lulia

Membres

Afficher le profil Afficher son activité

Compteur de contenus
12
Inscription
le 20 octobre 2008
Dernière visite
le 3 novembre 2008

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par lulia

[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Ca y'est j'ai tout fais...... Je vous remercie de votre aide et surtout de votre patience.....
- le 21 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Voila un premier rapport Malwarebytes' Anti-Malware 1.29 Version de la base de données: 1299 Windows 5.1.2600 Service Pack 3 21/10/2008 11:24:37 mbam-log-2008-10-21 (11-24-36).txt Type de recherche: Examen rapide Eléments examinés: 47760 Temps écoulé: 6 minute(s), 50 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Rapid Antivirus (Rogue.RapidAntivirus) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\rosqxvmn.brga (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:27:58, on 21/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\HJT\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe -- End of file - 5164 bytes
- le 21 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Bonjour angélique, Merci encore pour ton aide..... J'ai bien désinstallé ComboFix et installée Malwarebytes,mais qd j'effectue les mises à jour de celui ci on me demande de vérifier si mon pare feu est paramétré pour autoriser Malwarebytes à accéder à internet???????Comment on fait???????
- le 21 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

J'ai refais le rapport,effectivement il manquait un bon morceau (desolee mais je suis pas du tout douée) Je vous le transfert donc ComboFix 08-10-19.04 - Sandrine 2008-10-20 19:17:39.2 - NTFSx86 Lancé depuis: C:\Documents and Settings\Sandrine\Bureau\ComboFix.exe * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\x . ---- Previous Run ------- . C:\Documents and Settings\Sandrine\Application Data\Adobe\crc.dat C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1] C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]\base.dat C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]\base2.dat C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]\Desc.dat C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]\spline.dat C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus\Rapid Antivirus.ini C:\Program Files\Rapid Antivirus C:\Program Files\Rapid Antivirus\Uninstall.exe C:\WINDOWS\evsw.exe C:\WINDOWS\qrbgltos.dll C:\WINDOWS\system32\1.ico C:\WINDOWS\system32\2.ico C:\WINDOWS\system32\getsn32.dll C:\WINDOWS\system32\msupdte.exe C:\WINDOWS\system32\smwin32.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-20 au 2008-10-20 )))))))))))))))))))))))))))))))))))) . 2008-10-20 17:28 . 2008-10-20 17:28 <REP> d-------- C:\rsit 2008-10-20 15:44 . 2008-10-20 17:44 <REP> d-------- C:\HJT 2008-10-20 10:28 . 2008-10-20 12:06 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-10-17 12:57 . 2008-10-17 12:57 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\Logitech 2008-10-17 12:42 . 2008-10-19 14:27 <REP> d-------- C:\Program Files\MUSICMATCH 2008-10-17 12:41 . 2008-10-17 12:41 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe 2008-10-17 12:34 . 2008-10-17 12:40 <REP> d-------- C:\Program Files\Logitech 2008-10-17 12:34 . 2008-10-17 12:34 <REP> d-------- C:\Program Files\Fichiers communs\Logitech 2008-10-17 12:34 . 2005-05-25 02:40 258,352 --a------ C:\WINDOWS\system32\unicows.dll 2008-10-17 12:34 . 2005-05-25 02:40 89,088 --a------ C:\WINDOWS\system32\atl71.dll 2008-10-17 12:34 . 2005-05-20 15:01 68,352 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys 2008-10-17 12:34 . 2005-05-20 15:00 54,528 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys 2008-10-17 12:34 . 2005-05-20 15:00 13,056 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys 2008-10-16 12:47 . 2008-10-16 12:56 1,393 --a------ C:\WINDOWS\imsins.BAK 2008-10-16 12:38 . 2008-08-14 15:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-10-16 12:38 . 2008-08-14 15:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-10-16 12:38 . 2008-08-14 15:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-10-16 12:38 . 2008-08-14 15:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-10-11 12:03 . 2008-10-20 19:28 <REP> d-------- C:\Documents and Settings\Sandrine\Bureau 2008-10-11 09:14 . 2008-10-11 09:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GameHouse 2008-10-11 09:13 . 2008-10-11 09:13 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\PlayFirst 2008-10-11 09:12 . 2008-10-11 09:12 <REP> d-------- C:\Program Files\PlayFirst 2008-10-10 21:23 . 2008-10-10 21:23 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\Locktime 2008-10-10 21:22 . 2008-10-10 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Locktime 2008-10-06 12:35 . 2008-10-08 23:20 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-10-05 20:36 . 2008-10-05 20:36 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\Windows Search 2008-10-04 16:58 . 2008-10-19 20:12 10 --a------ C:\WINDOWS\popcinfo.dat 2008-10-04 16:57 . 2008-10-04 16:58 <REP> d-------- C:\Program Files\Zuma Deluxe 2008-10-04 16:57 . 2008-10-04 16:57 <REP> d-------- C:\Program Files\PopCap Games 2008-10-04 16:55 . 2008-10-19 13:00 10 --a------ C:\WINDOWS\tarot.cfg 2008-10-04 16:54 . 2008-10-19 13:00 <REP> d-------- C:\Program Files\Taroteam 2008-10-04 12:58 . 2008-10-04 12:58 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-10-04 12:57 . 2008-10-04 12:57 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search 2008-10-04 12:55 . 2008-10-04 12:55 <REP> d-------- C:\Program Files\Windows Desktop Search 2008-10-04 12:54 . 2008-10-04 12:54 <REP> d-------- C:\WINDOWS\system32\GroupPolicy 2008-10-04 12:13 . 2008-04-13 11:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2008-10-04 12:13 . 2008-04-13 11:45 6,272 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys 2008-10-04 12:12 . 2008-04-13 12:17 83,072 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2008-10-04 12:12 . 2008-04-13 12:17 83,072 --a--c--- C:\WINDOWS\system32\dllcache\wdmaud.sys 2008-10-04 12:10 . 2008-04-13 11:45 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2008-10-04 12:10 . 2008-04-13 11:45 172,416 --a--c--- C:\WINDOWS\system32\dllcache\kmixer.sys 2008-10-04 12:10 . 2008-04-13 09:39 142,592 --a------ C:\WINDOWS\system32\drivers\aec.sys 2008-10-04 12:10 . 2008-04-13 09:39 142,592 --a--c--- C:\WINDOWS\system32\dllcache\aec.sys 2008-10-04 12:10 . 2008-04-13 11:45 56,576 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2008-10-04 12:10 . 2008-04-13 11:45 56,576 --a--c--- C:\WINDOWS\system32\dllcache\swmidi.sys 2008-10-04 12:10 . 2008-04-13 11:45 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2008-10-04 12:08 . 2008-10-04 12:09 <REP> d-------- C:\Program Files\Realtek AC97 2008-10-04 12:08 . 2006-11-17 05:40 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl 2008-10-04 12:08 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe 2008-10-04 12:08 . 2006-11-17 05:42 577,536 --a------ C:\WINDOWS\soundman.exe 2008-10-04 12:08 . 2006-07-31 11:19 315,392 --a------ C:\WINDOWS\alcupd.exe 2008-10-04 12:08 . 2006-07-31 11:27 217,088 --a------ C:\WINDOWS\Alcrmv.exe 2008-10-04 12:08 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll 2008-10-04 12:08 . 2002-02-05 13:54 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav 2008-10-04 11:09 . 2005-11-01 10:35 28,672 -ra------ C:\WINDOWS\system32\VModes.exe 2008-10-04 11:08 . 2008-10-04 11:09 <REP> d-------- C:\Program Files\S3 2008-10-04 11:00 . 2008-10-04 11:00 <REP> d-------- C:\pnp 2008-10-04 09:52 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll 2008-10-04 09:52 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-10-03 22:31 . 2008-10-17 12:45 <REP> d--h----- C:\Program Files\InstallShield Installation Information 2008-10-03 22:30 . 2008-10-03 22:31 <REP> d-------- C:\Program Files\VIA 2008-10-03 22:29 . 2008-10-04 11:08 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield 2008-10-03 22:28 . 2004-07-06 22:45 60,672 --a------ C:\WINDOWS\system32\drivers\viamraid.sys 2008-10-03 22:15 . 2008-10-03 22:15 <REP> d-------- C:\Program Files\Windows Media Connect 2 2008-10-03 22:09 . 2008-10-15 13:21 <REP> d-------- C:\WINDOWS\system32\LogFiles 2008-10-03 22:09 . 2008-10-03 22:11 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-10-03 21:52 . 2008-10-03 21:52 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic 2008-10-03 20:30 . 2008-10-03 20:30 <REP> d-------- C:\Program Files\MSXML 4.0 2008-10-03 19:21 . 2008-10-03 19:21 <REP> d-------- C:\Documents and Settings\Sandrine\Application Data\Nero 2008-10-03 19:10 . 2008-10-03 19:10 <REP> d-------- C:\Program Files\Nero 2008-10-03 19:10 . 2008-10-03 19:14 <REP> d-------- C:\Program Files\Fichiers communs\Nero 2008-10-03 19:10 . 2008-10-03 19:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-10-03 18:13 . 2008-10-03 18:14 <REP> d-------- C:\WINDOWS\system32\URTTemp 2008-10-03 18:12 . 2008-10-03 18:12 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard 2008-10-03 18:11 . 2005-03-08 07:52 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys 2008-10-03 18:11 . 2005-03-08 07:52 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys 2008-10-03 18:10 . 2005-03-15 22:36 77,824 -ra------ C:\WINDOWS\system32\hpzids01.dll 2008-10-03 18:10 . 2005-05-05 08:51 37,376 --a------ C:\WINDOWS\system32\hpz3l3xu.dll 2008-10-03 18:10 . 2005-03-08 07:52 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys 2008-10-03 18:09 . 2008-04-13 11:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-10-03 18:09 . 2008-04-13 11:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys 2008-10-03 18:04 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-10-03 18:04 . 2004-09-29 12:12 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll 2008-10-03 18:04 . 2004-09-29 12:15 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll 2008-10-03 18:04 . 2004-09-29 12:09 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll 2008-10-03 18:04 . 2004-09-29 12:14 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe 2008-10-03 18:04 . 2004-09-29 12:08 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe 2008-10-03 18:04 . 2004-09-29 12:09 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-20 17:26 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-10-16 10:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-10-10 06:58 82,944 ----a-w C:\WINDOWS\system32\o4Patch.exe 2008-10-10 06:58 82,944 ----a-w C:\WINDOWS\system32\IEDFix.C.exe 2008-10-04 08:44 --------- d-----w C:\Program Files\Yahoo! 2008-10-03 17:42 --------- d-----w C:\Program Files\Windows Live 2008-10-03 16:16 --------- d-----w C:\Program Files\HP 2008-10-03 15:38 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition 2008-10-03 15:36 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-10-03 15:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-10-03 15:24 --------- d-----w C:\Program Files\MSBuild 2008-10-03 15:24 --------- d-----w C:\Program Files\Microsoft Works 2008-10-03 15:07 --------- d-----w C:\Program Files\eMule 2008-10-03 15:01 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-10-03 14:59 --------- d-----w C:\Program Files\CCleaner 2008-10-03 14:53 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-10-03 14:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender 2008-10-03 14:31 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll 2008-10-03 14:28 --------- d-----w C:\Documents and Settings\Sandrine\Application Data\HP 2008-10-03 14:26 --------- d-----w C:\Documents and Settings\Sandrine\Application Data\Bitdefender 2008-10-03 14:16 --------- d-----w C:\Program Files\Softwin 2008-10-03 14:16 --------- d-----w C:\Program Files\Fichiers communs\Softwin 2008-10-03 14:07 --------- d-----w C:\Program Files\microsoft frontpage 2008-10-03 14:05 --------- d-----w C:\Program Files\Services en ligne 2008-10-01 13:51 87,552 ----a-w C:\WINDOWS\system32\VACFix.exe 2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys 2008-09-08 21:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe 2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-08-20 05:10 670,208 ----a-w C:\WINDOWS\system32\wininet.dll 2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe 2008-08-14 13:23 2,191,232 ----a-w C:\WINDOWS\system32\ntoskrnl.exe 2008-08-14 13:23 2,068,096 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe 2008-07-25 08:34 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-07-25 08:34 683,520 ----a-w C:\WINDOWS\system32\divx.dll 2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-10-17 32768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-10-03 290816] "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2008-10-03 69632] "RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2004-10-11 589824] "SoundMan"="SOUNDMAN.EXE" [2006-11-17 C:\WINDOWS\soundman.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-10-17 450560] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-10-17 450560] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=sockspy.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2008-06-24 16:06 1840424 C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] --a------ 2008-06-08 09:31 2221352 C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2008-06-19 09:53 570664 C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] --a------ 2006-08-03 14:53 53248 C:\WINDOWS\system32\VTTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp] --a------ 2006-08-30 17:44 180224 C:\WINDOWS\system32\VTTrayp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "WLSetupSvc"=3 (0x3) "usnjsvc"=3 (0x3) "Pml Driver HPZ12"=2 (0x2) "PLFlash DeviceIoControl Service"=2 (0x2) "ose"=3 (0x3) "odserv"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "NMIndexingService"=3 (0x3) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [ ] . . ------- Examen supplémentaire ------- . FireFox -: Profile - C:\Documents and Settings\Sandrine\Application Data\Mozilla\Firefox\Profiles\ua67jqwh.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://portail.free.fr/ FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-20 19:28:43 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver] "ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt" . Heure de fin: 2008-10-20 19:32:08 ComboFix-quarantined-files.txt 2008-10-20 17:32:00 Avant-CF: 54,323,630,080 octets libres Après-CF: 54,390,845,440 octets libres 243 --- E O F --- 2008-10-20 16:25:03
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

