Aller au contenu

vincetdsi

Membres
  • Compteur de contenus

    13
  • Inscription

  • Dernière visite

vincetdsi's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Up!!! RAS, ni avec antivir ni avec malwarebytes.
  2. Bonjour à tous, Depuis peu j'ai un gros probleme au démarage de windows xp sp3, il se passe environ 1 minute entre l'affichage du bureau et l'affichage de la barre des taches. Voila mon rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:15:54, on 16/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe D:\Documents de Thev\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1198433470375 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1198433828718 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8951 bytes Merci.
  3. Non ce programme est installé depuis longtemps. Je l'ai juste réinstallé récemment.
  4. Salut, j'ai attendu un peu et voila le topo : Pour window 57.3go de libre et 31.6go utilisé Pour space monger 15.4go unscanned En réalité 72.1go de libre et 16.8go utilisé. rapport windatfind
  5. En fait unscanned correspond a ce que spacemonger ne peut pas analyser. Ça ne correspond a rien sur le disque, c juste une fausse information comme pour window. Par contre le logiciel wd tool ne compte pas cet espace. Encore merci de ton aide.
  6. Salut, L'espace qui augmente est dans "unscanned" et le seul dossier qui ne peut pas être analysé est c:\System Volume Information mais sa taille sur le disque est de 0ko. Je crois bien que le formatage va être la seule solution...
  7. Salut, voila le log: Logfile of random's system information tool 1.05 (written by random/random) Run by Vince at 2009-02-22 18:28:07 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 73 GB (81%) free of 91 GB Total RAM: 1535 MB (66% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:28:26, on 22/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Vista Drive Icon\DrvIcon.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSI\Core Center\CoreCenter.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Vince\Bureau\RSIT.exe C:\WINDOWS\System32\wbem\wmiprvse.exe C:\Program Files\Trend Micro\HijackThis\Vince.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [stxTrayMenu] "C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8144 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-19 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-19 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-19 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] C:\Program Files\PicLensIE\cooliris.dll [2008-11-21 3725272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IntelliType"=C:\Program Files\Microsoft Hardware\Keyboard\type32.exe [2002-03-22 94208] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2005-12-05 461584] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088] "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936] "DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152] ""= [] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] "StxTrayMenu"=C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe [2007-01-18 190008] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-19 136600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-11-27 234856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [1999-02-17 65588] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage CoreCenter.lnk - C:\Program Files\MSI\Core Center\CoreCenter.exe C:\Documents and Settings\Vince\Menu Démarrer\Programmes\Démarrage RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2008-09-24 143360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{148ce000-c603-11dc-9853-0011097c9f76}] shell\AutoRun\command - H:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{148ce001-c603-11dc-9853-0011097c9f76}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f42c1346-54d3-11dd-964b-0011097c9f76}] shell\AutoRun\command - H:\InstallTomTomHOME.exe ======List of files/folders created in the last 2 months====== 2009-02-22 18:28:07 ----D---- C:\rsit 2009-02-21 10:49:01 ----A---- C:\WINDOWS\gmer.ini 2009-02-21 10:49:00 ----A---- C:\WINDOWS\gmer_uninstall.cmd 2009-02-21 10:49:00 ----A---- C:\WINDOWS\gmer.exe 2009-02-21 10:49:00 ----A---- C:\WINDOWS\gmer.dll 2009-02-20 22:06:15 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-02-20 15:33:39 ----D---- C:\Program Files\a-squared Free 2009-02-19 20:43:09 ----A---- C:\WINDOWS\system32\javaws.exe 2009-02-19 20:43:09 ----A---- C:\WINDOWS\system32\javaw.exe 2009-02-19 20:43:09 ----A---- C:\WINDOWS\system32\java.exe 2009-02-19 11:48:06 ----D---- C:\_OTScanIt 2009-02-17 15:36:51 ----D---- C:\Program Files\Avira 2009-02-17 15:36:51 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-02-14 00:13:27 ----D---- C:\Program Files\EsetOnlineScanner 2009-02-13 20:16:30 ----D---- C:\WINDOWS\BDOSCAN8 2009-02-13 