe C:\WINDOWS\CTHELPER.EXE E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe E:\Program Files\ESET\ESET Smart Security\egui.exe E:\Program Files\Winamp\winampa.exe E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\SYSTEM32\CTXFISPI.EXE E:\Program Files\Logitech\SetPoint\LBTWiz.exe E:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\system32\ctfmon.exe E:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Club-Internet\Lanceur\lanceur.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe E:\Program Files\Fichiers Communs\Logishrd\KHAL2\KHALMNPR.EXE E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe C:\WINDOWS\system32\nvsvc32.exe E:\Program Files\MGE\PersonalSolutionPac\PCtl.exe C:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe E:\Program Files\MGE\PersonalSolutionPac\BIL.EXE E:\Program Files\MGE\PersonalSolutionPac\CILRS232.EXE C:\WINDOWS\System32\alg.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe E:\Program Files\MGE\PersonalSolutionPac\CILUSB.EXE E:\Program Files\EssentialPIM Pro\EssentialPIM.exe E:\Program Files\EssentialPIM Pro\EssentialPIM.exe E:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\ConsoLCu.exe C:\WINDOWS\system32\wuauclt.exe E:\Program Files\Mozilla Firefox\firefox.exe I:\SOFTWARES\Nettoyer\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe E:\Program Files\Trend Micro\HijackThis\Jean-Marie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers Communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [pspNetSystray] E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent O4 - HKLM\..\Run: [iSUSPM Startup] E:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [sMSystemAnalyzer] "E:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe" O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - User Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O15 - Trusted Zone: http://www.bitdefender.fr O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2...15105/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CS1\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CS2\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\Program Files\a-squared Free\a2service.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Diskeeper - Diskeeper Corporation - E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MGE Service module - Unknown owner - E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers Communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 10479 bytes Scheduled tasks folder C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - E:\Program Files\Fichiers Communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864] "CTHelper"=C:\WINDOWS\CTHELPER.EXE [2006-05-24 17920] "egui"=E:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072] "WinampAgent"=E:\Program Files\Winamp\winampa.exe [2008-07-09 36352] "pspNetSystray"=E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe [2007-01-23 1208320] "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-05-24 18944] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048] "nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-08-02 1657376] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304] "Bluetooth Connection Assistant"=LBTWIZ.EXE -silent [] "ISUSPM Startup"=E:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184] "SMSystemAnalyzer"=E:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe [2008-03-31 725352] "AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152] "QuickTime Task"=E:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SMRequiresRestart"= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe [2007-02-06 1953792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedhlp.exe [2007-10-30 140568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] E:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-30 909208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client] E:\Program Files\Babylon\Babylon.exe [2005-06-27 2433086] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Fichiers Communs\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] E:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] E:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] E:\Program Files\Fichiers Communs\InstallShield\UpdateService\issch.exe [2005-02-17 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] E:\Program Files\Fichiers Communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder] E:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] E:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] E:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-30 2595616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] E:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] E:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Jean-Marie^Menu Démarrer^Programmes^Démarrage^HDDlife.lnk] E:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SCardSvr"=3 "ERSvc"=2 "WebClient"=2 "upnphost"=3 "SSDPSRV"=3 "seclogon"=2 "RSVP"=3 "RemoteRegistry"=2 "RDSessMgr"=3 "PolicyAgent"=2 "NtLmSsp"=3 "Netlogon"=3 "MSDTC"=3 "mnmsrvc"=3 "LmHosts"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Logitech SetPoint.lnk - E:\Program Files\Logitech\SetPoint\SetPoint.exe I:\Documents and Settings\Jean-Marie\Menu Démarrer\Programmes\Démarrage Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] e:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "undockwithoutlogon"=1 "ShutdownWithoutLogon"=1 "NoDispCPL"=0 "NoDispSettingsPage"=0 "NoDispScrSavPage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "E:\Program Files\ma-config.com\maconfservice.exe"="E:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32" "E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32" "E:\Program Files\GAMES\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="E:\Program Files\GAMES\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)" "E:\Program Files\GAMES\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="E:\Program Files\GAMES\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" File associations .reg - open - regedit.exe "%1" %* List of files/folders created in the last three months 2008-09-22 17:02:50 ----D---- C:\rsit 2008-09-20 23:51:40 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon 2008-09-20 23:49:40 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Babylon 2008-09-20 18:56:51 ----D---- E:\Program Files\Fichiers Communs\Apple 2008-09-20 18:56:48 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-09-18 13:44:23 ----A---- C:\WINDOWS\system32\janGraphics.dll 2008-09-18 13:44:22 ----A---- C:\WINDOWS\system32\INETDE.DLL 2008-09-18 13:28:02 ----D---- C:\WINDOWS\Downloaded Installations 2008-09-18 06:43:08 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-09-18 06:42:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-09-18 06:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$ 2008-09-18 06:42:21 ----N---- C:\WINDOWS\system32\xmllite.dll 2008-09-18 06:41:10 ----D---- C:\WINDOWS\network diagnostic 2008-09-18 06:41:08 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$ 2008-09-18 06:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$ 2008-09-17 21:52:16 ----A---- C:\WINDOWS\INRES.DLL 2008-09-17 21:52:16 ----A---- C:\WINDOWS\CTXFIRES.DLL 2008-09-17 21:43:16 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Creative 2008-09-17 21:41:49 ----D---- C:\Documents and Settings\All Users\Application Data\Creative 2008-09-17 21:40:52 ----D---- C:\Program Files\Creative 2008-09-17 14:39:18 ----A---- C:\WINDOWS\system32\Roboex32.dll 2008-09-17 14:39:18 ----A---- C:\WINDOWS\system32\INETWH32.DLL 2008-09-17 14:39:18 ----A---- C:\WINDOWS\system32\gdiplus.dll 2008-09-17 13:51:47 ----A---- C:\WINDOWS\sfbm.INI 2008-09-10 19:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$ 2008-09-10 19:55:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2008-09-09 23:11:40 ----A---- C:\WINDOWS\system32\smrgdf.exe 2008-09-09 23:11:40 ----A---- C:\WINDOWS\system32\iolobtdfg.exe 2008-09-09 23:11:37 ----A---- C:\WINDOWS\system32\Incinerator.dll 2008-09-09 23:11:19 ----D---- C:\Program Files\iolo 2008-09-09 23:10:11 ----A---- C:\WINDOWS\system32\mfc45.dll 2008-09-09 23:09:39 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\iolo 2008-09-09 23:09:39 ----D---- C:\Documents and Settings\All Users\Application Data\iolo 2008-09-06 08:56:48 ----D---- C:\WINDOWS\AU_Temp 2008-09-01 21:25:01 ----D---- C:\Program Files\Apple Software Update 2008-09-01 21:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2008-09-01 13:54:32 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Apple Computer 2008-09-01 11:25:08 ----D---- C:\WINDOWS\system32\Futuremark 2008-09-01 11:25:07 ----D---- E:\Program Files\Fichiers Communs\Futuremark Shared 2008-08-31 15:50:21 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Malwarebytes 2008-08-31 15:50:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-31 09:35:40 ----A---- C:\WINDOWS\ChssBase.ini 2008-08-31 08:35:21 ----A---- C:\WINDOWS\system32\CSVer.dll 2008-08-30 10:13:07 ----D---- C:\WINDOWS\BDOSCAN8 2008-08-30 09:27:42 ----D---- C:\WINDOWS\report 2008-08-30 09:27:17 ----D---- C:\WINDOWS\AU_Backup 2008-08-30 09:27:16 ----A---- C:\WINDOWS\tsc.ini 2008-08-30 09:27:15 ----A---- C:\WINDOWS\vsapi32.dll 2008-08-30 09:27:15 ----A---- C:\WINDOWS\TSC.exe 2008-08-30 09:27:15 ----A---- C:\WINDOWS\hcextoutput.dll 2008-08-30 09:27:15 ----A---- C:\WINDOWS\BPMNT.dll 2008-08-30 09:26:35 ----A---- C:\WINDOWS\GetServer.ini 2008-08-30 09:26:34 ----D---- C:\WINDOWS\AU_Log 2008-08-30 09:26:32 ----A---- C:\WINDOWS\TMUPDATE.DLL 2008-08-30 09:26:31 ----A---- C:\WINDOWS\UNZIP.DLL 2008-08-30 09:26:31 ----A---- C:\WINDOWS\PATCH.EXE 2008-08-29 12:52:38 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2008-08-29 12:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd 2008-08-29 12:51:05 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Logitech 2008-08-29 12:50:28 ----A---- C:\WINDOWS\system32\BtCoreIf.dll 2008-08-29 12:50:27 ----A---- C:\WINDOWS\system32\LBTCoIns.DLL 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\KemXML.dll 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\KemWnd.dll 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\KemUtil.dll 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\kemutb.dll 2008-08-29 12:50:15 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2008-08-29 12:50:12 ----D---- E:\Program Files\Fichiers Communs\Logishrd 2008-08-29 12:49:05 ----A---- C:\WINDOWS\system32\btw_ci.dll 2008-08-29 12:49:01 ----D---- C:\Program Files\WIDCOMM 2008-08-28 23:05:26 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Command & Conquer 3 La Fureur de Kane 2008-08-28 22:55:36 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\DAEMON Tools Pro 2008-08-26 21:54:31 ----D---- C:\WINDOWS\SxsCaPendDel 2008-08-26 21:44:04 ----RHD---- C:\Documents and Settings\Jean-Marie\Application Data\SecuROM 2008-08-26 21:44:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-08-26 18:05:19 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Command & Conquer 3 Les guerres du Tiberium 2008-08-26 13:35:48 ----D---- C:\WINDOWS\Sun 2008-08-26 13:35:48 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Sun 2008-08-26 13:35:28 ----A---- C:\WINDOWS\system32\javaws.exe 2008-08-26 13:35:28 ----A---- C:\WINDOWS\system32\javaw.exe 2008-08-26 13:35:28 ----A---- C:\WINDOWS\system32\java.exe 2008-08-26 13:34:42 ----D---- E:\Program Files\Fichiers Communs\Java 2008-08-25 23:19:53 ----A---- C:\WINDOWS\NAVIGMA.INI 2008-08-25 23:17:20 ----D---- E:\Program Files\Fichiers Communs\Micro Application Shared 2008-08-25 22:48:04 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\URSoft 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2008-08-25 21:22:23 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2008-08-25 21:22:23 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2008-08-25 21:22:21 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2008-08-25 21:22:21 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2008-08-25 21:22:21 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2008-08-25 21:22:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2008-08-25 21:22:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2008-08-25 21:22:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2008-08-25 21:22:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2008-08-25 21:22:16 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2008-08-25 21:22:12 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2008-08-25 21:22:12 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2008-08-25 21:22:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2008-08-25 21:22:11 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2008-08-25 21:22:11 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2008-08-25 21:22:10 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2008-08-25 21:21:51 ----D---- C:\WINDOWS\Logs 2008-08-25 20:47:08 ----A---- C:\WINDOWS\NeroDigital.ini 2008-08-25 19:59:56 ----SHD---- C:\Diskeeper 2008-08-25 19:57:28 ----D---- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation 2008-08-25 19:55:52 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2008-08-25 19:12:13 ----D---- C:\WINDOWS\nview 2008-08-25 19:12:13 ----A---- C:\WINDOWS\system32\nvudisp.exe 2008-08-25 19:11:33 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2008-08-25 19:08:01 ----A---- C:\WINDOWS\system32\cttele32.dll 2008-08-25 18:51:38 ----D---- C:\WINDOWS\system32\appmgmt 2008-08-25 18:13:29 ----A---- C:\WINDOWS\system32\AppSetup.exe 2008-08-25 10:35:04 ----D---- C:\WINDOWS\NV31402804.TMP 2008-08-25 10:29:08 ----HD---- C:\WINDOWS\system32\GroupPolicy 2008-08-25 09:05:17 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-08-23 13:46:30 ----D---- E:\Program Files\Fichiers Communs\Canon 2008-08-23 13:41:45 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Canon 2008-08-23 11:28:09 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-08-23 11:28:07 ----A---- C:\WINDOWS\system32\CNMVS7M.DLL 2008-08-23 11:28:07 ----A---- C:\WINDOWS\system32\CNMLM7M.DLL 2008-08-23 11:27:12 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\ScanSoft 2008-08-23 11:27:10 ----D---- C:\Documents and Settings\All Users\Application Data\SSScanWizard 2008-08-23 11:27:10 ----D---- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2008-08-23 11:27:10 ----A---- C:\WINDOWS\MAXLINK.INI 2008-08-23 11:26:50 ----D---- E:\Program Files\Fichiers Communs\ScanSoft Shared 2008-08-23 11:25:51 ----A---- C:\WINDOWS\PCDLIB32.DLL 2008-08-23 11:24:28 ----A---- C:\WINDOWS\system32\MFC71.dll 2008-08-23 11:24:24 ----A---- C:\WINDOWS\IsUn040c.exe 2008-08-23 11:23:56 ----HD---- C:\WINDOWS\system32\CanonMP Uninstaller Information 2008-08-23 11:23:52 ----A---- C:\WINDOWS\system32\cncisco.dll 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCL800.DLL 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCI800.DLL 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCC800.DLL 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCA800.DLL 2008-08-23 11:23:46 ----HD---- C:\CanonMP 2008-08-23 11:21:58 ----D---- C:\Program Files\Canon 2008-08-22 10:58:10 ----A---- C:\WINDOWS\system32\ptpusb.dll 2008-08-22 10:58:09 ----A---- C:\WINDOWS\system32\ptpusd.dll 2008-08-22 09:38:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2008-08-22 05:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-08-18 22:34:23 ----SHD---- C:\WINDOWS\ftpcache 2008-08-18 22:33:38 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\U3 2008-08-18 22:25:28 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Ahead 2008-08-18 22:23:54 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2008-08-18 22:23:53 ----D---- E:\Program Files\Fichiers Communs\Ahead 2008-08-18 22:11:19 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2008-08-18 22:11:18 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2008-08-18 20:12:55 ----A---- C:\WINDOWS\system32\MRT.exe 2008-08-18 09:03:57 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\SoundSpectrum 2008-08-18 09:02:10 ----D---- C:\Program Files\SoundSpectrum 2008-08-17 23:17:58 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro 2008-08-17 23:17:43 ----A---- C:\WINDOWS\system32\BASSMOD.dll 2008-08-16 21:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-08-16 21:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-08-16 21:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-08-16 21:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-08-16 21:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-08-16 21:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-08-16 21:34:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2008-08-16 21:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-08-16 21:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-08-16 21:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-08-16 21:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-08-16 21:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-08-16 21:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-08-16 21:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$ 2008-08-16 21:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-08-16 21:33:32 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-08-16 21:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-08-16 21:29:05 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Adobe 2008-08-16 19:59:42 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Talkback 2008-08-16 19:54:08 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Macromedia 2008-08-16 19:53:39 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2008-08-16 19:51:01 ----D---- C:\WINDOWS\system32\PreInstall 2008-08-16 19:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-08-16 19:47:00 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Mozilla 2008-08-16 19:37:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-08-16 16:17:44 ----HD---- C:\WINDOWS\PIF 2008-08-16 15:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2008-08-16 15:28:14 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-08-16 15:28:10 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-08-16 15:27:58 ----D---- C:\Program Files\Windows Media Connect 2 2008-08-16 15:27:52 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-08-16 15:27:27 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-08-16 15:27:10 ----D---- C:\WINDOWS\system32\LogFiles 2008-08-16 15:27:06 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-08-16 15:27:05 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-08-16 15:26:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-08-16 15:19:51 ----A---- C:\WINDOWS\system32\oeminfo.ini 2008-08-16 15:13:47 ----A---- C:\WINDOWS\ODBC.INI 2008-08-16 15:13:17 ----D---- E:\Program Files\Fichiers Communs\Designer 2008-08-16 15:12:51 ----D---- C:\WINDOWS\ShellNew 2008-08-16 15:12:50 ----D---- E:\Program Files\Fichiers Communs\ODBC 2008-08-16 15:07:07 ----A---- C:\WINDOWS\system32\wpa.bak 2008-08-16 14:15:34 ----A---- C:\WINDOWS\system32\hidserv.dll 2008-08-15 21:21:44 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\IrfanView 2008-08-15 21:16:12 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis 2008-08-15 21:15:38 ----D---- E:\Program Files\Fichiers Communs\Acronis 2008-08-15 21:06:47 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Help 2008-08-15 16:56:26 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-15 16:53:52 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\WinRAR 2008-08-15 16:52:15 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-08-15 16:52:10 ----D---- E:\Program Files\Fichiers Communs\Adobe 2008-08-15 16:44:56 ----A---- C:\WINDOWS\system32\everest_cpl.ini 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\vxblock.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxwave.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxsfs.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxmas.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxdrv.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxafs.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\px.dll 2008-08-15 16:21:58 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Winamp 2008-08-15 16:06:42 ----D---- C:\Program Files\Club-Internet 2008-08-15 15:57:14 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\ESET 2008-08-15 15:56:38 ----D---- C:\Documents and Settings\All Users\Application Data\ESET 2008-08-15 15:42:52 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\EssentialPIM Pro 2008-08-14 22:16:10 ----D---- C:\WINDOWS\pss 2008-08-14 21:52:16 ----N---- C:\WINDOWS\Ctregrun.exe 2008-08-14 21:51:16 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-08-14 21:51:13 ----A---- C:\WINDOWS\system32\wrap_oal.dll 2008-08-14 21:51:13 ----A---- C:\WINDOWS\system32\OpenAL32.dll 2008-08-14 21:50:42 ----D---- C:\WINDOWS\system32\Data 2008-08-14 21:50:42 ----A---- C:\WINDOWS\CTDCRFRN.DLL 2008-08-14 21:32:28 ----D---- C:\Program Files\Gigabyte 2008-08-14 21:32:28 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-08-14 21:30:51 ----R---- C:\WINDOWS\system32\JMRaidAPI.dll 2008-08-14 21:30:50 ----R---- C:\WINDOWS\system32\JMRaidSetup.exe 2008-08-14 21:30:45 ----D---- C:\WINDOWS\JM 2008-08-14 21:30:33 ----D---- E:\Program Files\Fichiers Communs\InstallShield 2008-08-14 21:29:59 ----D---- C:\WINDOWS\OPTIONS 2008-08-14 21:29:59 ----D---- C:\Program Files\Realtek 2008-08-14 21:29:58 ----HD---- C:\Program Files\InstallShield Installation Information 2008-08-14 21:29:51 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\InstallShield 2008-08-14 21:28:55 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-08-14 21:28:53 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-08-14 21:28:53 ----D---- C:\Program Files\Intel 2008-08-14 21:28:42 ----D---- C:\Intel 2008-08-14 21:22:06 ----HD---- C:\WINDOWS\Icons 2008-08-14 21:07:23 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2008-08-14 21:07:22 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\TuneUp Software 2008-08-14 21:07:22 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2008-08-14 21:07:16 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-08-14 21:04:42 ----D---- E:\Program Files\Fichiers Communs\Wise Installation Wizard 2008-08-14 20:53:13 ----D---- E:\Program Files\Fichiers Communs\system 2008-08-14 20:53:13 ----D---- E:\Program Files\Fichiers Communs\speechengines 2008-08-14 20:53:13 ----D---- E:\Program Files\Fichiers Communs\mssoap 2008-08-14 20:53:11 ----D---- E:\Program Files\Fichiers Communs\microsoft shared 2008-08-14 12:32:44 ----A---- C:\WINDOWS\system32\h323log.txt 2008-08-14 12:27:43 ----A---- C:\WINDOWS\system32\usbui.dll 2008-08-14 12:26:50 ----SHD---- C:\WINDOWS\Installer 2008-08-14 12:26:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-08-14 12:26:49 ----A---- C:\WINDOWS\ODBCINST.INI 2008-08-14 12:26:46 ----RD---- C:\Program Files 2008-08-14 12:26:46 ----D---- C:\Program Files\Fichiers communs 2008-08-14 12:26:43 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2008-08-14 12:26:43 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2008-08-14 12:26:43 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdur.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdru.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2008-08-14 12:26:40 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdest.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdro.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\spxcoins.dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\irclass.dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\dgsetup.dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2008-08-14 12:26:34 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2008-08-14 12:26:34 ----A---- C:\WINDOWS\TASKMAN.EXE 2008-08-14 12:26:34 ----A---- C:\WINDOWS\system32\batt.dll 2008-08-14 12:26:34 ----A---- C:\WINDOWS\NOTEPAD.EXE 2008-08-14 12:26:31 ----A---- C:\WINDOWS\system32\storprop.dll 2008-08-14 12:26:25----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini 2008-08-14 12:25:15 ----RA---- C:\WINDOWS\SET2A.tmp 2008-08-14 12:25:14 ----RA---- C:\WINDOWS\SET29.tmp 2008-08-14 12:24:42 ----RA---- C:\WINDOWS\SET8.tmp 2008-08-14 12:24:40 ----RA---- C:\WINDOWS\SET4.tmp 2008-08-14 12:24:39 ----RA---- C:\WINDOWS\SET3.tmp 2008-08-14 12:24:35 ----D---- C:\WINDOWS\system32\CatRoot2 2008-08-14 12:24:35 ----D---- C:\WINDOWS\system32\CatRoot 2008-08-14 12:24:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-08-14 12:24:13 ----SHD---- C:\System Volume Information 2008-08-14 12:24:13 ----D---- C:\Documents and Settings 2008-08-14 12:23:16 ----SH---- C:\boot.ini 2008-08-14 12:17:56 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-08-14 12:17:56 ----RSD---- C:\WINDOWS\Fonts 2008-08-14 12:17:56 ----RD---- C:\WINDOWS\Web 2008-08-14 12:17:56 ----HD---- C:\WINDOWS\inf 2008-08-14 12:17:56 ----D---- C:\WINDOWS\WinSxS 2008-08-14 12:17:56 ----D---- C:\WINDOWS\twain_32 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Temp 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\wins 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\wbem 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\usmt 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\spool 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\ShellExt 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\Setup 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\ras 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\oobe 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\npp 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\mui 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\inetsrv 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\IME 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\icsxml 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\ias 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\export 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\drivers 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\dhcp 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\config 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\3com_dmi 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\3076 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\2052 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1054 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1042 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1041 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1037 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1036 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1033 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1031 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1028 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1025 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system 2008-08-14 12:17:56 ----D---- C:\WINDOWS\security 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Resources 2008-08-14 12:17:56 ----D---- C:\WINDOWS\repair 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Provisioning 2008-08-14 12:17:56 ----D---- C:\WINDOWS\PeerNet 2008-08-14 12:17:56 ----D---- C:\WINDOWS\pchealth 2008-08-14 12:17:56 ----D---- C:\WINDOWS\mui 2008-08-14 12:17:56 ----D---- C:\WINDOWS\msapps 2008-08-14 12:17:56 ----D---- C:\WINDOWS\msagent 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Media 2008-08-14 12:17:56 ----D---- C:\WINDOWS\java 2008-08-14 12:17:56 ----D---- C:\WINDOWS\ime 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Help 2008-08-14 12:17:56 ----D---- C:\WINDOWS\ehome 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Driver Cache 2008-08-14 12:17:56 ----D---- C:\WINDOWS\dell 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Debug 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Cursors 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Connection Wizard 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Config 2008-08-14 12:17:56 ----D---- C:\WINDOWS\AppPatch 2008-08-14 12:17:56 ----D---- C:\WINDOWS\addins 2008-08-14 12:17:56 ----D---- C:\WINDOWS 2008-08-14 11:20:52 ----SHD---- C:\RECYCLER 2008-08-14 11:15:11 ----D---- C:\WINDOWS\system32\NtmsData 2008-08-14 10:48:23 ----A---- C:\WINDOWS\txp-lcn.ini 2008-08-14 08:06:23 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Identities 2008-08-14 08:06:21 ----HD---- C:\Program Files\Uninstall Information 2008-08-14 08:06:06 ----SD---- C:\Documents and Settings\Jean-Marie\Application Data\Microsoft 2008-08-14 08:06:06 ----ASH---- C:\Documents and Settings\Jean-Marie\Application Data\desktop.ini 2008-08-14 08:04:57 ----D---- C:\WINDOWS\SoftwareDistribution 2008-08-14 08:04:56 ----D---- C:\WINDOWS\Prefetch 2008-08-14 08:04:50 ----SD---- C:\WINDOWS\system32\Microsoft 2008-08-14 08:04:50 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-08-14 07:54:59 ----D---- C:\WINDOWS\system32\xircom 2008-08-14 07:54:59 ----D---- C:\Program Files\xerox 2008-08-14 07:54:59 ----D---- C:\Program Files\microsoft frontpage 2008-08-14 07:54:37 ----HD---- C:\WINDOWS\$hf_mig$ 2008-08-14 07:54:26 ----A---- C:\WINDOWS\control.ini 2008-08-14 07:54:26 ----A---- C:\AUTOEXEC.BAT 2008-08-14 07:54:15 ----A---- C:\WINDOWS\system32\mapi32.dll 2008-08-14 07:53:30 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-08-14 07:53:30 ----RD---- C:\WINDOWS\Offline Web Pages 2008-08-14 07:53:30 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-08-14 07:53:25 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-08-14 07:53:22 ----HD---- C:\Program Files\WindowsUpdate 2008-08-14 07:53:19 ----D---- C:\Program Files\Services en ligne 2008-08-14 07:53:07 ----D---- C:\WINDOWS\system32\DirectX 2008-08-14 07:52:53 ----A---- C:\WINDOWS\system32\atrace.dll 2008-08-14 07:52:51 ----A---- C:\WINDOWS\system32\desktop.ini 2008-08-14 07:52:51 ----A---- C:\WINDOWS\desktop.ini 2008-08-14 07:52:46 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-08-14 07:52:45 ----A---- C:\WINDOWS\system32\acctres.dll 2008-08-14 07:52:43 ----SD---- C:\WINDOWS\Tasks 2008-08-14 07:52:43 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-08-14 07:52:39 ----D---- C:\WINDOWS\system32\Macromed 2008-08-14 07:52:39 ----D---- C:\WINDOWS\srchasst 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wups.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2008-08-14 07:52:33 ----D---- C:\Program Files\Movie Maker 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-08-14 07:52:28 ----A---- C:\WINDOWS\system32\fltMc.exe 2008-08-14 07:52:28 ----A---- C:\WINDOWS\system32\fltlib.dll 2008-08-14 07:52:27 ----D---- C:\WINDOWS\system32\Restore 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\srclient.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\ils.dll 2008-08-14 07:52:26 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-08-14 07:52:26 ----A---- C:\WINDOWS\system32\msconf.dll 2008-08-14 07:52:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-08-14 07:52:24 ----D---- C:\Program Files\NetMeeting 2008-08-14 07:52:24 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-08-14 07:52:24 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-08-14 07:52:23 ----A---- C:\WINDOWS\system32\inetres.dll 2008-08-14 07:52:23 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-08-14 07:52:22 ----D---- C:\Program Files\Outlook Express 2008-08-14 07:52:22 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-08-14 07:52:22 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-08-14 07:52:22 ----A---- C:\WINDOWS\system32\mstask.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\isign32.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-08-14 07:52:17 ----D---- C:\Program Files\Internet Explorer 2008-08-14 07:51:51 ----D---- C:\Program Files\ComPlus Applications 2008-08-14 07:51:50 ----A---- C:\WINDOWS\vbaddin.ini 2008-08-14 07:51:50 ----A---- C:\WINDOWS\vb.ini 2008-08-14 07:51:47 ----D---- C:\WINDOWS\Registration 2008-08-14 07:51:42 ----D---- C:\Program Files\Windows Media Player 2008-08-14 07:51:42 ----D---- C:\Program Files\Online Services 2008-08-14 07:51:35 ----D---- C:\Program Files\MSN Gaming Zone 2008-08-14 07:51:35 ----A---- C:\WINDOWS\system32\write.exe 2008-08-14 07:51:29 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\winchat.exe 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\hticons.dll 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\avwav.dll 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-08-14 07:51:23 ----A---- C:\WINDOWS\system32\getuname.dll 2008-08-14 07:51:23 ----A---- C:\WINDOWS\system32\charmap.exe 2008-08-14 07:51:23 ----A---- C:\WINDOWS\system32\calc.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\winmine.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tskill.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tscon.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\sol.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\reset.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\freecell.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\shadow.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\regini.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\msg.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\logoff.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\stclient.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-08-14 07:51:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-08-14 07:51:08 ----D---- C:\Program Files\Windows NT 2008-08-14 07:51:08 ----A---- C:\WINDOWS\system32\spider.exe 2008-08-14 07:51:08 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-08-14 07:51:08 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-08-14 07:51:06 ----D---- C:\WINDOWS\system32\MsDtc 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\termsrv.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-08-14 07:51:05 ----D---- C:\WINDOWS\system32\Com 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\colbact.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\comuid.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\cmprops.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nwiz.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwssr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwss.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrses.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwimg.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwddi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvshell.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrszht.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrstr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsth.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrssv.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrssl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrssk.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsru.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrspt.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrspl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsno.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsko.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsja.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsit.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrshu.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrshe.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrses.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrseng.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsel.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsde.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsda.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrscs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsar.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmobls.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmctray.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccss.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nview.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvgames.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvdisps.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcuda.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcplui.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcpl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcolor.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcodins.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcod.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvappbar.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvapi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\keystone.exe 2008-07-15 16:35:42 ----RA---- C:\WINDOWS\system32\instwdm.ini 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-11 16:22:30 ----RA---- C:\WINDOWS\system32\ctzapxx.ini 2008-07-11 15:50:28 ----A---- C:\WINDOWS\system32\CtxfiRes.dll 2008-07-11 15:46:46 ----A---- C:\WINDOWS\system32\Ct20xspi.dll List of drivers R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216] R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768] R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2006-07-24 9341] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2006-03-18 26844] R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944] R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176] R2 MBAMDrvService;MBAMDrvService; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-08-15 44384] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-12-04 329901] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-12-04 30459] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-12-04 863402] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-12-04 47907] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-12-04 67672] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-05-24 502272] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-05-24 499584] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-05-24 7168] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-05-24 143872] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-05-24 78336] R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728] R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-05-24 1110016] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-02 6121856] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-05-24 116224] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-03-01 90496] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 a7ljtinw;a7ljtinw; C:\WINDOWS\system32\drivers\a7ljtinw.sys [] S3 CrystalSysInfo;CrystalSysInfo; \??\E:\Program Files\OCCT\SysInfo.sys [] S3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2006-05-24 158720] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-11-10 340704] S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2006-05-24 1170432] S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2006-05-24 61952] S3 driverhardwarev2;driverhardwarev2; \??\E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 HidBatt;Pilote de batterie onduleur HID; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2001-08-17 19200] S3 RivaTuner32;RivaTuner32; \??\E:\Program Files\RivaTuner v2.0 Final Release\RivaTuner32.sys [] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] List of services R2 a2free;a-squared Free Service; E:\Program Files\a-squared Free\a2service.exe [2008-09-11 380536] R2 AcrSch2Svc;Acronis Scheduler2 Service; E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe [2007-10-30 427288] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-11-29 266295] R2 Diskeeper;Diskeeper; E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936] R2 ekrn;Eset Service; E:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224] R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408] R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408] R2 LBTServ;Logitech Bluetooth Service; E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360] R2 MBAMService;MBAMService; E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-09-10 110256] R2 MGE Service module;MGE Service module; E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe [2007-01-23 126976] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-02 163908] R2 TryAndDecideService;Acronis Try And Decide Service; E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-30 492720] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336] S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341] S3 EhttpSrv;Eset HTTP Server; E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200] S3 maconfservice;Ma-Config Service; E:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 191656] S3 NBService;NBService; E:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144] S3 NMIndexingService;NMIndexingService; E:\Program Files\Fichiers Communs\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-08-14 354560] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF-----------------
- le 22 septembre 2008
- 9 réponses
Analyse des Rapports HiJackThis et MBAM