C ce qu'il me semble que j'ai fais...............j'avais que ca.......... Ca vous parez peut etre évident pour vous mais c'est pas le cas de tout le monde.........
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Désolée du retard voici le rapport ComboFix 08-10-19.04 - Sandrine 2008-10-20 18:41:33.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.641 [GMT 2:00] Lancé depuis: C:\Documents and Settings\Sandrine\Bureau\ComboFix.exe Commutateurs utilisés :: C:\Documents and Settings\Sandrine\Bureau\CFScript.txt * Un nouveau point de restauration a été créé * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\WINDOWS\evsw.exe C:\WINDOWS\qrbgltos.dll C:\WINDOWS\system32\getsn32.dll C:\WINDOWS\system32\msupdte.exe C:\WINDOWS\system32\smwin32.dll
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

info.txt logfile of random's system information tool 1.04 2008-10-20 17:28:24 ======Uninstall list====== -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} BitDefender Antivirus Plus v10-->MsiExec.exe /I{66307F14-2FD2-4BCD-AA0B-F0E0BC60B044} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" eMule Plus 1.2d-->"C:\Program Files\eMule\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068} HijackThis 2.0.2-->"C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\OVT94TC7\HijackThis.exe" /uninstall HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041036} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028} Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9} VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VIA/S3G Display Driver 6.14.10.0331-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns WebTarot 1.15-->"C:\Program Files\Taroteam\unins000.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Zuma Deluxe RA-->C:\PROGRA~1\ZUMADE~1\UNWISE.EXE C:\PROGRA~1\ZUMADE~1\INSTALL.LOG =====HijackThis Backups===== O18 - Protocol: bw40 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O3 - Toolbar: (no name) - {B394BBFD-DC8F-44B4-8F97-962C9646DD95} - (no file) O18 - Protocol: bwj0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O18 - Protocol: bwn0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O18 - Protocol: bwd0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll ======Security center information====== AV: Bitdefender Antivirus FW: Bitdefender Firewall ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Logfile of random's system information tool 1.04 (written by random/random) Run by Sandrine at 2008-10-20 17:28:06 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 52 GB (66%) free of 78 GB Total RAM: 958 MB (66% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:28:20, on 20/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\WDQ7OXE7\RSIT[1].exe C:\HJT\Sandrine.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 5121 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-10-03 290816] "BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2008-10-03 69632] "RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2004-10-11 589824] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-17 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe [2008-10-14 22330] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp] C:\WINDOWS\system32\VTtrayp.exe [2006-08-30 180224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sandrine^Menu Démarrer^Programmes^Démarrage^Rapid Antivirus.lnk] C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 "WLSetupSvc"=3 "usnjsvc"=3 "Pml Driver HPZ12"=2 "PLFlash DeviceIoControl Service"=2 "ose"=3 "odserv"=3 "Nero BackItUp Scheduler 3"=2 "NMIndexingService"=3 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="sockspy.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" ======List of files/folders created in the last 1 months====== 2008-10-20 17:28:06 ----D---- C:\rsit 2008-10-20 16:12:42 ----A---- C:\rapport.txt 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\o4Patch.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\404Fix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VACFix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\swxcacls.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\IEDFix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\dumphive.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swsc.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swreg.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\Process.exe 2008-10-20 15:44:38 ----D---- C:\HJT 2008-10-20 10:28:54 ----D---- C:\Program Files\Windows Live Safety Center 2008-10-17 12:57:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\Logitech 2008-10-17 12:42:44 ----D---- C:\Program Files\MUSICMATCH 2008-10-17 12:41:37 ----R---- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe 2008-10-17 12:37:18 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-10-17 12:34:51 ----A---- C:\WINDOWS\system32\unicows.dll 2008-10-17 12:34:45 ----A---- C:\WINDOWS\system32\atl71.dll 2008-10-17 12:34:42 ----D---- C:\Program Files\Fichiers communs\Logitech 2008-10-17 12:34:10 ----D---- C:\Program Files\Logitech 2008-10-16 20:21:22 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-16 12:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-16 12:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-16 12:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-16 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-16 12:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-16 12:47:09 ----A---- C:\WINDOWS\imsins.BAK 2008-10-16 12:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$ 2008-10-15 09:35:41 ----D---- C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus 2008-10-15 09:13:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\TmpRecentIcons 2008-10-15 09:12:31 ----A---- C:\WINDOWS\qrbgltos.dll 2008-10-15 09:12:29 ----A---- C:\WINDOWS\evsw.exe 2008-10-15 09:01:49 ----D---- C:\Program Files\Rapid Antivirus 2008-10-15 08:54:36 ----D---- C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1] 2008-10-15 08:46:30 ----A---- C:\WINDOWS\system32\smwin32.dll 2008-10-15 08:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll 2008-10-14 16:24:28 ----A---- C:\WINDOWS\system32\msupdte.exe 2008-10-11 09:14:18 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse 2008-10-11 09:13:57 ----D---- C:\Documents and Settings\Sandrine\Application Data\PlayFirst 2008-10-11 09:12:16 ----D---- C:\Program Files\PlayFirst 2008-10-10 21:23:00 ----D---- C:\Documents and Settings\Sandrine\Application Data\Locktime 2008-10-10 21:22:41 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime 2008-10-06 12:35:22 ----A---- C:\WINDOWS\NeroDigital.ini 2008-10-05 20:36:10 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Search 2008-10-04 16:57:45 ----D---- C:\Program Files\PopCap Games 2008-10-04 16:57:07 ----D---- C:\Program Files\Zuma Deluxe 2008-10-04 16:54:38 ----D---- C:\Program Files\Taroteam 2008-10-04 12:58:37 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-04 12:57:56 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search 2008-10-04 12:55:00 ----D---- C:\Program Files\Windows Desktop Search 2008-10-04 12:54:57 ----D---- C:\WINDOWS\system32\GroupPolicy 2008-10-04 12:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$ 2008-10-04 12:35:47 ----D---- C:\WINDOWS\pss 2008-10-04 12:09:55 ----A---- C:\WINDOWS\system32\ChCfg.exe 2008-10-04 12:09:17 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-10-04 12:08:55 ----D---- C:\Program Files\Realtek AC97 2008-10-04 12:08:54 ----A---- C:\WINDOWS\system32\RTLCPL.exe 2008-10-04 12:08:52 ----A---- C:\WINDOWS\soundman.exe 2008-10-04 12:08:50 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll 2008-10-04 12:08:46 ----A---- C:\WINDOWS\alcupd.exe 2008-10-04 12:08:46 ----A---- C:\WINDOWS\Alcrmv.exe 2008-10-04 11:09:14 ----RA---- C:\WINDOWS\system32\VModes.exe 2008-10-04 11:08:55 ----D---- C:\Program Files\S3 2008-10-04 11:03:54 ----A---- C:\WINDOWS\system32\VTTrayp.exe 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTTimer.exe 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTovrlay.dll 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTInfo2.dll 2008-10-04 11:03:51 ----A---- C:\WINDOWS\system32\vticd.dll 2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTGamma2.dll 2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTDisply.dll 2008-10-04 11:03:49 ----A---- C:\WINDOWS\system32\vtdisp.dll 2008-10-04 11:00:43 ----D---- C:\pnp 2008-10-04 09:52:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-10-04 09:52:29 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-10-03 22:31:35 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-03 22:30:12 ----D---- C:\Program Files\VIA 2008-10-03 22:29:16 ----D---- C:\Program Files\Fichiers communs\InstallShield 2008-10-03 22:17:06 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-10-03 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-10-03 22:15:15 ----D---- C:\Program Files\Windows Media Connect 2 2008-10-03 22:14:34 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-10-03 22:10:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-10-03 22:09:47 ----D---- C:\WINDOWS\system32\LogFiles 2008-10-03 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-10-03 21:52:08 ----D---- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic 2008-10-03 20:30:33 ----D---- C:\Program Files\MSXML 4.0 2008-10-03 19:21:50 ----D---- C:\Documents and Settings\Sandrine\Application Data\Nero 2008-10-03 19:18:53 ----A---- C:\WINDOWS\system32\MsiExec.exe.log 2008-10-03 19:10:52 ----D---- C:\Program Files\Nero 2008-10-03 19:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2008-10-03 19:10:51 ----D---- C:\Program Files\Fichiers communs\Nero 2008-10-03 19:03:07 ----D---- C:\WINDOWS\RegisteredPackages 2008-10-03 19:01:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2008-10-03 19:01:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2008-10-03 18:50:59 ----D---- C:\Documents and Settings\Sandrine\Application Data\Macromedia 2008-10-03 18:50:58 ----D---- C:\Documents and Settings\Sandrine\Application Data\Adobe 2008-10-03 18:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-10-03 18:13:37 ----RSD---- C:\WINDOWS\assembly 2008-10-03 18:13:37 ----D---- C:\WINDOWS\Microsoft.NET 2008-10-03 18:13:35 ----D---- C:\WINDOWS\system32\URTTemp 2008-10-03 18:12:08 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard 2008-10-03 18:10:48 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2008-10-03 18:10:42 ----A---- C:\WINDOWS\system32\hpz3l3xu.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZisn12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipt12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipr12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipm12.exe 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZinw12.exe 2008-10-03 18:04:34 ----A---- C:\WINDOWS\system32\HPZidr12.dll 2008-10-03 18:04:34 ----A---- C:\WINDOWS\IsUninst.exe 2008-10-03 17:57:10 ----A---- C:\WINDOWS\system32\h323log.txt 2008-10-03 17:52:52 ----A---- C:\WINDOWS\system32\usbui.dll 2008-10-03 17:51:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-03 17:51:37 ----SHD---- C:\WINDOWS\Installer 2008-10-03 17:51:36 ----D---- C:\Program Files\Fichiers communs\ODBC 2008-10-03 17:51:36 ----A---- C:\WINDOWS\ODBCINST.INI 2008-10-03 17:51:33 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2008-10-03 17:51:32 ----RD---- C:\Program Files 2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdur.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdest.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdro.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\spxcoins.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\irclass.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgsetup.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2008-10-03 17:51:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2008-10-03 17:51:18 ----A---- C:\WINDOWS\TASKMAN.EXE 2008-10-03 17:51:18 ----A---- C:\WINDOWS\system32\batt.dll 2008-10-03 17:51:17 ----A---- C:\WINDOWS\NOTEPAD.EXE 2008-10-03 17:51:16 ----A---- C:\WINDOWS\system32\storprop.dll 2008-10-03 17:51:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2008-10-03 17:51:02 ----RA---- C:\WINDOWS\SET8.tmp 2008-10-03 17:51:00 ----RA---- C:\WINDOWS\SET4.tmp 2008-10-03 17:50:58 ----RA---- C:\WINDOWS\SET3.tmp 2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot 2008-10-03 17:50:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-10-03 17:50:26 ----SHD---- C:\System Volume Information 2008-10-03 17:50:26 ----D---- C:\Documents and Settings 2008-10-03 17:49:33 ----SH---- C:\boot.ini 2008-10-03 17:43:33 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-03 17:43:33 ----RSD---- C:\WINDOWS\Fonts 2008-10-03 17:43:33 ----RD---- C:\WINDOWS\Web 2008-10-03 17:43:33 ----HD---- C:\WINDOWS\inf 2008-10-03 17:43:33 ----D---- C:\WINDOWS\WinSxS 2008-10-03 17:43:33 ----D---- C:\WINDOWS\twain_32 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Temp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wins 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wbem 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\usmt 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\spool 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ShellExt 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\Setup 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ras 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\oobe 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\npp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\mui 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\inetsrv 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\IME 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\icsxml 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ias 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr-fr 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\export 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\drivers 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\dhcp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\config 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3com_dmi 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3076 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\2052 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1054 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1042 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1041 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1037 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1036 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1033 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1031 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1028 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1025 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system 2008-10-03 17:43:33 ----D---- C:\WINDOWS\security 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Resources 2008-10-03 17:43:33 ----D---- C:\WINDOWS\repair 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Provisioning 2008-10-03 17:43:33 ----D---- C:\WINDOWS\PeerNet 2008-10-03 17:43:33 ----D---- C:\WINDOWS\pchealth 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Network Diagnostic 2008-10-03 17:43:33 ----D---- C:\WINDOWS\mui 2008-10-03 17:43:33 ----D---- C:\WINDOWS\msapps 2008-10-03 17:43:33 ----D---- C:\WINDOWS\msagent 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Media 2008-10-03 17:43:33 ----D---- C:\WINDOWS\L2Schemas 2008-10-03 17:43:33 ----D---- C:\WINDOWS\java 2008-10-03 17:43:33 ----D---- C:\WINDOWS\ime 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Help 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Driver Cache 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Debug 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Cursors 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Connection Wizard 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Config 2008-10-03 17:43:33 ----D---- C:\WINDOWS\AppPatch 2008-10-03 17:43:33 ----D---- C:\WINDOWS\addins 2008-10-03 17:43:33 ----D---- C:\WINDOWS 2008-10-03 17:39:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2008-10-03 17:38:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2008-10-03 17:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-10-03 17:24:25 ----D---- C:\Program Files\Microsoft Works 2008-10-03 17:24:14 ----D---- C:\Program Files\MSBuild 2008-10-03 17:23:06 ----D---- C:\Program Files\Microsoft Visual Studio 2008-10-03 17:23:05 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2008-10-03 17:17:59 ----D---- C:\WINDOWS\SHELLNEW 2008-10-03 17:17:27 ----D---- C:\Program Files\Microsoft Office 2008-10-03 17:17:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-10-03 17:16:41 ----RHD---- C:\MSOCache 2008-10-03 17:15:02 ----D---- C:\Documents and Settings\Sandrine\Application Data\WinRAR 2008-10-03 17:06:52 ----D---- C:\Program Files\eMule 2008-10-03 17:05:08 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-10-03 17:04:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-10-03 17:04:32 ----D---- C:\Program Files\Windows Live 2008-10-03 17:04:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-10-03 17:04:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-10-03 17:02:05 ----A---- C:\WINDOWS\system32\unrar.dll 2008-10-03 17:02:04 ----A---- C:\WINDOWS\avisplitter.ini 2008-10-03 17:01:54 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2008-10-03 17:01:52 ----A---- C:\WINDOWS\system32\xvidcore.dll 2008-10-03 17:01:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2008-10-03 17:01:47 ----A---- C:\WINDOWS\system32\qt-dx331.dll 2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\dpl100.dll 2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\divx.dll 2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2008-10-03 17:01:16 ----D---- C:\Program Files\K-Lite Codec Pack 2008-10-03 16:58:58 ----D---- C:\Program Files\Yahoo! 2008-10-03 16:58:28 ----D---- C:\Program Files\CCleaner 2008-10-03 16:57:29 ----D---- C:\Program Files\WinRAR 2008-10-03 16:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-10-03 16:52:00 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-10-03 16:52:00 ----D---- C:\Program Files\Adobe 2008-10-03 16:34:51 ----D---- C:\Documents and Settings\Sandrine\Application Data\Mozilla 2008-10-03 16:34:37 ----D---- C:\Program Files\Mozilla Firefox 2008-10-03 16:34:00 ----D---- C:\WINDOWS\system32\PreInstall 2008-10-03 16:33:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-10-03 16:33:58 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-03 16:32:46 ----D---- C:\Program Files\HP 2008-10-03 16:31:19 ----HD---- C:\Config.Msi 2008-10-03 16:28:33 ----D---- C:\Documents and Settings\Sandrine\Application Data\HP 2008-10-03 16:26:38 ----D---- C:\Documents and Settings\Sandrine\Application Data\Bitdefender 2008-10-03 16:16:09 ----D---- C:\Program Files\Softwin 2008-10-03 16:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-10-03 16:15:09 ----D---- C:\Program Files\Fichiers communs\Softwin 2008-10-03 16:13:46 ----SHD---- C:\RECYCLER 2008-10-03 16:13:01 ----D---- C:\Documents and Settings\Sandrine\Application Data\Identities 2008-10-03 16:12:59 ----HD---- C:\Program Files\Uninstall Information 2008-10-03 16:12:53 ----ASH---- C:\Documents and Settings\Sandrine\Application Data\desktop.ini 2008-10-03 16:12:52 ----SD---- C:\Documents and Settings\Sandrine\Application Data\Microsoft 2008-10-03 16:12:31 ----A---- C:\WINDOWS\system32\wpa.bak 2008-10-03 16:11:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-10-03 16:10:38 ----D---- C:\WINDOWS\SoftwareDistribution 2008-10-03 16:10:29 ----D---- C:\WINDOWS\Prefetch 2008-10-03 16:10:28 ----SD---- C:\WINDOWS\system32\Microsoft 2008-10-03 16:10:28 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-03 16:07:13 ----D---- C:\WINDOWS\system32\xircom 2008-10-03 16:07:13 ----D---- C:\Program Files\xerox 2008-10-03 16:07:13 ----D---- C:\Program Files\microsoft frontpage 2008-10-03 16:07:00 ----A---- C:\WINDOWS\control.ini 2008-10-03 16:07:00 ----A---- C:\AUTOEXEC.BAT 2008-10-03 16:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-03 16:05:22 ----RD---- C:\WINDOWS\Offline Web Pages 2008-10-03 16:05:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-10-03 16:05:14 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-10-03 16:05:09 ----HD---- C:\Program Files\WindowsUpdate 2008-10-03 16:05:03 ----D---- C:\Program Files\Services en ligne 2008-10-03 16:04:46 ----D---- C:\WINDOWS\system32\DirectX 2008-10-03 16:04:42 ----A---- C:\WINDOWS\system32\atrace.dll 2008-10-03 16:04:40 ----A---- C:\WINDOWS\system32\desktop.ini 2008-10-03 16:04:40 ----A---- C:\WINDOWS\desktop.ini 2008-10-03 16:04:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-10-03 16:04:33 ----D---- C:\Program Files\Fichiers communs\Services 2008-10-03 16:04:33 ----A---- C:\WINDOWS\system32\acctres.dll 2008-10-03 16:04:31 ----SD---- C:\WINDOWS\Tasks 2008-10-03 16:04:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-10-03 16:04:30 ----D---- C:\Program Files\Fichiers communs\MSSoap 2008-10-03 16:04:27 ----D---- C:\WINDOWS\srchasst 2008-10-03 16:04:26 ----D---- C:\WINDOWS\system32\Macromed 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wups.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2008-10-03 16:04:20 ----D---- C:\Program Files\Movie Maker 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltMc.exe 2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltlib.dll 2008-10-03 16:04:02 ----D---- C:\WINDOWS\system32\Restore 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srclient.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\ils.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\msconf.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-10-03 16:03:59 ----D---- C:\Program Files\NetMeeting 2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetres.dll 2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-10-03 16:03:56 ----D---- C:\Program Files\Outlook Express 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstask.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\isign32.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-10-03 16:03:51 ----D---- C:\Program Files\Fichiers communs\System 2008-10-03 16:03:49 ----D---- C:\Program Files\Internet Explorer 2008-10-03 16:03:33 ----D---- C:\Program Files\ComPlus Applications 2008-10-03 16:03:30 ----A---- C:\WINDOWS\vbaddin.ini 2008-10-03 16:03:30 ----A---- C:\WINDOWS\vb.ini 2008-10-03 16:03:24 ----D---- C:\WINDOWS\Registration 2008-10-03 16:02:40 ----D---- C:\Program Files\Windows Media Player 2008-10-03 16:02:40 ----D---- C:\Program Files\Online Services 2008-10-03 16:02:33 ----D---- C:\Program Files\Messenger 2008-10-03 16:02:30 ----D---- C:\Program Files\MSN Gaming Zone 2008-10-03 16:02:30 ----A---- C:\WINDOWS\system32\write.exe 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\hticons.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avwav.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-10-03 16:02:21 ----A---- C:\WINDOWS\system32\winchat.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\winmine.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\sol.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\getuname.dll 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\charmap.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\calc.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tskill.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tscon.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\shadow.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\reset.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\freecell.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\regini.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msg.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\logoff.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-10-03 16:02:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-10-03 16:02:02 ----D---- C:\Program Files\MSN 2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-10-03 16:02:00 ----D---- C:\Program Files\Windows NT 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-10-03 16:01:59 ----A---- C:\WINDOWS\system32\spider.exe 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tsgqec.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\aaclient.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\termsrv.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-10-03 16:01:56 ----D---- C:\WINDOWS\system32\MsDtc 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-10-03 16:01:54 ----D---- C:\WINDOWS\system32\Com 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\stclient.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\colbact.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comuid.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2008-10-20 16:30:34 ----A---- C:\WINDOWS\win.ini 2008-10-16 12:50:36 ----A---- C:\WINDOWS\system.ini 2008-10-03 16:31:24 ----A---- C:\WINDOWS\system32\xreglib.