19:27:20 ----D---- C:\Program Files\Trend Micro 2009-02-13 18:48:26 ----SHD---- C:\System Volume Information 2009-02-13 18:42:09 ----D---- C:\Program Files\Unlocker 2009-02-13 18:41:47 ----D---- C:\Program Files\ExplorerXP 2009-02-12 18:12:07 ----D---- C:\Documents and Settings\Vince\Application Data\GetRightToGo 2009-02-12 15:00:32 ----D---- C:\Documents and Settings\Vince\Application Data\Malwarebytes 2009-02-12 15:00:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-02-12 15:00:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-02-11 19:56:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$ 2009-02-07 22:46:33 ----D---- C:\Program Files\SpaceMonger 2009-02-07 22:46:33 ----D---- C:\Documents and Settings\Vince\Application Data\SpaceMonger 2009-02-07 20:49:46 ----D---- C:\Program Files\MKVtoolnix 2009-02-07 20:43:25 ----D---- C:\Program Files\mkv2vob 2009-02-07 20:43:11 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-02-06 18:30:47 ----D---- C:\Documents and Settings\Vince\Application Data\vlc 2009-02-05 13:50:29 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-02-05 13:50:28 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$ 2009-02-05 13:44:25 ----D---- C:\WINDOWS\system32\XPSViewer 2009-02-05 13:44:19 ----D---- C:\Program Files\MSBuild 2009-02-05 13:44:17 ----D---- C:\WINDOWS\system32\en-US 2009-02-05 13:44:08 ----D---- C:\Program Files\Reference Assemblies 2009-02-05 13:43:23 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-02-05 13:43:23 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-02-05 13:43:23 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-02-05 13:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$ 2009-02-05 13:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-02-04 15:17:58 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd 2009-02-04 15:04:32 ----D---- C:\Program Files\AMD 2009-02-04 14:20:58 ----D---- C:\Program Files\msn gaming zone 2009-02-04 14:18:28 ----D---- C:\WINDOWS\Prefetch 2009-02-04 14:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-02-04 14:12:11 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2009-02-04 14:07:21 ----A---- C:\WINDOWS\003525_.tmp 2009-02-04 14:04:32 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-02-04 13:53:13 ----A---- C:\WINDOWS\system32\dpcdll.dll 2009-02-04 13:52:32 ----D---- C:\WINDOWS\ServicePackFiles 2009-02-04 13:52:28 ----N---- C:\WINDOWS\system32\ati3d2ag.dll 2009-02-04 13:52:28 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2009-02-04 13:52:28 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2009-02-04 13:52:27 ----A---- C:\WINDOWS\system32\gptext.dll 2009-02-04 13:52:27 ----A---- C:\WINDOWS\system32\gpresult.exe 2009-02-04 13:52:27 ----A---- C:\WINDOWS\system32\fdeploy.dll 2009-02-04 13:52:27 ----A---- C:\WINDOWS\system32\appmgr.dll 2009-02-04 13:52:27 ----A---- C:\WINDOWS\system32\appmgmts.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\nwwks.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqutil.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqtrig.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqsnap.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqsec.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqrt.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqqm.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqise.dll 2009-02-04 13:52:26 ----A---- C:\WINDOWS\system32\mqad.dll 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\tracerpt.exe 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\tlntsvrp.dll 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\tlntsvr.exe 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\tlntsess.exe 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\tlntadmn.exe 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\schtasks.exe 2009-02-04 13:52:25 ----A---- C:\WINDOWS\system32\rsnotify.exe 2009-02-04 13:52:24 ----A---- C:\WINDOWS\system32\wsecedit.dll 2009-02-04 13:51:47 ----A---- C:\WINDOWS\hh.exe 2009-02-04 13:51:47 ----A---- C:\WINDOWS\explorer.exe 2009-02-04 13:51:46 ----A---- C:\WINDOWS\winhlp32.exe 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\apphelp.dll 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\alg.exe 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\ahui.exe 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\advpack.dll 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\adsnt.dll 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\adsmsext.dll 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\adsldpc.dll 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\adsldp.dll 2009-02-04 13:51:42 ----A---- C:\WINDOWS\system32\6to4svc.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\browseui.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\browser.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\browselc.