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Bonjour Thanos, Je viens d'exécuter la ligne de commande que tu m'as donnée. Voici, à suivre, le fichier .txt sous la racine de C:. A l'usage, je n'ai pas constaté de comportement différent de mon PC ... Est-ce que tu peux m'expliquer le but de cette manipulation, s'il te plaît ? A Plus tard. Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\scrfile] @="Écran de veille" [HKEY_CLASSES_ROOT\scrfile\shell] [HKEY_CLASSES_ROOT\scrfile\shell\config] @="C&onfigurer" [HKEY_CLASSES_ROOT\scrfile\shell\config\command] @="\"%1\"" [HKEY_CLASSES_ROOT\scrfile\shell\install] @="Ins&taller" [HKEY_CLASSES_ROOT\scrfile\shell\install\command] @="rundll32.exe desk.cpl,InstallScreenSaver %l" [HKEY_CLASSES_ROOT\scrfile\shell\open] @="T&ester" [HKEY_CLASSES_ROOT\scrfile\shell\open\command] @="\"%1\" /S" [HKEY_CLASSES_ROOT\scrfile\shellex] [HKEY_CLASSES_ROOT\scrfile\shellex\DropHandler] @="{86C86720-42A0-1069-A2E8-08002B30309D}"
- le 20 septembre 2008
- 9 réponses
Analyse des Rapports HiJackThis et MBAM