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys [] R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056] R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528] R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-08-31 264704] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2008-10-03 81920] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-10-03 278528] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-10-03 462848] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864] S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896] S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF----------------- Logfile of random's system information tool 1.04 (written by random/random) Run by Sandrine at 2008-10-20 17:28:06 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 52 GB (66%) free of 78 GB Total RAM: 958 MB (66% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:28:20, on 20/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\WDQ7OXE7\RSIT[1].exe C:\HJT\Sandrine.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 5121 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-10-03 290816] "BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2008-10-03 69632] "RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2004-10-11 589824] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-17 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe [2008-10-14 22330] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp] C:\WINDOWS\system32\VTtrayp.exe [2006-08-30 180224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sandrine^Menu Démarrer^Programmes^Démarrage^Rapid Antivirus.lnk] C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 "WLSetupSvc"=3 "usnjsvc"=3 "Pml Driver HPZ12"=2 "PLFlash DeviceIoControl Service"=2 "ose"=3 "odserv"=3 "Nero BackItUp Scheduler 3"=2 "NMIndexingService"=3 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="sockspy.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" ======List of files/folders created in the last 1 months====== 2008-10-20 17:28:06 ----D---- C:\rsit 2008-10-20 16:12:42 ----A---- C:\rapport.txt 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\o4Patch.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\404Fix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VACFix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\swxcacls.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\IEDFix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\dumphive.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swsc.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swreg.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\Process.exe 2008-10-20 15:44:38 ----D---- C:\HJT 2008-10-20 10:28:54 ----D---- C:\Program Files\Windows Live Safety Center 2008-10-17 12:57:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\Logitech 2008-10-17 12:42:44 ----D---- C:\Program Files\MUSICMATCH 2008-10-17 12:41:37 ----R---- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe 2008-10-17 12:37:18 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-10-17 12:34:51 ----A---- C:\WINDOWS\system32\unicows.dll 2008-10-17 12:34:45 ----A---- C:\WINDOWS\system32\atl71.dll 2008-10-17 12:34:42 ----D---- C:\Program Files\Fichiers communs\Logitech 2008-10-17 12:34:10 ----D---- C:\Program Files\Logitech 2008-10-16 20:21:22 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-16 12:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-16 12:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-16 12:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-16 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-16 12:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-16 12:47:09 ----A---- C:\WINDOWS\imsins.BAK 2008-10-16 12:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$ 2008-10-15 09:35:41 ----D---- C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus 2008-10-15 09:13:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\TmpRecentIcons 2008-10-15 09:12:31 ----A---- C:\WINDOWS\qrbgltos.dll 2008-10-15 09:12:29 ----A---- C:\WINDOWS\evsw.exe 2008-10-15 09:01:49 ----D---- C:\Program Files\Rapid Antivirus 2008-10-15 08:54:36 ----D---- C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1] 2008-10-15 08:46:30 ----A---- C:\WINDOWS\system32\smwin32.dll 2008-10-15 08:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll 2008-10-14 16:24:28 ----A---- C:\WINDOWS\system32\msupdte.exe 2008-10-11 09:14:18 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse 2008-10-11 09:13:57 ----D---- C:\Documents and Settings\Sandrine\Application Data\PlayFirst 2008-10-11 09:12:16 ----D---- C:\Program Files\PlayFirst 2008-10-10 21:23:00 ----D---- C:\Documents and Settings\Sandrine\Application Data\Locktime 2008-10-10 21:22:41 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime 2008-10-06 12:35:22 ----A---- C:\WINDOWS\NeroDigital.ini 2008-10-05 20:36:10 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Search 2008-10-04 16:57:45 ----D---- C:\Program Files\PopCap Games 2008-10-04 16:57:07 ----D---- C:\Program Files\Zuma Deluxe 2008-10-04 16:54:38 ----D---- C:\Program Files\Taroteam 2008-10-04 12:58:37 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-04 12:57:56 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search 2008-10-04 12:55:00 ----D---- C:\Program Files\Windows Desktop Search 2008-10-04 12:54:57 ----D---- C:\WINDOWS\system32\GroupPolicy 2008-10-04 12:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$ 2008-10-04 12:35:47 ----D---- C:\WINDOWS\pss 2008-10-04 12:09:55 ----A---- C:\WINDOWS\system32\ChCfg.exe 2008-10-04 12:09:17 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-10-04 12:08:55 ----D---- C:\Program Files\Realtek AC97 2008-10-04 12:08:54 ----A---- C:\WINDOWS\system32\RTLCPL.exe 2008-10-04 12:08:52 ----A---- C:\WINDOWS\soundman.exe 2008-10-04 12:08:50 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll 2008-10-04 12:08:46 ----A---- C:\WINDOWS\alcupd.exe 2008-10-04 12:08:46 ----A---- C:\WINDOWS\Alcrmv.exe 2008-10-04 11:09:14 ----RA---- C:\WINDOWS\system32\VModes.exe 2008-10-04 11:08:55 ----D---- C:\Program Files\S3 2008-10-04 11:03:54 ----A---- C:\WINDOWS\system32\VTTrayp.exe 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTTimer.exe 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTovrlay.dll 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTInfo2.dll 2008-10-04 11:03:51 ----A---- C:\WINDOWS\system32\vticd.dll 2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTGamma2.dll 2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTDisply.dll 2008-10-04 11:03:49 ----A---- C:\WINDOWS\system32\vtdisp.dll 2008-10-04 11:00:43 ----D---- C:\pnp 2008-10-04 09:52:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-10-04 09:52:29 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-10-03 22:31:35 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-03 22:30:12 ----D---- C:\Program Files\VIA 2008-10-03 22:29:16 ----D---- C:\Program Files\Fichiers communs\InstallShield 2008-10-03 22:17:06 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-10-03 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-10-03 22:15:15 ----D---- C:\Program Files\Windows Media Connect 2 2008-10-03 22:14:34 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-10-03 22:10:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-10-03 22:09:47 ----D---- C:\WINDOWS\system32\LogFiles 2008-10-03 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-10-03 21:52:08 ----D---- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic 2008-10-03 20:30:33 ----D---- C:\Program Files\MSXML 4.0 2008-10-03 19:21:50 ----D---- C:\Documents and Settings\Sandrine\Application Data\Nero 2008-10-03 19:18:53 ----A---- C:\WINDOWS\system32\MsiExec.exe.log 2008-10-03 19:10:52 ----D---- C:\Program Files\Nero 2008-10-03 19:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2008-10-03 19:10:51 ----D---- C:\Program Files\Fichiers communs\Nero 2008-10-03 19:03:07 ----D---- C:\WINDOWS\RegisteredPackages 2008-10-03 19:01:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2008-10-03 19:01:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2008-10-03 18:50:59 ----D---- C:\Documents and Settings\Sandrine\Application Data\Macromedia 2008-10-03 18:50:58 ----D---- C:\Documents and Settings\Sandrine\Application Data\Adobe 2008-10-03 18:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-10-03 18:13:37 ----RSD---- C:\WINDOWS\assembly 2008-10-03 18:13:37 ----D---- C:\WINDOWS\Microsoft.NET 2008-10-03 18:13:35 ----D---- C:\WINDOWS\system32\URTTemp 2008-10-03 18:12:08 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard 2008-10-03 18:10:48 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2008-10-03 18:10:42 ----A---- C:\WINDOWS\system32\hpz3l3xu.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZisn12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipt12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipr12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipm12.exe 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZinw12.exe 2008-10-03 18:04:34 ----A---- C:\WINDOWS\system32\HPZidr12.dll 2008-10-03 18:04:34 ----A---- C:\WINDOWS\IsUninst.exe 2008-10-03 17:57:10 ----A---- C:\WINDOWS\system32\h323log.txt 2008-10-03 17:52:52 ----A---- C:\WINDOWS\system32\usbui.dll 2008-10-03 17:51:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-03 17:51:37 ----SHD---- C:\WINDOWS\Installer 2008-10-03 17:51:36 ----D---- C:\Program Files\Fichiers communs\ODBC 2008-10-03 17:51:36 ----A---- C:\WINDOWS\ODBCINST.INI 2008-10-03 17:51:33 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2008-10-03 17:51:32 ----RD---- C:\Program Files 2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdur.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdest.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdro.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\spxcoins.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\irclass.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgsetup.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2008-10-03 17:51:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2008-10-03 17:51:18 ----A---- C:\WINDOWS\TASKMAN.EXE 2008-10-03 17:51:18 ----A---- C:\WINDOWS\system32\batt.dll 2008-10-03 17:51:17 ----A---- C:\WINDOWS\NOTEPAD.EXE 2008-10-03 17:51:16 ----A---- C:\WINDOWS\system32\storprop.dll 2008-10-03 17:51:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2008-10-03 17:51:02 ----RA---- C:\WINDOWS\SET8.tmp 2008-10-03 17:51:00 ----RA---- C:\WINDOWS\SET4.tmp 2008-10-03 17:50:58 ----RA---- C:\WINDOWS\SET3.tmp 2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot 2008-10-03 17:50:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-10-03 17:50:26 ----SHD---- C:\System Volume Information 2008-10-03 17:50:26 ----D---- C:\Documents and Settings 2008-10-03 17:49:33 ----SH---- C:\boot.ini 2008-10-03 17:43:33 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-03 17:43:33 ----RSD---- C:\WINDOWS\Fonts 2008-10-03 17:43:33 ----RD---- C:\WINDOWS\Web 2008-10-03 17:43:33 ----HD---- C:\WINDOWS\inf 2008-10-03 17:43:33 ----D---- C:\WINDOWS\WinSxS 2008-10-03 17:43:33 ----D---- C:\WINDOWS\twain_32 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Temp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wins 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wbem 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\usmt 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\spool 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ShellExt 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\Setup 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ras 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\oobe 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\npp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\mui 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\inetsrv 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\IME 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\icsxml 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ias 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr-fr 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\export 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\drivers 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\dhcp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\config 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3com_dmi 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3076 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\2052 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1054 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1042 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1041 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1037 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1036 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1033 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1031 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1028 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1025 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system 