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\batt.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\avifil32.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\autolfn.exe 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\audiosrv.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\atl.dll 2009-02-04 13:51:41 ----A---- C:\WINDOWS\system32\at.exe 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\cmdial32.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\clusapi.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\ciodm.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\certcli.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\cdm.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\catsrvut.dll 2009-02-04 13:51:40 ----A---- C:\WINDOWS\system32\browsewm.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\cryptui.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\cryptsvc.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\cryptdlg.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\crypt32.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\credui.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\conime.exe 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\comsvcs.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\compatui.dll 2009-02-04 13:51:39 ----A---- C:\WINDOWS\system32\cmdl32.exe 2009-02-04 13:51:38 ----A---- C:\WINDOWS\system32\dbmsvinn.dll 2009-02-04 13:51:38 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll 2009-02-04 13:51:38 ----A---- C:\WINDOWS\system32\dbmsadsn.dll 2009-02-04 13:51:38 ----A---- C:\WINDOWS\system32\danim.dll 2009-02-04 13:51:38 ----A---- C:\WINDOWS\system32\ctfmon.exe 2009-02-04 13:51:38 ----A---- C:\WINDOWS\system32\cscui.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dinput.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\digest.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dgnet.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dfsshlex.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dfrgui.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dfrgsnap.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dfrgntfs.exe 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dfrgfat.exe 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\devmgr.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\defrag.exe 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dbnmpntw.dll 2009-02-04 13:51:37 ----A---- C:\WINDOWS\system32\dbnetlib.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dwwin.exe 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\duser.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dumprep.exe 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dssenh.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dsquery.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dsprop.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\ds32gt.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\docprop2.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dnsapi.dll 2009-02-04 13:51:36 ----A---- C:\WINDOWS\system32\dinput8.dll 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\eudcedit.exe 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\es.dll 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\ersvc.dll 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\els.dll 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\dxtrans.dll 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2009-02-04 13:51:35 ----A---- C:\WINDOWS\system32\dxmasf.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\hnetcfg.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\hhsetup.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\framebuf.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\fontview.exe 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\fldrclnr.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\faultrep.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\expsrv.dll 2009-02-04 13:51:34 ----A---- C:\WINDOWS\system32\eventlog.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\imapi.exe 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\ils.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\iesetup.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\ieaksie.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\ieakeng.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\idq.dll 2009-02-04 13:51:33 ----A---- C:\WINDOWS\system32\icm32.dll 2009-02-04 13:51:32 ----A---- C:\WINDOWS\system32\inseng.dll 2009-02-04 13:51:32 ----A---- C:\WINDOWS\system32\input.dll 2009-02-04 13:51:32 ----A---- C:\WINDOWS\system32\imm32.dll 2009-02-04 13:51:32 ----A---- C:\WINDOWS\system32\imjp81k.dll 2009-02-04 13:51:32 ----A---- C:\WINDOWS\system32\imgutil.dll 2009-02-04 13:51:32 ----A---- C:\WINDOWS\system32\imeshare.