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Bonsoir Thanos, Désolé aussi pour le retard dans ma réponse ! J'exécuterai la ligne de commande que tu donnes dès demain. Je dois dire que je suis très satisfait du logiciel MalWareBytes auquel j'ai adjoint les services de A-Squared dans sa version gratuite. Depuis le nettoyage en règle que j'ai effectué au début du mois, plus de problème de Trojans et autres vermines. Seuls quelques mouchards de navigation que je balaie chaque matin avec l'aide de A-Squared. Bien que rasséréné grâce aux lignes de défense installées sur mon système, je reste vigilant. A demain ...
- le 19 septembre 2008
- 9 réponses
Analyse des Rapports HiJackThis et MBAM

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Hello Thanos, C'est une bonne nouvelle. Ce matin, j'ai uploadé le fichier "cttele32.dll" sur le site virustotal.com. RAS. Voici le résultat de l'analyse : Analyse du fichier inconnu Renseignement pris sur Google, CTtele provient de Creative Technology Ltd (une histoire de serveur proxy ?). Sur ton conseil, j'ai relancé une analyse en profondeur de mon système à l'aide de MalWareBytes. J'ajoute le log à la suite du message ... La donnée de registre infectée semble être un "Faux Positif" ? D'après toi ? Aussi, pourrais-tu éclairer ma lanterne au sujet des FPs ? Peut-être à l'aide d'un lien vers une rubrique de Zébulon. A l'avenir, faut-il que je laisse MBAM nettoyer systématiquement tout ce qu'il détecte ? Même quand le registre d'XP est concerné ? J'avoue que je ne suis pas très chaud à cette perspective. Encore merci pour ta généreuse et précieuse aide. Log de MBAM Malwarebytes' Anti-Malware 1.27 Database version: 1131 Windows 5.1.2600 Service Pack 2 09/09/2008 13:01:46 mbam-log-2008-09-09 (13-01-38).txt Scan type: Full Scan (C:\|E:\|) Objects scanned: 94072 Time elapsed: 9 minute(s), 34 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
- le 9 septembre 2008
- 9 réponses
Analyse des Rapports HiJackThis et MBAM

BapZeMagnific a répondu à un(e) sujet de BapZeMagnific dans Analyses et éradication malwares