2008-10-03 17:43:33 ----D---- C:\WINDOWS\security 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Resources 2008-10-03 17:43:33 ----D---- C:\WINDOWS\repair 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Provisioning 2008-10-03 17:43:33 ----D---- C:\WINDOWS\PeerNet 2008-10-03 17:43:33 ----D---- C:\WINDOWS\pchealth 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Network Diagnostic 2008-10-03 17:43:33 ----D---- C:\WINDOWS\mui 2008-10-03 17:43:33 ----D---- C:\WINDOWS\msapps 2008-10-03 17:43:33 ----D---- C:\WINDOWS\msagent 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Media 2008-10-03 17:43:33 ----D---- C:\WINDOWS\L2Schemas 2008-10-03 17:43:33 ----D---- C:\WINDOWS\java 2008-10-03 17:43:33 ----D---- C:\WINDOWS\ime 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Help 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Driver Cache 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Debug 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Cursors 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Connection Wizard 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Config 2008-10-03 17:43:33 ----D---- C:\WINDOWS\AppPatch 2008-10-03 17:43:33 ----D---- C:\WINDOWS\addins 2008-10-03 17:43:33 ----D---- C:\WINDOWS 2008-10-03 17:39:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2008-10-03 17:38:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2008-10-03 17:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-10-03 17:24:25 ----D---- C:\Program Files\Microsoft Works 2008-10-03 17:24:14 ----D---- C:\Program Files\MSBuild 2008-10-03 17:23:06 ----D---- C:\Program Files\Microsoft Visual Studio 2008-10-03 17:23:05 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2008-10-03 17:17:59 ----D---- C:\WINDOWS\SHELLNEW 2008-10-03 17:17:27 ----D---- C:\Program Files\Microsoft Office 2008-10-03 17:17:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-10-03 17:16:41 ----RHD---- C:\MSOCache 2008-10-03 17:15:02 ----D---- C:\Documents and Settings\Sandrine\Application Data\WinRAR 2008-10-03 17:06:52 ----D---- C:\Program Files\eMule 2008-10-03 17:05:08 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-10-03 17:04:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-10-03 17:04:32 ----D---- C:\Program Files\Windows Live 2008-10-03 17:04:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-10-03 17:04:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-10-03 17:02:05 ----A---- C:\WINDOWS\system32\unrar.dll 2008-10-03 17:02:04 ----A---- C:\WINDOWS\avisplitter.ini 2008-10-03 17:01:54 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2008-10-03 17:01:52 ----A---- C:\WINDOWS\system32\xvidcore.dll 2008-10-03 17:01:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2008-10-03 17:01:47 ----A---- C:\WINDOWS\system32\qt-dx331.dll 2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\dpl100.dll 2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\divx.dll 2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2008-10-03 17:01:16 ----D---- C:\Program Files\K-Lite Codec Pack 2008-10-03 16:58:58 ----D---- C:\Program Files\Yahoo! 2008-10-03 16:58:28 ----D---- C:\Program Files\CCleaner 2008-10-03 16:57:29 ----D---- C:\Program Files\WinRAR 2008-10-03 16:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-10-03 16:52:00 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-10-03 16:52:00 ----D---- C:\Program Files\Adobe 2008-10-03 16:34:51 ----D---- C:\Documents and Settings\Sandrine\Application Data\Mozilla 2008-10-03 16:34:37 ----D---- C:\Program Files\Mozilla Firefox 2008-10-03 16:34:00 ----D---- C:\WINDOWS\system32\PreInstall 2008-10-03 16:33:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-10-03 16:33:58 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-03 16:32:46 ----D---- C:\Program Files\HP 2008-10-03 16:31:19 ----HD---- C:\Config.Msi 2008-10-03 16:28:33 ----D---- C:\Documents and Settings\Sandrine\Application Data\HP 2008-10-03 16:26:38 ----D---- C:\Documents and Settings\Sandrine\Application Data\Bitdefender 2008-10-03 16:16:09 ----D---- C:\Program Files\Softwin 2008-10-03 16:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-10-03 16:15:09 ----D---- C:\Program Files\Fichiers communs\Softwin 2008-10-03 16:13:46 ----SHD---- C:\RECYCLER 2008-10-03 16:13:01 ----D---- C:\Documents and Settings\Sandrine\Application Data\Identities 2008-10-03 16:12:59 ----HD---- C:\Program Files\Uninstall Information 2008-10-03 16:12:53 ----ASH---- C:\Documents and Settings\Sandrine\Application Data\desktop.ini 2008-10-03 16:12:52 ----SD---- C:\Documents and Settings\Sandrine\Application Data\Microsoft 2008-10-03 16:12:31 ----A---- C:\WINDOWS\system32\wpa.bak 2008-10-03 16:11:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-10-03 16:10:38 ----D---- C:\WINDOWS\SoftwareDistribution 2008-10-03 16:10:29 ----D---- C:\WINDOWS\Prefetch 2008-10-03 16:10:28 ----SD---- C:\WINDOWS\system32\Microsoft 2008-10-03 16:10:28 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-03 16:07:13 ----D---- C:\WINDOWS\system32\xircom 2008-10-03 16:07:13 ----D---- C:\Program Files\xerox 2008-10-03 16:07:13 ----D---- C:\Program Files\microsoft frontpage 2008-10-03 16:07:00 ----A---- C:\WINDOWS\control.ini 2008-10-03 16:07:00 ----A---- C:\AUTOEXEC.BAT 2008-10-03 16:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-03 16:05:22 ----RD---- C:\WINDOWS\Offline Web Pages 2008-10-03 16:05:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-10-03 16:05:14 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-10-03 16:05:09 ----HD---- C:\Program Files\WindowsUpdate 2008-10-03 16:05:03 ----D---- C:\Program Files\Services en ligne 2008-10-03 16:04:46 ----D---- C:\WINDOWS\system32\DirectX 2008-10-03 16:04:42 ----A---- C:\WINDOWS\system32\atrace.dll 2008-10-03 16:04:40 ----A---- C:\WINDOWS\system32\desktop.ini 2008-10-03 16:04:40 ----A---- C:\WINDOWS\desktop.ini 2008-10-03 16:04:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-10-03 16:04:33 ----D---- C:\Program Files\Fichiers communs\Services 2008-10-03 16:04:33 ----A---- C:\WINDOWS\system32\acctres.dll 2008-10-03 16:04:31 ----SD---- C:\WINDOWS\Tasks 2008-10-03 16:04:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-10-03 16:04:30 ----D---- C:\Program Files\Fichiers communs\MSSoap 2008-10-03 16:04:27 ----D---- C:\WINDOWS\srchasst 2008-10-03 16:04:26 ----D---- C:\WINDOWS\system32\Macromed 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wups.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2008-10-03 16:04:20 ----D---- C:\Program Files\Movie Maker 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltMc.exe 2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltlib.dll 2008-10-03 16:04:02 ----D---- C:\WINDOWS\system32\Restore 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srclient.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\ils.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\msconf.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-10-03 16:03:59 ----D---- C:\Program Files\NetMeeting 2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetres.dll 2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-10-03 16:03:56 ----D---- C:\Program Files\Outlook Express 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstask.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\isign32.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-10-03 16:03:51 ----D---- C:\Program Files\Fichiers communs\System 2008-10-03 16:03:49 ----D---- C:\Program Files\Internet Explorer 2008-10-03 16:03:33 ----D---- C:\Program Files\ComPlus Applications 2008-10-03 16:03:30 ----A---- C:\WINDOWS\vbaddin.ini 2008-10-03 16:03:30 ----A---- C:\WINDOWS\vb.ini 2008-10-03 16:03:24 ----D---- C:\WINDOWS\Registration 2008-10-03 16:02:40 ----D---- C:\Program Files\Windows Media Player 2008-10-03 16:02:40 ----D---- C:\Program Files\Online Services 2008-10-03 16:02:33 ----D---- C:\Program Files\Messenger 2008-10-03 16:02:30 ----D---- C:\Program Files\MSN Gaming Zone 2008-10-03 16:02:30 ----A---- C:\WINDOWS\system32\write.exe 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\hticons.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avwav.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-10-03 16:02:21 ----A---- C:\WINDOWS\system32\winchat.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\winmine.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\sol.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\getuname.dll 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\charmap.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\calc.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tskill.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tscon.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\shadow.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\reset.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\freecell.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\regini.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msg.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\logoff.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-10-03 16:02:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-10-03 16:02:02 ----D---- C:\Program Files\MSN 2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-10-03 16:02:00 ----D---- C:\Program Files\Windows NT 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-10-03 16:01:59 ----A---- C:\WINDOWS\system32\spider.exe 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tsgqec.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\aaclient.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\termsrv.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-10-03 16:01:56 ----D---- C:\WINDOWS\system32\MsDtc 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-10-03 16:01:54 ----D---- C:\WINDOWS\system32\Com 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\stclient.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\colbact.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comuid.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2008-10-20 16:30:34 ----A---- C:\WINDOWS\win.ini 2008-10-16 12:50:36 ----A---- C:\WINDOWS\system.ini 2008-10-03 16:31:24 ----A---- C:\WINDOWS\system32\xreglib.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys [] R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056] R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528] R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-08-31 264704] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2008-10-03 81920] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-10-03 278528] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-10-03 462848] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864] S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896] S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF----------------- Logfile of random's system information tool 1.04 (written by random/random) Run by Sandrine at 2008-10-20 17:28:06 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 52 GB (66%) free of 78 GB Total RAM: 958 MB (66% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:28:20, on 20/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\WDQ7OXE7\RSIT[1].exe C:\HJT\Sandrine.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 5121 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-10-03 290816] "BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2008-10-03 69632] "RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2004-10-11 589824] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-17 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe [2008-10-14 22330] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp] C:\WINDOWS\system32\VTtrayp.exe [2006-08-30 180224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sandrine^Menu Démarrer^Programmes^Démarrage^Rapid Antivirus.lnk] C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 "WLSetupSvc"=3 "usnjsvc"=3 "Pml Driver HPZ12"=2 "PLFlash DeviceIoControl Service"=2 "ose"=3 "odserv"=3 "Nero BackItUp Scheduler 3"=2 "NMIndexingService"=3 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="sockspy.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" ======List of files/folders created in the last 1 months====== 2008-10-20 17:28:06 ----D---- C:\rsit 2008-10-20 16:12:42 ----A---- C:\rapport.txt 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\o4Patch.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe 2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\404Fix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VACFix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\swxcacls.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\IEDFix.exe 2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\dumphive.