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\itss.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\itircl.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\ipv6mon.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\ipv6.exe 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\ipsecsvc.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\ippromon.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\ipnathlp.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\iphlpapi.dll 2009-02-04 13:51:31 ----A---- C:\WINDOWS\system32\ipconfig.exe 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\lmrt.dll 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\licmgr10.dll 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\kerberos.dll 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\kd1394.dll 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\ixsso.dll 2009-02-04 13:51:30 ----A---- C:\WINDOWS\system32\iuengine.dll 2009-02-04 13:51:29 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-02-04 13:51:29 ----A---- C:\WINDOWS\system32\mmcndmgr.dll 2009-02-04 13:51:29 ----A---- C:\WINDOWS\system32\mindex.dll 2009-02-04 13:51:29 ----A---- C:\WINDOWS\system32\logonui.exe 2009-02-04 13:51:29 ----A---- C:\WINDOWS\system32\localui.dll 2009-02-04 13:51:28 ----A---- C:\WINDOWS\system32\msconf.dll 2009-02-04 13:51:28 ----A---- C:\WINDOWS\system32\mscms.dll 2009-02-04 13:51:28 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-02-04 13:51:28 ----A---- C:\WINDOWS\system32\mpg4dmod.dll 2009-02-04 13:51:28 ----A---- C:\WINDOWS\system32\moricons.dll 2009-02-04 13:51:28 ----A---- C:\WINDOWS\system32\mobsync.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\msexch40.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\msdxmlc.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\msdart.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\msctfp.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\msctf.dll 2009-02-04 13:51:27 ----A---- C:\WINDOWS\system32\mscpx32r.dll 2009-02-04 13:51:26 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-02-04 13:51:26 ----A---- C:\WINDOWS\system32\msexcl40.dll 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\msimg32.dll 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\msihnd.dll 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\msiexec.exe 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\msieftp.dll 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\msi.dll 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\mshtmler.dll 2009-02-04 13:51:25 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-02-04 13:51:24 ----A---- C:\WINDOWS\system32\mslbui.dll 2009-02-04 13:51:24 ----A---- C:\WINDOWS\system32\msjtes40.dll 2009-02-04 13:51:24 ----A---- C:\WINDOWS\system32\msjetoledb40.dll 2009-02-04 13:51:24 ----A---- C:\WINDOWS\system32\msjet40.dll 2009-02-04 13:51:24 ----A---- C:\WINDOWS\system32\msisam11.dll 2009-02-04 13:51:24 ----A---- C:\WINDOWS\system32\msimtf.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\msrating.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\mspbde40.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\msorcl32.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\msnsspc.dll 2009-02-04 13:51:23 ----A---- C:\WINDOWS\system32\msltus40.dll 2009-02-04 13:51:22 ----A---- C:\WINDOWS\system32\mstime.dll 2009-02-04 13:51:22 ----A---- C:\WINDOWS\system32\mstext40.dll 2009-02-04 13:51:22 ----A---- C:\WINDOWS\system32\mstask.dll 2009-02-04 13:51:22 ----A---- C:\WINDOWS\system32\msrle32.dll 2009-02-04 13:51:22 ----A---- C:\WINDOWS\system32\msrepl40.dll 2009-02-04 13:51:22 ----A---- C:\WINDOWS\system32\msrd2x40.dll 2009-02-04 13:51:21 ----A---- C:\WINDOWS\system32\msvcp60.dll 2009-02-04 13:51:21 ----A---- C:\WINDOWS\system32\msutb.dll 2009-02-04 13:51:21 ----A---- C:\WINDOWS\system32\msuni11.dll 2009-02-04 13:51:21 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-02-04 13:51:21 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-02-04 13:51:21 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-02-04 13:51:20 ----A---- C:\WINDOWS\system32\msxbde40.dll 2009-02-04 13:51:20 ----A---- C:\WINDOWS\system32\msvfw32.dll 2009-02-04 13:51:20 ----A---- C:\WINDOWS\system32\msvcrt.dll 2009-02-04 13:51:19 ----A---- C:\WINDOWS\system32\msxml2.dll 2009-02-04 13:51:18 ----A---- C:\WINDOWS\system32\nddenb32.dll 2009-02-04 13:51:18 ----A---- C:\WINDOWS\system32\ncobjapi.dll 2009-02-04 13:51:18 ----A---- C:\WINDOWS\system32\msxml3.dll 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\netplwiz.dll 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\netman.dll 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\netlogon.dll 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\netdde.exe 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\netcfgx.dll 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\netapi32.dll 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\net1.exe 2009-02-04 13:51:17 ----A---- C:\WINDOWS\system32\net.exe 2009-02-04 13:51:16 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-02-04 13:51:16 ----A---- C:\WINDOWS\system32\nlhtml.dll 2009-02-04 13:51:16 ----A---- C:\WINDOWS\system32\newdev.dll 2009-02-04 13:51:16 ----A---- C:\WINDOWS\system32\netshell.