Merci pour ton aide Thanos. Je n'ai pas touché aux trois ligne 017 données dans le rapport HiJackThis. (Encore heureux !) Oui, je laisse faire à MBAM le nettoyage des RootKits et autres malfaisants. J'avais simplement vu qu'il existait une mise à jour de ce driver, éliminant la menace. C:\WINDOWS\system32\drivers\secdrv.sys (Rootkit.Agent) Je l'ai téléchargée mais ça ne donne rien de probant. Dans le doute, je laisserai au logiciel anti malwares le soin de s'en occuper. (Je viens d'acheter la licence de MBAM pour pouvoir en activer la protection. En remplacement d'AVG, il a l'air très efficace et il est rapide) Comme tu me l'as conseillé, j'ai téléchargé et installé RSIT. Je livre à ton analyse les deux logs. D'abord, le très complet fichier .txt : Logfile of random's system information tool (written by random/random) Run by Jean-Marie at 2008-09-08 13:19:04 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 16 GB (70%) free of 22 GB Total RAM: 3326 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:19:08, on 08/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\CTHELPER.EXE E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe E:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE E:\Program Files\Spamihilator\spamihilator.exe E:\Program Files\Winamp\winampa.exe E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe E:\Program Files\Babylon\Babylon.exe C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\system32\RUNDLL32.EXE E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe E:\Program Files\Logitech\SetPoint\LBTWiz.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Club-Internet\Lanceur\lanceur.exe E:\Program Files\ESET\ESET Smart Security\ekrn.exe E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe E:\Program Files\MGE\PersonalSolutionPac\PCtl.exe E:\Program Files\Fichiers Communs\Logishrd\KHAL2\KHALMNPR.EXE E:\Program Files\MGE\PersonalSolutionPac\BIL.EXE E:\Program Files\MGE\PersonalSolutionPac\CILRS232.EXE E:\Program Files\MGE\PersonalSolutionPac\CILUSB.EXE E:\Program Files\EssentialPIM Pro\EssentialPIM.exe E:\Program Files\EssentialPIM Pro\EssentialPIM.exe E:\Program Files\HD Tune\HDTune.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe I:\SOFTWARES\Tester & Piloter\Test\EVEREST Ultimate Edition 2006\Everest Ultimate Edition 2006 Build 3.00.630 Final\everest.bin E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\Mozilla Thunderbird\thunderbird.exe I:\SOFTWARES\Nettoyer\RSIT.exe E:\Program Files\Trend Micro\HijackThis\Jean-Marie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers Communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [spamihilator] "E:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [pspNetSystray] E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe O4 - HKLM\..\Run: [babylon Client] E:\Program Files\Babylon\Babylon.exe -AutoStart O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - User Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O15 - Trusted Zone: http://www.bitdefender.fr O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2...15105/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CS1\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CS2\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - E:\Program Files\Fichiers Communs\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Diskeeper - Diskeeper Corporation - E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MGE Service module - Unknown owner - E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers Communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: Onduleur (UPS) - Unknown owner - C:\WINDOWS\System32\ups2.exe (file missing) -- End of file - 10360 bytes Scheduled tasks folder C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job Registry dump [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - E:\Program Files\Fichiers Communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - E:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864] "AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152] "CTHelper"=C:\WINDOWS\CTHELPER.EXE [2006-05-24 17920] "UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112] "egui"=E:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072] "Spamihilator"=E:\Program Files\Spamihilator\spamihilator.exe [2008-04-21 1081856] "WinampAgent"=E:\Program Files\Winamp\winampa.exe [2008-07-09 36352] "pspNetSystray"=E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe [2007-01-23 1208320] "Babylon Client"=E:\Program Files\Babylon\Babylon.exe [2005-06-27 2433086] "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2008-07-11 19968] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048] "nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-08-02 1657376] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-08-02 86016] "SunJavaUpdateSched"=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304] "Bluetooth Connection Assistant"=LBTWIZ.EXE -silent [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe [2007-02-06 1953792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedhlp.exe [2007-10-30 140568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] E:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-30 909208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Fichiers Communs\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] E:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] E:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] E:\Program Files\Fichiers Communs\InstallShield\UpdateService\issch.exe [2005-02-17 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] E:\Program Files\Fichiers Communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder] E:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] E:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] E:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-30 2595616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] E:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] E:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Jean-Marie^Menu Démarrer^Programmes^Démarrage^HDDlife.lnk] E:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SCardSvr"=3 "ERSvc"=2 "WebClient"=2 "upnphost"=3 "SSDPSRV"=3 "seclogon"=2 "RSVP"=3 "RemoteRegistry"=2 "RDSessMgr"=3 "PolicyAgent"=2 "NtLmSsp"=3 "Netlogon"=3 "MSDTC"=3 "mnmsrvc"=3 "LmHosts"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Logitech SetPoint.lnk - E:\Program Files\Logitech\SetPoint\SetPoint.exe I:\Documents and Settings\Jean-Marie\Menu Démarrer\Programmes\Démarrage Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] e:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "undockwithoutlogon"=1 "ShutdownWithoutLogon"=1 "NoDispCPL"=0 "NoDispSettingsPage"=0 "NoDispScrSavPage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "E:\Program Files\ma-config.com\maconfservice.exe"="E:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32" "E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="E:\Program Files\GAMES\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d2a1b27-6d23-11dd-96c5-001a4d56718a}] shell\AutoRun\command - L:\LaunchU3.exe -a File associations .reg - open - regedit.exe "%1" %* .scr - open - "%1" %* List of files/folders created in the last three months 2008-09-08 13:19:04 ----D---- C:\rsit 2008-09-06 08:56:48 ----D---- C:\WINDOWS\AU_Temp 2008-09-01 21:25:01 ----D---- C:\Program Files\Apple Software Update 2008-09-01 21:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2008-09-01 13:54:32 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Apple Computer 2008-09-01 11:25:08 ----D---- C:\WINDOWS\system32\Futuremark 2008-09-01 11:25:07 ----D---- E:\Program Files\Fichiers Communs\Futuremark Shared 2008-08-31 15:50:21 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Malwarebytes 2008-08-31 15:50:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-31 09:35:40 ----A---- C:\WINDOWS\ChssBase.ini 2008-08-31 08:35:21 ----A---- C:\WINDOWS\system32\CSVer.dll 2008-08-30 22:22:11 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-08-30 10:13:07 ----D---- C:\WINDOWS\BDOSCAN8 2008-08-30 09:27:42 ----D---- C:\WINDOWS\report 2008-08-30 09:27:17 ----D---- C:\WINDOWS\AU_Backup 2008-08-30 09:27:16 ----A---- C:\WINDOWS\tsc.ini 2008-08-30 09:27:15 ----A---- C:\WINDOWS\vsapi32.dll 2008-08-30 09:27:15 ----A---- C:\WINDOWS\TSC.exe 2008-08-30 09:27:15 ----A---- C:\WINDOWS\hcextoutput.dll 2008-08-30 09:27:15 ----A---- C:\WINDOWS\BPMNT.dll 2008-08-30 09:26:35 ----A---- C:\WINDOWS\GetServer.ini 2008-08-30 09:26:34 ----D---- C:\WINDOWS\AU_Log 2008-08-30 09:26:32 ----A---- C:\WINDOWS\TMUPDATE.DLL 2008-08-30 09:26:31 ----A---- C:\WINDOWS\UNZIP.DLL 2008-08-30 09:26:31 ----A---- C:\WINDOWS\PATCH.EXE 2008-08-29 12:52:38 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2008-08-29 12:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd 2008-08-29 12:51:05 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Logitech 2008-08-29 12:50:28 ----A---- C:\WINDOWS\system32\BtCoreIf.dll 2008-08-29 12:50:27 ----A---- C:\WINDOWS\system32\LBTCoIns.DLL 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\KemXML.dll 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\KemWnd.dll 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\KemUtil.dll 2008-08-29 12:50:26 ----A---- C:\WINDOWS\system32\kemutb.dll 2008-08-29 12:50:15 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2008-08-29 12:50:12 ----D---- E:\Program Files\Fichiers Communs\Logishrd 2008-08-29 12:49:05 ----A---- C:\WINDOWS\system32\btw_ci.dll 2008-08-29 12:49:01 ----D---- C:\Program Files\WIDCOMM 2008-08-28 23:05:26 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Command & Conquer 3 La Fureur de Kane 2008-08-28 22:55:36 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\DAEMON Tools Pro 2008-08-26 21:54:31 ----D---- C:\WINDOWS\SxsCaPendDel 2008-08-26 21:44:04 ----RHD---- C:\Documents and Settings\Jean-Marie\Application Data\SecuROM 2008-08-26 21:44:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-08-26 18:05:19 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Command & Conquer 3 Les guerres du Tiberium 2008-08-26 13:35:48 ----D---- C:\WINDOWS\Sun 2008-08-26 13:35:48 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Sun 2008-08-26 13:35:28 ----A---- C:\WINDOWS\system32\javaws.exe 2008-08-26 13:35:28 ----A---- C:\WINDOWS\system32\javaw.exe 2008-08-26 13:35:28 ----A---- C:\WINDOWS\system32\java.exe 2008-08-26 13:34:42 ----D---- E:\Program Files\Fichiers Communs\Java 2008-08-25 23:19:53 ----A---- C:\WINDOWS\NAVIGMA.INI 2008-08-25 23:17:20 ----D---- E:\Program Files\Fichiers Communs\Micro Application Shared 2008-08-25 22:48:04 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\URSoft 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2008-08-25 21:22:24 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2008-08-25 21:22:23 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2008-08-25 21:22:23 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2008-08-25 21:22:22 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2008-08-25 21:22:21 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2008-08-25 21:22:21 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2008-08-25 21:22:21 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2008-08-25 21:22:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2008-08-25 21:22:19 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2008-08-25 21:22:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2008-08-25 21:22:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2008-08-25 21:22:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2008-08-25 21:22:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2008-08-25 21:22:16 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2008-08-25 21:22:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2008-08-25 21:22:14 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2008-08-25 21:22:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2008-08-25 21:22:12 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2008-08-25 21:22:12 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2008-08-25 21:22:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2008-08-25 21:22:11 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2008-08-25 21:22:11 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2008-08-25 21:22:10 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2008-08-25 21:21:51 ----D---- C:\WINDOWS\Logs 2008-08-25 20:47:08 ----A---- C:\WINDOWS\NeroDigital.ini 2008-08-25 19:59:56 ----SHD---- C:\Diskeeper 2008-08-25 19:57:28 ----D---- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation 2008-08-25 19:55:52 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2008-08-25 19:12:37 ----D---- C:\WINDOWS\system32\AGEIA 2008-08-25 19:12:37 ----D---- C:\Program Files\AGEIA Technologies 2008-08-25 19:12:13 ----D---- C:\WINDOWS\nview 2008-08-25 19:12:13 ----A---- C:\WINDOWS\system32\nvudisp.exe 2008-08-25 19:11:33 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2008-08-25 19:08:31 ----D---- E:\Program Files\Fichiers Communs\Creative Labs Shared 2008-08-25 19:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Creative Labs 2008-08-25 19:08:01 ----A---- C:\WINDOWS\system32\cttele32.dll 2008-08-25 18:51:38 ----D---- C:\WINDOWS\system32\appmgmt 2008-08-25 18:13:29 ----A---- C:\WINDOWS\system32\AppSetup.exe 2008-08-25 10:35:04 ----D---- C:\WINDOWS\NV31402804.TMP 2008-08-25 10:29:08 ----HD---- C:\WINDOWS\system32\GroupPolicy 2008-08-25 09:05:17 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-08-23 13:46:30 ----D---- E:\Program Files\Fichiers Communs\Canon 2008-08-23 13:41:45 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Canon 2008-08-23 11:28:09 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-08-23 11:28:07 ----A---- C:\WINDOWS\system32\CNMVS7M.DLL 2008-08-23 11:28:07 ----A---- C:\WINDOWS\system32\CNMLM7M.DLL 2008-08-23 11:27:12 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\ScanSoft 2008-08-23 11:27:10 ----D---- C:\Documents and Settings\All Users\Application Data\SSScanWizard 2008-08-23 11:27:10 ----D---- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2008-08-23 11:27:10 ----A---- C:\WINDOWS\MAXLINK.INI 2008-08-23 11:26:50 ----D---- E:\Program Files\Fichiers Communs\ScanSoft Shared 2008-08-23 11:25:51 ----A---- C:\WINDOWS\PCDLIB32.DLL 2008-08-23 11:24:28 ----A---- C:\WINDOWS\system32\MFC71.dll 2008-08-23 11:24:24 ----A---- C:\WINDOWS\IsUn040c.exe 2008-08-23 11:23:56 ----HD---- C:\WINDOWS\system32\CanonMP Uninstaller Information 2008-08-23 11:23:52 ----A---- C:\WINDOWS\system32\cncisco.dll 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCL800.DLL 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCI800.DLL 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCC800.DLL 2008-08-23 11:23:51 ----A---- C:\WINDOWS\system32\CNCA800.DLL 2008-08-23 11:23:46 ----HD---- C:\CanonMP 2008-08-23 11:21:58 ----D---- C:\Program Files\Canon 2008-08-22 10:58:10 ----A---- C:\WINDOWS\system32\ptpusb.dll 2008-08-22 10:58:09 ----A---- C:\WINDOWS\system32\ptpusd.dll 2008-08-22 09:38:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2008-08-22 05:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2008-08-18 22:34:23 ----SHD---- C:\WINDOWS\ftpcache 2008-08-18 22:33:38 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\U3 2008-08-18 22:25:28 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Ahead 2008-08-18 22:23:54 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2008-08-18 22:23:53 ----D---- E:\Program Files\Fichiers Communs\Ahead 2008-08-18 22:11:19 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2008-08-18 22:11:18 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2008-08-18 20:12:55 ----A---- C:\WINDOWS\system32\MRT.exe 2008-08-18 09:03:57 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\SoundSpectrum 2008-08-18 09:02:10 ----D---- C:\Program Files\SoundSpectrum 2008-08-17 23:40:10 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon 2008-08-17 23:38:40 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Babylon 2008-08-17 23:17:58 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro 2008-08-17 23:17:43 ----A---- C:\WINDOWS\system32\BASSMOD.dll 2008-08-16 21:35:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2008-08-16 21:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2008-08-16 21:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2008-08-16 21:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$ 2008-08-16 21:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2008-08-16 21:34:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$ 2008-08-16 21:34:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2008-08-16 21:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2008-08-16 21:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$ 2008-08-16 21:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2008-08-16 21:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2008-08-16 21:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$ 2008-08-16 21:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2008-08-16 21:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$ 2008-08-16 21:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2008-08-16 21:33:32 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2008-08-16 21:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2008-08-16 21:29:05 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Adobe 2008-08-16 19:59:42 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Talkback 2008-08-16 19:59:26 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Thunderbird 2008-08-16 19:54:08 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Macromedia 2008-08-16 19:53:39 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2008-08-16 19:51:01 ----D---- C:\WINDOWS\system32\PreInstall 2008-08-16 19:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2008-08-16 19:47:00 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Mozilla 2008-08-16 19:37:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-08-16 16:17:44 ----HD---- C:\WINDOWS\PIF 2008-08-16 15:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$ 2008-08-16 15:28:14 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-08-16 15:28:10 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-08-16 15:27:58 ----D---- C:\Program Files\Windows Media Connect 2 2008-08-16 15:27:52 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-08-16 15:27:27 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-08-16 15:27:10 ----D---- C:\WINDOWS\system32\LogFiles 2008-08-16 15:27:06 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-08-16 15:27:05 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-08-16 15:26:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-08-16 15:19:51 ----A---- C:\WINDOWS\system32\oeminfo.ini 2008-08-16 15:13:47 ----A---- C:\WINDOWS\ODBC.INI 2008-08-16 15:13:17 ----D---- E:\Program Files\Fichiers Communs\Designer 2008-08-16 15:12:51 ----D---- C:\WINDOWS\ShellNew 2008-08-16 15:12:50 ----D---- E:\Program Files\Fichiers Communs\ODBC 2008-08-16 15:07:07 ----A---- C:\WINDOWS\system32\wpa.bak 2008-08-16 14:15:34 ----A---- C:\WINDOWS\system32\hidserv.dll 2008-08-15 21:21:44 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\IrfanView 2008-08-15 21:16:12 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis 2008-08-15 21:15:38 ----D---- E:\Program Files\Fichiers Communs\Acronis 2008-08-15 21:06:47 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Help 2008-08-15 16:56:26 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-15 16:53:52 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\WinRAR 2008-08-15 16:52:15 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-08-15 16:52:10 ----D---- E:\Program Files\Fichiers Communs\Adobe 2008-08-15 16:44:56 ----A---- C:\WINDOWS\system32\everest_cpl.ini 2008-08-15 16:39:26 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\vxblock.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxwave.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxsfs.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxmas.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxinsa64.exe 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxhpinst.exe 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxdrv.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxcpya64.exe 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\pxafs.dll 2008-08-15 16:22:00 ----N---- C:\WINDOWS\system32\px.dll 2008-08-15 16:21:58 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Winamp 2008-08-15 16:06:42 ----D---- C:\Program Files\Club-Internet 2008-08-15 16:03:33 ----D---- C:\Program Files\Spamihilator 2008-08-15 15:57:14 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\ESET 2008-08-15 15:56:38 ----D---- C:\Documents and Settings\All Users\Application Data\ESET 2008-08-15 15:42:52 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\EssentialPIM Pro 2008-08-14 22:16:10 ----D---- C:\WINDOWS\pss 2008-08-14 21:52:16 ----N---- C:\WINDOWS\Ctregrun.exe 2008-08-14 21:51:59 ----N---- C:\WINDOWS\Updreg.EXE 2008-08-14 21:51:16 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-08-14 21:51:13 ----A---- C:\WINDOWS\system32\wrap_oal.dll 2008-08-14 21:51:13 ----A---- C:\WINDOWS\system32\OpenAL32.dll 2008-08-14 21:51:10 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Creative 2008-08-14 21:50:42 ----D---- C:\WINDOWS\system32\Data 2008-08-14 21:50:42 ----A---- C:\WINDOWS\CTDCRFRN.DLL 2008-08-14 21:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\Creative 2008-08-14 21:49:05 ----D---- C:\Program Files\Creative 2008-08-14 21:32:28 ----D---- C:\Program Files\Gigabyte 2008-08-14 21:32:28 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2008-08-14 21:30:51 ----R---- C:\WINDOWS\system32\JMRaidAPI.dll 2008-08-14 21:30:50 ----R---- C:\WINDOWS\system32\JMRaidSetup.exe 2008-08-14 21:30:45 ----D---- C:\WINDOWS\JM 2008-08-14 21:30:33 ----D---- E:\Program Files\Fichiers Communs\InstallShield 2008-08-14 21:29:59 ----D---- C:\WINDOWS\OPTIONS 2008-08-14 21:29:59 ----D---- C:\Program Files\Realtek 2008-08-14 21:29:58 ----HD---- C:\Program Files\InstallShield Installation Information 2008-08-14 21:29:51 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\InstallShield 2008-08-14 21:28:55 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-08-14 21:28:53 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-08-14 21:28:53 ----D---- C:\Program Files\Intel 2008-08-14 21:28:42 ----D---- C:\Intel 2008-08-14 21:22:06 ----HD---- C:\WINDOWS\Icons 2008-08-14 21:07:23 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2008-08-14 21:07:22 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\TuneUp Software 2008-08-14 21:07:22 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2008-08-14 21:07:16 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-08-14 21:04:42 ----D---- E:\Program Files\Fichiers Communs\Wise Installation Wizard 2008-08-14 20:53:13 ----D---- E:\Program Files\Fichiers Communs\system 2008-08-14 20:53:13 ----D---- E:\Program Files\Fichiers Communs\speechengines 2008-08-14 20:53:13 ----D---- E:\Program Files\Fichiers Communs\mssoap 2008-08-14 20:53:11 ----D---- E:\Program Files\Fichiers Communs\microsoft shared 2008-08-14 12:32:44 ----A---- C:\WINDOWS\system32\h323log.txt 2008-08-14 12:27:43 ----A---- C:\WINDOWS\system32\usbui.dll 2008-08-14 12:26:50 ----SHD---- C:\WINDOWS\Installer 2008-08-14 12:26:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-08-14 12:26:49 ----A---- C:\WINDOWS\ODBCINST.INI 2008-08-14 12:26:46 ----RD---- C:\Program Files 2008-08-14 12:26:46 ----D---- C:\Program Files\Fichiers communs 2008-08-14 12:26:43 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2008-08-14 12:26:43 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2008-08-14 12:26:43 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdur.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdru.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2008-08-14 12:26:42 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2008-08-14 12:26:41 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2008-08-14 12:26:40 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2008-08-14 12:26:39 ----RA---- C:\WINDOWS\system32\kbdest.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdro.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2008-08-14 12:26:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\spxcoins.dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\irclass.dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\dgsetup.dll 2008-08-14 12:26:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2008-08-14 12:26:34 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2008-08-14 12:26:34 ----A---- C:\WINDOWS\TASKMAN.EXE 2008-08-14 12:26:34 ----A---- C:\WINDOWS\system32\batt.dll 2008-08-14 12:26:34 ----A---- C:\WINDOWS\NOTEPAD.EXE 2008-08-14 12:26:31 ----A---- C:\WINDOWS\system32\storprop.dll 2008-08-14 12:26:25----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini 2008-08-14 12:25:15 ----RA---- C:\WINDOWS\SET2A.tmp 2008-08-14 12:25:14 ----RA---- C:\WINDOWS\SET29.tmp 2008-08-14 12:24:42 ----RA---- C:\WINDOWS\SET8.tmp 2008-08-14 12:24:40 ----RA---- C:\WINDOWS\SET4.tmp 2008-08-14 12:24:39 ----RA---- C:\WINDOWS\SET3.tmp 2008-08-14 12:24:35 ----D---- C:\WINDOWS\system32\CatRoot2 2008-08-14 12:24:35 ----D---- C:\WINDOWS\system32\CatRoot 2008-08-14 12:24:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-08-14 12:24:13 ----SHD---- C:\System Volume Information 2008-08-14 12:24:13 ----D---- C:\Documents and Settings 2008-08-14 12:23:16 ----SH---- C:\boot.ini 2008-08-14 12:17:56 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-08-14 12:17:56 ----RSD---- C:\WINDOWS\Fonts 2008-08-14 12:17:56 ----RD---- C:\WINDOWS\Web 2008-08-14 12:17:56 ----HD---- C:\WINDOWS\inf 2008-08-14 12:17:56 ----D---- C:\WINDOWS\WinSxS 2008-08-14 12:17:56 ----D---- C:\WINDOWS\twain_32 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Temp 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\wins 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\wbem 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\usmt 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\spool 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\ShellExt 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\Setup 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\ras 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\oobe 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\npp 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\mui 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\inetsrv 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\IME 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\icsxml 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\ias 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\export 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\drivers 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\dhcp 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\config 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\3com_dmi 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\3076 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\2052 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1054 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1042 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1041 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1037 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1036 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1033 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1031 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1028 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32\1025 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system32 2008-08-14 12:17:56 ----D---- C:\WINDOWS\system 2008-08-14 12:17:56 ----D---- C:\WINDOWS\security 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Resources 2008-08-14 12:17:56 ----D---- C:\WINDOWS\repair 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Provisioning 2008-08-14 12:17:56 ----D---- C:\WINDOWS\PeerNet 2008-08-14 12:17:56 ----D---- C:\WINDOWS\pchealth 2008-08-14 12:17:56 ----D---- C:\WINDOWS\mui 2008-08-14 12:17:56 ----D---- C:\WINDOWS\msapps 2008-08-14 12:17:56 ----D---- C:\WINDOWS\msagent 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Media 2008-08-14 12:17:56 ----D---- C:\WINDOWS\java 2008-08-14 12:17:56 ----D---- C:\WINDOWS\ime 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Help 2008-08-14 12:17:56 ----D---- C:\WINDOWS\ehome 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Driver Cache 2008-08-14 12:17:56 ----D---- C:\WINDOWS\dell 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Debug 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Cursors 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Connection Wizard 2008-08-14 12:17:56 ----D---- C:\WINDOWS\Config 2008-08-14 12:17:56 ----D---- C:\WINDOWS\AppPatch 2008-08-14 12:17:56 ----D---- C:\WINDOWS\addins 2008-08-14 12:17:56 ----D---- C:\WINDOWS 2008-08-14 11:20:52 ----SHD---- C:\RECYCLER 2008-08-14 11:15:11 ----D---- C:\WINDOWS\system32\NtmsData 2008-08-14 10:48:23 ----A---- C:\WINDOWS\txp-lcn.ini 2008-08-14 08:06:23 ----D---- C:\Documents and Settings\Jean-Marie\Application Data\Identities 2008-08-14 08:06:21 ----HD---- C:\Program Files\Uninstall Information 2008-08-14 08:06:06 ----SD---- C:\Documents and Settings\Jean-Marie\Application Data\Microsoft 2008-08-14 08:06:06 ----ASH---- C:\Documents and Settings\Jean-Marie\Application Data\desktop.ini 2008-08-14 08:04:57 ----D---- C:\WINDOWS\SoftwareDistribution 2008-08-14 08:04:56 ----D---- C:\WINDOWS\Prefetch 2008-08-14 08:04:50 ----SD---- C:\WINDOWS\system32\Microsoft 2008-08-14 08:04:50 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-08-14 07:54:59 ----D---- C:\WINDOWS\system32\xircom 2008-08-14 07:54:59 ----D---- C:\Program Files\xerox 2008-08-14 07:54:59 ----D---- C:\Program Files\microsoft frontpage 2008-08-14 07:54:37 ----HD---- C:\WINDOWS\$hf_mig$ 2008-08-14 07:54:26 ----A---- C:\WINDOWS\control.ini 2008-08-14 07:54:26 ----A---- C:\AUTOEXEC.BAT 2008-08-14 07:54:15 ----A---- C:\WINDOWS\system32\mapi32.dll 2008-08-14 07:53:30 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-08-14 07:53:30 ----RD---- C:\WINDOWS\Offline Web Pages 2008-08-14 07:53:30 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-08-14 07:53:25 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-08-14 07:53:22 ----HD---- C:\Program Files\WindowsUpdate 2008-08-14 07:53:19 ----D---- C:\Program Files\Services en ligne 2008-08-14 07:53:07 ----D---- C:\WINDOWS\system32\DirectX 2008-08-14 07:52:53 ----A---- C:\WINDOWS\system32\atrace.dll 2008-08-14 07:52:51 ----A---- C:\WINDOWS\system32\desktop.ini 2008-08-14 07:52:51 ----A---- C:\WINDOWS\desktop.ini 2008-08-14 07:52:46 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-08-14 07:52:45 ----A---- C:\WINDOWS\system32\acctres.dll 2008-08-14 07:52:43 ----SD---- C:\WINDOWS\Tasks 2008-08-14 07:52:43 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-08-14 07:52:39 ----D---- C:\WINDOWS\system32\Macromed 2008-08-14 07:52:39 ----D---- C:\WINDOWS\srchasst 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-08-14 07:52:37 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wups.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2008-08-14 07:52:36 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2008-08-14 07:52:33 ----D---- C:\Program Files\Movie Maker 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-08-14 07:52:30 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-08-14 07:52:28 ----A---- C:\WINDOWS\system32\fltMc.exe 2008-08-14 07:52:28 ----A---- C:\WINDOWS\system32\fltlib.dll 2008-08-14 07:52:27 ----D---- C:\WINDOWS\system32\Restore 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\srclient.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-08-14 07:52:27 ----A---- C:\WINDOWS\system32\ils.dll 2008-08-14 07:52:26 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-08-14 07:52:26 ----A---- C:\WINDOWS\system32\msconf.dll 2008-08-14 07:52:26 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-08-14 07:52:24 ----D---- C:\Program Files\NetMeeting 2008-08-14 07:52:24 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-08-14 07:52:24 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-08-14 07:52:23 ----A---- C:\WINDOWS\system32\inetres.dll 2008-08-14 07:52:23 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-08-14 07:52:22 ----D---- C:\Program Files\Outlook Express 2008-08-14 07:52:22 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-08-14 07:52:22 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-08-14 07:52:22 ----A---- C:\WINDOWS\system32\mstask.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\isign32.