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swsc.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swreg.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\Process.exe 2008-10-20 15:44:38 ----D---- C:\HJT 2008-10-20 10:28:54 ----D---- C:\Program Files\Windows Live Safety Center 2008-10-17 12:57:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\Logitech 2008-10-17 12:42:44 ----D---- C:\Program Files\MUSICMATCH 2008-10-17 12:41:37 ----R---- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe 2008-10-17 12:37:18 ----D---- C:\WINDOWS\system32\ReinstallBackups 2008-10-17 12:34:51 ----A---- C:\WINDOWS\system32\unicows.dll 2008-10-17 12:34:45 ----A---- C:\WINDOWS\system32\atl71.dll 2008-10-17 12:34:42 ----D---- C:\Program Files\Fichiers communs\Logitech 2008-10-17 12:34:10 ----D---- C:\Program Files\Logitech 2008-10-16 20:21:22 ----A---- C:\WINDOWS\system32\MRT.exe 2008-10-16 12:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-10-16 12:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-10-16 12:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-10-16 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-10-16 12:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-10-16 12:47:09 ----A---- C:\WINDOWS\imsins.BAK 2008-10-16 12:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$ 2008-10-15 09:35:41 ----D---- C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus 2008-10-15 09:13:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\TmpRecentIcons 2008-10-15 09:12:31 ----A---- C:\WINDOWS\qrbgltos.dll 2008-10-15 09:12:29 ----A---- C:\WINDOWS\evsw.exe 2008-10-15 09:01:49 ----D---- C:\Program Files\Rapid Antivirus 2008-10-15 08:54:36 ----D---- C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1] 2008-10-15 08:46:30 ----A---- C:\WINDOWS\system32\smwin32.dll 2008-10-15 08:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll 2008-10-14 16:24:28 ----A---- C:\WINDOWS\system32\msupdte.exe 2008-10-11 09:14:18 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse 2008-10-11 09:13:57 ----D---- C:\Documents and Settings\Sandrine\Application Data\PlayFirst 2008-10-11 09:12:16 ----D---- C:\Program Files\PlayFirst 2008-10-10 21:23:00 ----D---- C:\Documents and Settings\Sandrine\Application Data\Locktime 2008-10-10 21:22:41 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime 2008-10-06 12:35:22 ----A---- C:\WINDOWS\NeroDigital.ini 2008-10-05 20:36:10 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Search 2008-10-04 16:57:45 ----D---- C:\Program Files\PopCap Games 2008-10-04 16:57:07 ----D---- C:\Program Files\Zuma Deluxe 2008-10-04 16:54:38 ----D---- C:\Program Files\Taroteam 2008-10-04 12:58:37 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-04 12:57:56 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search 2008-10-04 12:55:00 ----D---- C:\Program Files\Windows Desktop Search 2008-10-04 12:54:57 ----D---- C:\WINDOWS\system32\GroupPolicy 2008-10-04 12:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$ 2008-10-04 12:35:47 ----D---- C:\WINDOWS\pss 2008-10-04 12:09:55 ----A---- C:\WINDOWS\system32\ChCfg.exe 2008-10-04 12:09:17 ----A---- C:\WINDOWS\system32\ksuser.dll 2008-10-04 12:08:55 ----D---- C:\Program Files\Realtek AC97 2008-10-04 12:08:54 ----A---- C:\WINDOWS\system32\RTLCPL.exe 2008-10-04 12:08:52 ----A---- C:\WINDOWS\soundman.exe 2008-10-04 12:08:50 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll 2008-10-04 12:08:46 ----A---- C:\WINDOWS\alcupd.exe 2008-10-04 12:08:46 ----A---- C:\WINDOWS\Alcrmv.exe 2008-10-04 11:09:14 ----RA---- C:\WINDOWS\system32\VModes.exe 2008-10-04 11:08:55 ----D---- C:\Program Files\S3 2008-10-04 11:03:54 ----A---- C:\WINDOWS\system32\VTTrayp.exe 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTTimer.exe 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTovrlay.dll 2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTInfo2.dll 2008-10-04 11:03:51 ----A---- C:\WINDOWS\system32\vticd.dll 2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTGamma2.dll 2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTDisply.dll 2008-10-04 11:03:49 ----A---- C:\WINDOWS\system32\vtdisp.dll 2008-10-04 11:00:43 ----D---- C:\pnp 2008-10-04 09:52:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2008-10-04 09:52:29 ----A---- C:\WINDOWS\system32\mucltui.dll 2008-10-03 22:31:35 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-03 22:30:12 ----D---- C:\Program Files\VIA 2008-10-03 22:29:16 ----D---- C:\Program Files\Fichiers communs\InstallShield 2008-10-03 22:17:06 ----N---- C:\WINDOWS\system32\spmsg.dll 2008-10-03 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2008-10-03 22:15:15 ----D---- C:\Program Files\Windows Media Connect 2 2008-10-03 22:14:34 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2008-10-03 22:10:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2008-10-03 22:09:47 ----D---- C:\WINDOWS\system32\LogFiles 2008-10-03 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2008-10-03 21:52:08 ----D---- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic 2008-10-03 20:30:33 ----D---- C:\Program Files\MSXML 4.0 2008-10-03 19:21:50 ----D---- C:\Documents and Settings\Sandrine\Application Data\Nero 2008-10-03 19:18:53 ----A---- C:\WINDOWS\system32\MsiExec.exe.log 2008-10-03 19:10:52 ----D---- C:\Program Files\Nero 2008-10-03 19:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2008-10-03 19:10:51 ----D---- C:\Program Files\Fichiers communs\Nero 2008-10-03 19:03:07 ----D---- C:\WINDOWS\RegisteredPackages 2008-10-03 19:01:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2008-10-03 19:01:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2008-10-03 18:50:59 ----D---- C:\Documents and Settings\Sandrine\Application Data\Macromedia 2008-10-03 18:50:58 ----D---- C:\Documents and Settings\Sandrine\Application Data\Adobe 2008-10-03 18:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-10-03 18:13:37 ----RSD---- C:\WINDOWS\assembly 2008-10-03 18:13:37 ----D---- C:\WINDOWS\Microsoft.NET 2008-10-03 18:13:35 ----D---- C:\WINDOWS\system32\URTTemp 2008-10-03 18:12:08 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard 2008-10-03 18:10:48 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2008-10-03 18:10:42 ----A---- C:\WINDOWS\system32\hpz3l3xu.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZisn12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipt12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipr12.dll 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipm12.exe 2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZinw12.exe 2008-10-03 18:04:34 ----A---- C:\WINDOWS\system32\HPZidr12.dll 2008-10-03 18:04:34 ----A---- C:\WINDOWS\IsUninst.exe 2008-10-03 17:57:10 ----A---- C:\WINDOWS\system32\h323log.txt 2008-10-03 17:52:52 ----A---- C:\WINDOWS\system32\usbui.dll 2008-10-03 17:51:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2008-10-03 17:51:37 ----SHD---- C:\WINDOWS\Installer 2008-10-03 17:51:36 ----D---- C:\Program Files\Fichiers communs\ODBC 2008-10-03 17:51:36 ----A---- C:\WINDOWS\ODBCINST.INI 2008-10-03 17:51:33 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2008-10-03 17:51:32 ----RD---- C:\Program Files 2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdur.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdest.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdro.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\spxcoins.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\irclass.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgsetup.dll 2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2008-10-03 17:51:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2008-10-03 17:51:18 ----A---- C:\WINDOWS\TASKMAN.EXE 2008-10-03 17:51:18 ----A---- C:\WINDOWS\system32\batt.dll 2008-10-03 17:51:17 ----A---- C:\WINDOWS\NOTEPAD.EXE 2008-10-03 17:51:16 ----A---- C:\WINDOWS\system32\storprop.dll 2008-10-03 17:51:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2008-10-03 17:51:02 ----RA---- C:\WINDOWS\SET8.tmp 2008-10-03 17:51:00 ----RA---- C:\WINDOWS\SET4.tmp 2008-10-03 17:50:58 ----RA---- C:\WINDOWS\SET3.tmp 2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot2 2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot 2008-10-03 17:50:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-10-03 17:50:26 ----SHD---- C:\System Volume Information 2008-10-03 17:50:26 ----D---- C:\Documents and Settings 2008-10-03 17:49:33 ----SH---- C:\boot.ini 2008-10-03 17:43:33 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-10-03 17:43:33 ----RSD---- C:\WINDOWS\Fonts 2008-10-03 17:43:33 ----RD---- C:\WINDOWS\Web 2008-10-03 17:43:33 ----HD---- C:\WINDOWS\inf 2008-10-03 17:43:33 ----D---- C:\WINDOWS\WinSxS 2008-10-03 17:43:33 ----D---- C:\WINDOWS\twain_32 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Temp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wins 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wbem 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\usmt 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\spool 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ShellExt 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\Setup 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ras 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\oobe 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\npp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\mui 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\inetsrv 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\IME 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\icsxml 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ias 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr-fr 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\export 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\drivers 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\dhcp 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\config 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3com_dmi 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3076 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\2052 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1054 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1042 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1041 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1037 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1036 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1033 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1031 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1028 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1025 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32 2008-10-03 17:43:33 ----D---- C:\WINDOWS\system 2008-10-03 17:43:33 ----D---- C:\WINDOWS\security 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Resources 2008-10-03 17:43:33 ----D---- C:\WINDOWS\repair 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Provisioning 2008-10-03 17:43:33 ----D---- C:\WINDOWS\PeerNet 2008-10-03 17:43:33 ----D---- C:\WINDOWS\pchealth 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Network Diagnostic 2008-10-03 17:43:33 ----D---- C:\WINDOWS\mui 2008-10-03 17:43:33 ----D---- C:\WINDOWS\msapps 2008-10-03 17:43:33 ----D---- C:\WINDOWS\msagent 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Media 2008-10-03 17:43:33 ----D---- C:\WINDOWS\L2Schemas 2008-10-03 17:43:33 ----D---- C:\WINDOWS\java 2008-10-03 17:43:33 ----D---- C:\WINDOWS\ime 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Help 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Driver Cache 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Debug 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Cursors 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Connection Wizard 2008-10-03 17:43:33 ----D---- C:\WINDOWS\Config 2008-10-03 17:43:33 ----D---- C:\WINDOWS\AppPatch 2008-10-03 17:43:33 ----D---- C:\WINDOWS\addins 2008-10-03 17:43:33 ----D---- C:\WINDOWS 2008-10-03 17:39:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2008-10-03 17:38:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2008-10-03 17:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE 2008-10-03 17:24:25 ----D---- C:\Program Files\Microsoft Works 2008-10-03 17:24:14 ----D---- C:\Program Files\MSBuild 2008-10-03 17:23:06 ----D---- C:\Program Files\Microsoft Visual Studio 2008-10-03 17:23:05 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2008-10-03 17:17:59 ----D---- C:\WINDOWS\SHELLNEW 2008-10-03 17:17:27 ----D---- C:\Program Files\Microsoft Office 2008-10-03 17:17:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-10-03 17:16:41 ----RHD---- C:\MSOCache 2008-10-03 17:15:02 ----D---- C:\Documents and Settings\Sandrine\Application Data\WinRAR 2008-10-03 17:06:52 ----D---- C:\Program Files\eMule 2008-10-03 17:05:08 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-10-03 17:04:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-10-03 17:04:32 ----D---- C:\Program Files\Windows Live 2008-10-03 17:04:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-10-03 17:04:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-10-03 17:02:05 ----A---- C:\WINDOWS\system32\unrar.dll 2008-10-03 17:02:04 ----A---- C:\WINDOWS\avisplitter.ini 2008-10-03 17:01:54 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2008-10-03 17:01:52 ----A---- C:\WINDOWS\system32\xvidcore.dll 2008-10-03 17:01:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2008-10-03 17:01:47 ----A---- C:\WINDOWS\system32\qt-dx331.dll 2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\dpl100.dll 2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\divx.dll 2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2008-10-03 17:01:16 ----D---- C:\Program Files\K-Lite Codec Pack 2008-10-03 16:58:58 ----D---- C:\Program Files\Yahoo! 