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\odbcbcp.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\odbcad32.exe 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\odbc32gt.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\odbc32.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\oakley.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\ntshrui.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\ntmssvc.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\ntmsdba.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\ntmsapi.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\ntmarta.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\ntlanman.dll 2009-02-04 13:51:15 ----A---- C:\WINDOWS\system32\npptools.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\opengl32.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\oleprn.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\ole32.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\offfilt.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbctrac.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbcp32r.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbccu32.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbccr32.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbccp32.dll 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbcconf.exe 2009-02-04 13:51:14 ----A---- C:\WINDOWS\system32\odbcconf.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\psbase.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\psapi.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\ping.exe 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\pdh.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\pautoenr.dll 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\packager.exe 2009-02-04 13:51:13 ----A---- C:\WINDOWS\system32\osk.exe 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rcimlby.exe 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rastls.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rassapi.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rasppp.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\rasmans.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\raschap.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\query.dll 2009-02-04 13:51:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\rpcss.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\riched20.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\regapi.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\reg.exe 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\redir.exe 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-02-04 13:51:11 ----A---- C:\WINDOWS\system32\rdpdd.dll 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\scesrv.dll 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\scecli.dll 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\sccsccp.dll 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\sccbase.dll 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\runonce.exe 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\rtcshare.exe 2009-02-04 13:51:10 ----A---- C:\WINDOWS\system32\rsaenh.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\shdocvw.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\sfcfiles.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\sfc_os.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\setup.exe 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\sensapi.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\sens.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\secur32.dll 2009-02-04 13:51:09 ----A---- C:\WINDOWS\system32\sdbinst.exe 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\sigverif.exe 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\sigtab.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shsvcs.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shmgrate.exe 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shlwapi.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shimgvw.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shimeng.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shgina.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shfolder.dll 2009-02-04 13:51:07 ----A---- C:\WINDOWS\system32\shell32.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\srclient.