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-08-14 07:52:21 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-08-14 07:52:17 ----D---- C:\Program Files\Internet Explorer 2008-08-14 07:51:51 ----D---- C:\Program Files\ComPlus Applications 2008-08-14 07:51:50 ----A---- C:\WINDOWS\vbaddin.ini 2008-08-14 07:51:50 ----A---- C:\WINDOWS\vb.ini 2008-08-14 07:51:47 ----D---- C:\WINDOWS\Registration 2008-08-14 07:51:42 ----D---- C:\Program Files\Windows Media Player 2008-08-14 07:51:42 ----D---- C:\Program Files\Online Services 2008-08-14 07:51:35 ----D---- C:\Program Files\MSN Gaming Zone 2008-08-14 07:51:35 ----A---- C:\WINDOWS\system32\write.exe 2008-08-14 07:51:29 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\winchat.exe 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\hticons.dll 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\avwav.dll 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-08-14 07:51:28 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-08-14 07:51:23 ----A---- C:\WINDOWS\system32\getuname.dll 2008-08-14 07:51:23 ----A---- C:\WINDOWS\system32\charmap.exe 2008-08-14 07:51:23 ----A---- C:\WINDOWS\system32\calc.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\winmine.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tskill.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\tscon.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\sol.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\reset.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-08-14 07:51:22 ----A---- C:\WINDOWS\system32\freecell.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\shadow.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\regini.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\msg.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\logoff.exe 2008-08-14 07:51:21 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\stclient.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-08-14 07:51:20 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-08-14 07:51:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-08-14 07:51:09 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-08-14 07:51:08 ----D---- C:\Program Files\Windows NT 2008-08-14 07:51:08 ----A---- C:\WINDOWS\system32\spider.exe 2008-08-14 07:51:08 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-08-14 07:51:08 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-08-14 07:51:07 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-08-14 07:51:06 ----D---- C:\WINDOWS\system32\MsDtc 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\termsrv.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-08-14 07:51:06 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-08-14 07:51:05 ----D---- C:\WINDOWS\system32\Com 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-08-14 07:51:05 ----A---- C:\WINDOWS\system32\colbact.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\comuid.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-08-14 07:51:04 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-08-14 07:50:59 ----A---- C:\WINDOWS\system32\cmprops.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nwiz.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwssr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwss.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrses.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwimg.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvwddi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvshell.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrszht.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrstr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsth.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrssv.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrssl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrssk.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsru.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrspt.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrspl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsno.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsko.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsja.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsit.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrshu.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrshe.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrses.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrseng.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsel.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsde.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsda.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrscs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvrsar.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmobls.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmctray.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccss.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvmccs.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nview.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvgames.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvdisps.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcuda.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcplui.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcpl.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcolor.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcodins.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvcod.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvappbar.exe 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\nvapi.dll 2008-08-02 12:20:00 ----A---- C:\WINDOWS\system32\keystone.exe 2008-08-01 11:05:34 ----A---- C:\WINDOWS\system32\PhysXLoader.dll 2008-07-15 16:35:42 ----A---- C:\WINDOWS\system32\instwdm.ini 2008-07-14 13:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-07-11 16:22:30 ----A---- C:\WINDOWS\system32\ctzapxx.ini 2008-07-11 15:50:28 ----A---- C:\WINDOWS\system32\CtxfiRes.dll 2008-07-11 15:46:46 ----A---- C:\WINDOWS\system32\Ct20xspi.dll 2008-06-11 09:02:34 ----A---- C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll 2008-06-11 09:02:34 ----A---- C:\WINDOWS\system32\AgCPanelSwedish.dll 2008-06-11 09:02:34 ----A---- C:\WINDOWS\system32\AgCPanelSpanish.dll 2008-06-11 09:02:34 ----A---- C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll 2008-06-11 09:02:34 ----A---- C:\WINDOWS\system32\AgCPanelPortugese.dll 2008-06-11 09:02:34 ----A---- C:\WINDOWS\system32\AgCPanelKorean.dll 2008-06-11 09:02:32 ----A---- C:\WINDOWS\system32\AgCPanelJapanese.dll 2008-06-11 09:02:32 ----A---- C:\WINDOWS\system32\AgCPanelGerman.dll 2008-06-11 09:02:32 ----A---- C:\WINDOWS\system32\AgCPanelFrench.dll List of drivers R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216] R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2006-03-18 26844] R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944] R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176] R2 MBAMDrvService;MBAMDrvService; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-08-15 44384] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2006-12-04 329901] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-12-04 30459] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-12-04 863402] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-12-04 47907] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-12-04 67672] R3 CT20XUT.DLL;CT20XUT.DLL; C:\WINDOWS\system32\CT20XUT.DLL [2008-07-15 170520] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2008-07-15 511000] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2008-07-15 527384] R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\WINDOWS\system32\CTEXFIFX.DLL [2008-07-15 1323544] R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\WINDOWS\system32\CTHWIUT.DLL [2008-07-15 72728] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2008-07-15 14360] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2008-07-15 157208] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2008-07-15 92696] R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728] R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\I:\SOFTWARES\Tester & Piloter\Test\EVEREST Ultimate Edition 2006\Everest Ultimate Edition 2006 Build 3.00.630 Final\kerneld.wnt [] R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-07-15 1173016] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-02 6121856] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2008-07-15 127000] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-03-01 90496] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 a3c89e9y;a3c89e9y; C:\WINDOWS\system32\drivers\a3c89e9y.sys [] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2008-07-15 347080] S3 driverhardwarev2;driverhardwarev2; \??\E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 HidBatt;Pilote de batterie onduleur HID; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2001-08-17 19200] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] List of services R2 AcrSch2Svc;Acronis Scheduler2 Service; E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe [2007-10-30 427288] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-11-29 266295] R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792] R2 Diskeeper;Diskeeper; E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936] R2 ekrn;Eset Service; E:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224] R2 LBTServ;Logitech Bluetooth Service; E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360] R2 MBAMService;MBAMService; E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-09-08 110256] R2 MGE Service module;MGE Service module; E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe [2007-01-23 126976] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-02 163908] R2 TryAndDecideService;Acronis Try And Decide Service; E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-30 492720] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336] S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; E:\Program Files\Fichiers Communs\Creative Labs Shared\Service\CTAELicensing.exe [2008-08-25 79360] S3 EhttpSrv;Eset HTTP Server; E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200] S3 maconfservice;Ma-Config Service; E:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 191656] S3 NBService;NBService; E:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144] S3 NMIndexingService;NMIndexingService; E:\Program Files\Fichiers Communs\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-08-14 354560] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF----------------- Puis, le fichier info : info.txt logfile of random's system information tool 2008-09-08 13:19:10 Uninstall list -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->E:\Program Files\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->MsiExec /X{699BAC7F-DC10-4709-97D8-45379301BBE7} -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x40c /remove -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c -->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3DMark06-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly Acronis True Image Home-->MsiExec.exe /X{633A06C3-B709-479A-AAB3-5EE94AD9EE4B} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ArcSoft PhotoStudio 5.5-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c Ashampoo WinOptimizer 4.10-->"E:\Program Files\Ashampoo\Ashampoo WinOptimizer 4\unins000.exe" Babylon-->E:\Program Files\Babylon\Utils\uninstbb.exe Canon Camera Access Library-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Camera Support Core Library-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Camera Window MC 6 for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini" Canon G.726 WMP-Decoder-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini" CANON iMAGE GATEWAY Task-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon MP Navigator 2.0-->"C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini Canon MP800-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{04F9B09E-CDB5-46fc-AC30-2E7E7C7A8A34}\DelDrv.exe" /U:{04F9B09E-CDB5-46fc-AC30-2E7E7C7A8A34} /L0x000c Canon RAW Image Task for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon RemoteCapture Task for ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities Easy-PhotoPrint-->E:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini Canon Utilities PhotoStitch-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities ZoomBrowser EX-->"E:\Program Files\Fichiers Communs\Canon\UIW\1.0.0.0\Uninst.exe" "E:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe" CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A} CD-LabelPrint-->"E:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275} Command & Conquer 3 : La Fureur de Kane-->MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe Creative Audio Console-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove Creative Software AutoUpdate-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove Creative System Information-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove Crysis®-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4} Diskeeper 2008 Pro Premier-->MsiExec.exe /X{4ECCF281-ED79-4EA7-AE89-5E39D3291C2A} DMIView B06.1227.01-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}\setup.exe" -l0x9 -removeonly DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"E:\Program Files\Canon\Easy-WebPrint\Uninst.isu" e-Carte Bleue La Banque Postale-->"C:\Program Files\InstallShield Installation Information\{11B0F8D4-FD80-4800-ABA8-50D28FF769AF}\setup.exe" -runfromtemp -l0x040c -removeonly ESET Smart Security-->MsiExec.exe /I{A1350B64-1AF8-497B-AC07-307DF67FB8D4} EssentialPIM Pro-->E:\Program Files\EssentialPIM Pro\uninstall.exe FoxyTunes for Firefox-->"E:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul Fraps (remove only)-->"E:\Program Files\Fraps\uninstall.exe" Futuremark SystemInfo-->C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly G-Force-->C:\Program Files\SoundSpectrum\G-Force\Uninstall.exe Gigabyte Raid Configurer-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly HD Tune 2.53-->"E:\Program Files\HD Tune\unins000.exe" HijackThis 2.0.2-->"E:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" IrfanView (remove only)-->E:\Program Files\IrfanView\iv_uninstall.exe Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355} Lanceur Club Internet v6-->"C:\Program Files\Club-Internet\Lanceur\uninstall.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly Ma-Config.com-->MsiExec.exe /X{CFF24C43-9C46-4044-9C54-A4D98A3A25FB} Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Micro Application - Print eXtreme 2.0-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE021397-B80E-410B-A0D7-E8A69EC07DBC}\SETUP.EXE" -l0x40c Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Office XP Professional-->MsiExec.exe /I{9211040C-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mozilla Firefox (2.0.0.16)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.16)-->E:\Program Files\Mozilla Thunderbird\uninstall\helper.exe Nero 7 Ultra Edition-->MsiExec.exe /I{6D6C1253-F5A2-4E0C-9070-F3C1176C1036} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI NVIDIA PhysX v8.08.01-->MsiExec.exe /X{699BAC7F-DC10-4709-97D8-45379301BBE7} OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} Personal Solution Pac-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0335E386-9ECB-11D4-BA6E-0020AFBCF620}\setup.exe" PowerISO-->"E:\Program Files\PowerISO\uninstall.exe" PowerQuest PartitionMagic 8.0-->E:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175} REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly Sound Blaster X-Fi-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\SETUP.EXE" -l0x40c /remove Spamihilator-->"E:\Program Files\Spamihilator\uninstall.exe" SpeedFan (remove only)-->"E:\Program Files\SpeedFan\uninstall.exe" TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} Tweak-XP-->MsiExec.exe /X{7CF065E2-7816-4440-9019-034A2285F9DF} Unlocker 1.8.7-->E:\Program Files\Unlocker\uninst.exe Visual C++ CRT 9.0-->MsiExec.exe /I{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B} WhiteCap-->C:\Program Files\SoundSpectrum\WhiteCap\Uninstall.exe WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6} Winamp-->"E:\Program Files\Winamp\UninstWA.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" WinRAR archiver-->E:\Program Files\WinRAR\uninstall.exe Your Uninstaller! 2008 Version 6.0-->"E:\Program Files\Your Uninstaller 2008\unins000.exe" Security center information AV: ESET Smart Security 3.0 FW: ESET Personal firewall Environment variables "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=2 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;E:\PROGRA~1\DISKEE~1\DISKEE~1\;E:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=0f0d "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "windir"=%SystemRoot% "CLASSPATH"=.;E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF-----------------
- le 8 septembre 2008
- 9 réponses
Analyse des Rapports HiJackThis et MBAM