2008-10-03 16:58:28 ----D---- C:\Program Files\CCleaner 2008-10-03 16:57:29 ----D---- C:\Program Files\WinRAR 2008-10-03 16:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-10-03 16:52:00 ----D---- C:\Program Files\Fichiers communs\Adobe 2008-10-03 16:52:00 ----D---- C:\Program Files\Adobe 2008-10-03 16:34:51 ----D---- C:\Documents and Settings\Sandrine\Application Data\Mozilla 2008-10-03 16:34:37 ----D---- C:\Program Files\Mozilla Firefox 2008-10-03 16:34:00 ----D---- C:\WINDOWS\system32\PreInstall 2008-10-03 16:33:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2008-10-03 16:33:58 ----HD---- C:\WINDOWS\$hf_mig$ 2008-10-03 16:32:46 ----D---- C:\Program Files\HP 2008-10-03 16:31:19 ----HD---- C:\Config.Msi 2008-10-03 16:28:33 ----D---- C:\Documents and Settings\Sandrine\Application Data\HP 2008-10-03 16:26:38 ----D---- C:\Documents and Settings\Sandrine\Application Data\Bitdefender 2008-10-03 16:16:09 ----D---- C:\Program Files\Softwin 2008-10-03 16:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-10-03 16:15:09 ----D---- C:\Program Files\Fichiers communs\Softwin 2008-10-03 16:13:46 ----SHD---- C:\RECYCLER 2008-10-03 16:13:01 ----D---- C:\Documents and Settings\Sandrine\Application Data\Identities 2008-10-03 16:12:59 ----HD---- C:\Program Files\Uninstall Information 2008-10-03 16:12:53 ----ASH---- C:\Documents and Settings\Sandrine\Application Data\desktop.ini 2008-10-03 16:12:52 ----SD---- C:\Documents and Settings\Sandrine\Application Data\Microsoft 2008-10-03 16:12:31 ----A---- C:\WINDOWS\system32\wpa.bak 2008-10-03 16:11:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2008-10-03 16:10:38 ----D---- C:\WINDOWS\SoftwareDistribution 2008-10-03 16:10:29 ----D---- C:\WINDOWS\Prefetch 2008-10-03 16:10:28 ----SD---- C:\WINDOWS\system32\Microsoft 2008-10-03 16:10:28 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-10-03 16:07:13 ----D---- C:\WINDOWS\system32\xircom 2008-10-03 16:07:13 ----D---- C:\Program Files\xerox 2008-10-03 16:07:13 ----D---- C:\Program Files\microsoft frontpage 2008-10-03 16:07:00 ----A---- C:\WINDOWS\control.ini 2008-10-03 16:07:00 ----A---- C:\AUTOEXEC.BAT 2008-10-03 16:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-10-03 16:05:22 ----RD---- C:\WINDOWS\Offline Web Pages 2008-10-03 16:05:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2008-10-03 16:05:14 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2008-10-03 16:05:09 ----HD---- C:\Program Files\WindowsUpdate 2008-10-03 16:05:03 ----D---- C:\Program Files\Services en ligne 2008-10-03 16:04:46 ----D---- C:\WINDOWS\system32\DirectX 2008-10-03 16:04:42 ----A---- C:\WINDOWS\system32\atrace.dll 2008-10-03 16:04:40 ----A---- C:\WINDOWS\system32\desktop.ini 2008-10-03 16:04:40 ----A---- C:\WINDOWS\desktop.ini 2008-10-03 16:04:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2008-10-03 16:04:33 ----D---- C:\Program Files\Fichiers communs\Services 2008-10-03 16:04:33 ----A---- C:\WINDOWS\system32\acctres.dll 2008-10-03 16:04:31 ----SD---- C:\WINDOWS\Tasks 2008-10-03 16:04:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2008-10-03 16:04:30 ----D---- C:\Program Files\Fichiers communs\MSSoap 2008-10-03 16:04:27 ----D---- C:\WINDOWS\srchasst 2008-10-03 16:04:26 ----D---- C:\WINDOWS\system32\Macromed 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuweb.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wucltui.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuauserv.dll 2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wups.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuaueng.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt.exe 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuapi.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgr.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2008-10-03 16:04:20 ----D---- C:\Program Files\Movie Maker 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrslv.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrdm.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\racpldlg.dll 2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltMc.exe 2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltlib.dll 2008-10-03 16:04:02 ----D---- C:\WINDOWS\system32\Restore 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srsvc.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srrstr.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srclient.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\mnmdd.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\ils.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\msconf.dll 2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2008-10-03 16:03:59 ----D---- C:\Program Files\NetMeeting 2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoert2.dll 2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoeacct.dll 2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetres.dll 2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetcomm.dll 2008-10-03 16:03:56 ----D---- C:\Program Files\Outlook Express 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\schedsvc.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstinit.exe 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstask.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\isign32.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\inetcfg.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwphbk.dll 2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwdial.dll 2008-10-03 16:03:51 ----D---- C:\Program Files\Fichiers communs\System 2008-10-03 16:03:49 ----D---- C:\Program Files\Internet Explorer 2008-10-03 16:03:33 ----D---- C:\Program Files\ComPlus Applications 2008-10-03 16:03:30 ----A---- C:\WINDOWS\vbaddin.ini 2008-10-03 16:03:30 ----A---- C:\WINDOWS\vb.ini 2008-10-03 16:03:24 ----D---- C:\WINDOWS\Registration 2008-10-03 16:02:40 ----D---- C:\Program Files\Windows Media Player 2008-10-03 16:02:40 ----D---- C:\Program Files\Online Services 2008-10-03 16:02:33 ----D---- C:\Program Files\Messenger 2008-10-03 16:02:30 ----D---- C:\Program Files\MSN Gaming Zone 2008-10-03 16:02:30 ----A---- C:\WINDOWS\system32\write.exe 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\sndvol32.exe 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\hticons.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avwav.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avtapi.dll 2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avmeter.dll 2008-10-03 16:02:21 ----A---- C:\WINDOWS\system32\winchat.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\winmine.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\sol.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\getuname.dll 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\charmap.exe 2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\calc.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tslabels.ini 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tskill.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tscon.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\shadow.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\rwinsta.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\reset.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\mshearts.exe 2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\freecell.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\regini.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qwinsta.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qappsrv.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msg.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\logoff.exe 2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\cdmodem.dll 2008-10-03 16:02:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2008-10-03 16:02:02 ----D---- C:\Program Files\MSN 2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\sndrec32.exe 2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\accwiz.exe 2008-10-03 16:02:00 ----D---- C:\Program Files\Windows NT 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mspaint.exe 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mplay32.exe 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\hypertrm.dll 2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\clipbrd.exe 2008-10-03 16:01:59 ----A---- C:\WINDOWS\system32\spider.exe 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tsgqec.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\mstscax.dll 2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\aaclient.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\termsrv.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\sessmgr.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\remotepg.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdshost.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdchost.dll 2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\mstsc.exe 2008-10-03 16:01:56 ----D---- C:\WINDOWS\system32\MsDtc 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\rdpclip.exe 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\qprocess.exe 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\mtxoci.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtctm.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\icaapi.dll 2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\xolehlp.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtclog.dll 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtc.exe 2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2008-10-03 16:01:54 ----D---- C:\WINDOWS\system32\Com 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\stclient.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxex.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxdm.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comrepl.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comaddin.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\colbact.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\clbcatex.dll 2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\catsrvps.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comuid.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsvcs.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsnap.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\clbcatq.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrvut.dll 2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrv.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\servdeps.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\mmfutil.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\licwmi.dll 2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2008-10-20 16:30:34 ----A---- C:\WINDOWS\win.ini 2008-10-16 12:50:36 ----A---- C:\WINDOWS\system.ini 2008-10-03 16:31:24 ----A---- C:\WINDOWS\system32\xreglib.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840] R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys [] R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056] R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528] R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-08-31 264704] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2008-10-03 81920] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-10-03 278528] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-10-03 462848] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864] S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896] S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF-----------------
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