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\sqlsrv32.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\spoolss.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\spider.exe 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\snmpapi.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\smlogsvc.exe 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\smlogcfg.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\slayerxp.dll 2009-02-04 13:51:06 ----A---- C:\WINDOWS\system32\skeys.exe 2009-02-04 13:51:05 ----A---- C:\WINDOWS\system32\ssdpsrv.dll 2009-02-04 13:51:05 ----A---- C:\WINDOWS\system32\ssdpapi.dll 2009-02-04 13:51:05 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-02-04 13:51:05 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-02-04 13:51:04 ----A---- C:\WINDOWS\system32\sxs.dll 2009-02-04 13:51:04 ----A---- C:\WINDOWS\system32\strmdll.dll 2009-02-04 13:51:04 ----A---- C:\WINDOWS\system32\stobject.dll 2009-02-04 13:51:04 ----A---- C:\WINDOWS\system32\sti_ci.dll 2009-02-04 13:51:04 ----A---- C:\WINDOWS\system32\sti.dll 2009-02-04 13:51:03 ----A---- C:\WINDOWS\system32\themeui.dll 2009-02-04 13:51:03 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-02-04 13:51:03 ----A---- C:\WINDOWS\system32\taskmgr.exe 2009-02-04 13:51:03 ----A---- C:\WINDOWS\system32\tapisrv.dll 2009-02-04 13:51:03 ----A---- C:\WINDOWS\system32\tapi32.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\upnpui.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\upnphost.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\upnp.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\uniime.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\umpnpmgr.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\umandlg.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\udhisapi.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\trkwks.dll 2009-02-04 13:51:02 ----A---- C:\WINDOWS\system32\tracert.exe 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\vdmredir.dll 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\vbscript.dll 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\uxtheme.dll 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\utilman.exe 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\usp10.dll 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\url.dll 2009-02-04 13:51:01 ----A---- C:\WINDOWS\system32\ups.exe 2009-02-04 13:51:00 ----A---- C:\WINDOWS\system32\webclnt.dll 2009-02-04 13:51:00 ----A---- C:\WINDOWS\system32\webcheck.dll 2009-02-04 13:51:00 ----A---- C:\WINDOWS\system32\w32time.dll 2009-02-04 13:51:00 ----A---- C:\WINDOWS\system32\vssapi.dll 2009-02-04 13:50:59 ----A---- C:\WINDOWS\system32\wextract.exe 2009-02-04 13:50:59 ----A---- C:\WINDOWS\system32\webvw.dll 2009-02-04 13:50:58 ----A---- C:\WINDOWS\system32\wiaservc.dll 2009-02-04 13:50:58 ----A---- C:\WINDOWS\system32\wiadss.dll 2009-02-04 13:50:56 ----A---- C:\WINDOWS\system32\wininet.dll 2009-02-04 13:50:55 ----A---- C:\WINDOWS\system32\winsta.dll 2009-02-04 13:50:55 ----A---- C:\WINDOWS\system32\winmm.dll 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wmvdmoe.dll 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wmv8dmod.dll 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wmstream.dll 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wmsdmoe.dll 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wmpstub.exe 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wlnotify.dll 2009-02-04 13:50:54 ----A---- C:\WINDOWS\system32\wldap32.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wzcdlg.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wtsapi32.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wsnmp32.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wship6.dll 2009-02-04 13:50:53 ----A---- C:\WINDOWS\system32\wow32.dll 2009-02-04 13:50:52 ----A---- C:\WINDOWS\system32\zipfldr.dll 2009-02-04 13:50:52 ----A---- C:\WINDOWS\system32\xenroll.dll 2009-02-04 13:50:52 ----A---- C:\WINDOWS\system32\xactsrv.dll 2009-02-04 13:50:52 ----A---- C:\WINDOWS\system32\HAL.DLL 2009-02-04 01:58:37 ----D---- C:\WINDOWS\OemDir 2009-02-04 01:27:06 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-02-04 01:26:53 ----D---- C:\Program Files\Services en ligne 2009-02-04 01:26:28 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-02-04 01:26:28 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-02-04 01:26:28 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-02-04 01:26:28 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-02-04 01:26:20 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-02-04 01:26:19 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-02-04 01:26:12 ----A---- C:\WINDOWS\system32\inetres.dll 2009-02-04 01:26:08 ----A---- C:\WINDOWS\system32\isign32.dll 2009-02-04 01:26:08 