BapZeMagnific a posté un sujet dans Analyses et éradication malwares

Bonjour, A la suite du piratage de mes données bancaires au mois de Juin, j'ai changé de configuration et j'ai mis l'accent sur la sécurité de mon système. Nouveaux pare-feu et antivirus. Scans en ligne et anti malwares. Pourtant, des malwares rodent encore sur mes disques ! A ce message, je joins le dernier rapport HiJackThis. Les trois lignes 017 me semblent étranges et je ne sais pas quoi en faire ? Y aurait-il d'autres problèmes ? Aussi, j'ai effectué un scan de MalWareBytes qui lui me renvoie cinq alertes. Quatre RootKits (des clés du registre d'XP) et un fichier de driver infecté. Je vais effacer ce dernier mais que faire des RootKits dans le registre ? J'ai copié le log de l'anti malwares à la suite du rapport HJT. Pouvez-vous m'aider en analysant ces documents et en me conseillant sur les actions à tenir ? Merci pour votre aide. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:41:33, on 08/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\CTHELPER.EXE E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe E:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE E:\Program Files\Spamihilator\spamihilator.exe E:\Program Files\Winamp\winampa.exe E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe E:\Program Files\Babylon\Babylon.exe C:\WINDOWS\system32\CTXFIHLP.EXE C:\WINDOWS\system32\RUNDLL32.EXE E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe E:\Program Files\Logitech\SetPoint\LBTWiz.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Club-Internet\Lanceur\lanceur.exe E:\Program Files\ESET\ESET Smart Security\ekrn.exe E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe E:\Program Files\MGE\PersonalSolutionPac\PCtl.exe E:\Program Files\Fichiers Communs\Logishrd\KHAL2\KHALMNPR.EXE E:\Program Files\MGE\PersonalSolutionPac\BIL.EXE E:\Program Files\MGE\PersonalSolutionPac\CILRS232.EXE E:\Program Files\MGE\PersonalSolutionPac\CILUSB.EXE E:\Program Files\EssentialPIM Pro\EssentialPIM.exe E:\Program Files\EssentialPIM Pro\EssentialPIM.exe E:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Jean-Marie\Application Data\U3\000015A2DA638085\LaunchPad.exe C:\Documents and Settings\Jean-Marie\Application Data\U3\000015A2DA638085\786EC753-D82C-493A-BF26-67D74AE2D931\Exec\RoboTaskBarIcon.exe E:\Program Files\HD Tune\HDTune.exe C:\Documents and Settings\Jean-Marie\Application Data\U3\000015A2DA638085\1F30627F-0195-44d4-8C24-1999F3C02C50\Exec\AvastU3.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe E:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Fichiers Communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [spamihilator] "E:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [pspNetSystray] E:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe O4 - HKLM\..\Run: [babylon Client] E:\Program Files\Babylon\Babylon.exe -AutoStart O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - User Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O15 - Trusted Zone: http://www.bitdefender.fr O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2...15105/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CS1\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O17 - HKLM\System\CS2\Services\Tcpip\..\{3C5CAC40-23E6-4757-B13A-9E1E69659C5B}: NameServer = 194.117.200.10,194.117.200.15 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers Communs\Acronis\Schedule2\schedul2.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - E:\Program Files\Fichiers Communs\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Diskeeper - Diskeeper Corporation - E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Fichiers Communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MGE Service module - Unknown owner - E:\Program Files\MGE\PersonalSolutionPac\RunSC.exe O23 - Service: NBService - Nero AG - E:\Program Files\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Fichiers Communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - E:\Program Files\Fichiers Communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: Onduleur (UPS) - Unknown owner - C:\WINDOWS\System32\ups2.exe (file missing) -- End of file - 10554 bytes Et le log de MalWareBytes : Malwarebytes' Anti-Malware 1.27 Database version: 1127 Windows 5.1.2600 Service Pack 2 08/09/2008 09:51:22 mbam-log-2008-09-08 (09-49-45).txt Scan type: Quick Scan Objects scanned: 54979 Time elapsed: 2 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\secdrv (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\secdrv (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\secdrv (Rootkit.Agent) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\drivers\secdrv.sys (Rootkit.Agent) -> No action taken.
- le 8 septembre 2008
- 9 réponses

Connexion

BapZeMagnific

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par BapZeMagnific

Reformer un RAID1 de données

Reformer un RAID1 de données

Reformer un RAID1 de données

Reformer un RAID1 de données

Reformer un RAID1 de données

Reformer un RAID1 de données

Reformer un RAID1 de données

Reformer un RAID1 de données

Pour un effacement de fichiers VRAIMENT efficace ...

Reformer un RAID1 de données

Log HiJackThis

Log HiJackThis

Log HiJackThis

Pas de connexion possible à PriceMinister

Pas de connexion possible à PriceMinister

Analyse des Rapports HiJackThis et MBAM

Analyse des Rapports HiJackThis et MBAM

Analyse des Rapports HiJackThis et MBAM

Analyse des Rapports HiJackThis et MBAM

Analyse des Rapports HiJackThis et MBAM

Analyse des Rapports HiJackThis et MBAM

Zebulon

Outils en ligne

Naviguer