J'ai ce rapport SmitFraudFix v2.365 Rapport fait à 17:22:50,07, 20/10/2008 Executé à partir de C:\Documents and Settings\Sandrine\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Quand je met l'option 2 (nettoyage recommandé en mode échec) sur "smitfraud" ca me met fin des processus
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Re coucou angélique, Je t'ai peut etre envoyé le rapport trop prématurément,il fallait peut etre attendre de télécharger Smitfraud....... Je l'ai télechargé,j'ai appuyé sur 2 et d'un coup ca a beugué,j'ai du éteindre le pc et à ma grande surprise je n'ai plus alert virus et j'ai retrouvé "tous les programmes".Tu crois que le problème est résolu?plus de virus? merci.......
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a répondu à un(e) sujet de lulia dans Analyses et éradication malwares

Merci angélique de ton aide,c'est très gentil Je t'envoi le rapport,j'espere que cette foix ci je l'ai bien fait.je télécharche maintenant smitfraudfix. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:05: VIRUS ALERT!, on 20/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\HJT\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 5128 bytes
- le 20 octobre 2008
- 22 réponses
[resolu]alert virus

lulia a posté un sujet dans Analyses et éradication malwares

Bonjour, Je suis nouvelle sur ce site et pas vraiment douée en informatique...... Voila,il y'a quelques jours j'ai attrapé un virus,j'ai pu effacer de nombreux fichiers compromettant,il me reste tout de mm "un virus alert!" à côté de mon horloge en bas à droite et sur le gestionnaire des tâches je n'ai plus en autre "tous les programmes". J'ai bitdéfender comme antivirus et je fonctionne sous xp......J'espere que vous allez pouvoir me dépanner...... J'ai fait un "rapport",je ne sais pas si il sera d'une grande importance ou si du moins il est bien fait...... Merci de votre aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:30: VIRUS ALERT!, on 20/10/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\OVT94TC7\HiJackThis[1].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: (no name) - {B394BBFD-DC8F-44B4-8F97-962C9646DD95} - (no file) O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078 O18 - Protocol: bw+0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 17031 bytes
- le 20 octobre 2008
- 22 réponses

Connexion

lulia

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par lulia

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

[resolu]alert virus

Zebulon

Outils en ligne

Naviguer