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-02-04 01:26:08 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-02-04 01:26:08 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-02-04 01:25:10 ----D---- C:\Program Files\ComPlus Applications 2009-02-04 01:25:00 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-02-04 01:25:00 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-02-04 01:25:00 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-02-04 01:24:59 ----A---- C:\WINDOWS\system32\hypertrm.dll 2009-02-04 01:24:58 ----A---- C:\WINDOWS\system32\calc.exe 2009-02-04 01:24:54 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-02-04 01:24:54 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-02-04 01:24:53 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-02-04 01:24:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-02-04 01:24:52 ----A---- C:\WINDOWS\system32\mtxoci.dll 2009-02-04 01:24:51 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-02-04 01:24:51 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-02-04 01:24:51 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-02-04 01:24:51 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-02-04 01:24:49 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-02-04 01:24:49 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-02-04 01:24:49 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-02-04 01:24:49 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-02-04 01:24:49 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-02-04 01:24:49 ----A---- C:\WINDOWS\system32\colbact.dll 2009-02-04 01:24:48 ----A---- C:\WINDOWS\system32\stclient.dll 2009-02-04 01:24:48 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-02-04 01:24:48 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-02-04 01:24:48 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-02-04 01:24:47 ----A---- C:\WINDOWS\system32\catsrv.dll 2009-02-04 01:24:45 ----A---- C:\WINDOWS\system32\comuid.dll 2009-02-04 01:24:45 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-02-04 01:24:45 ----A---- C:\WINDOWS\system32\clbcatq.dll 2009-02-04 01:24:34 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-02-04 01:24:34 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-02-04 01:24:34 ----A---- C:\WINDOWS\system32\cmprops.dll 2009-02-04 01:13:10 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-02-04 01:11:32 ----A---- C:\WINDOWS\system32\irclass.dll 2009-02-04 01:11:31 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-02-04 01:11:18 ----RA---- C:\WINDOWS\SETBC.tmp 2009-02-04 01:11:15 ----RA---- C:\WINDOWS\SETB4.tmp 2009-02-03 17:10:42 ----D---- C:\Program Files\HD Tune 2009-02-01 02:09:27 ----A---- C:\WINDOWS\system32\TwnLib20.dll 2009-01-31 23:47:49 ----D---- C:\Documents and Settings\Vince\Application Data\Acronis 2009-01-31 23:43:18 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis 2009-01-31 15:32:22 ----A---- C:\WINDOWS\system32\AutoPartNt.exe 2009-01-31 11:36:48 ----D---- C:\Documents and Settings\Vince\Application Data\Micro Application 2009-01-31 11:29:37 ----A---- C:\WINDOWS\system32\setupnt.dll 2009-01-31 11:29:34 ----D---- C:\Program Files\Fichiers communs\Acronis 2009-01-27 22:49:51 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia 2009-01-27 22:49:23 ----D---- C:\Program Files\BFG 2009-01-26 19:38:23 ----D---- C:\Program Files\SuperCopier2 2009-01-26 14:07:54 ----D---- C:\Program Files\AviSynth 2.5 2009-01-23 14:25:09 ----D---- C:\Program Files\SpeedFan 2009-01-20 11:29:55 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-01-18 18:00:18 ----D---- C:\Program Files\TVAnts 2009-01-18 14:01:35 ----D---- C:\Program Files\Seagate 2009-01-13 18:31:20 ----D---- C:\Program Files\Bonjour 2009-01-12 02:22:23 ----D---- C:\Program Files\Vista Drive Icon 2009-01-11 15:31:38 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy) 2009-01-11 15:31:38 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy) 2009-01-11 15:31:38 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2009-01-11 15:31:38 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) 2009-01-11 00:43:50 ----D---- C:\Program Files\PS3 Media Server ======List of files/folders modified in the last 2 months====== 2009-02-22 18:26:35 ----D---- C:\Program Files\Mozilla Firefox 2009-02-22 18:14:48 ----D---- C:\WINDOWS\Temp 2009-02-22 18:12:24 ----D---- C:\WINDOWS\Internet Logs 2009-02-21 12:49:09 ----D---- C:\Documents and Settings\Vince\Application Data\uTorrent 2009-02-21 12:39:50 ----D---- C:\Program Files\eMule 2009-02-21 12:03:06 ----D---- C:\WINDOWS 2009-02-21 12:03:05 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-21 10:49:00 ----D---- C:\WINDOWS\system32\drivers 2009-02-20 22:00:57 ----ASD---- C:\Program Files 2009-02-20 21:57:21 ----D---- C:\WINDOWS\system32 2009-02-19 20:43:51 ----SHD---- C:\WINDOWS\Installer 2009-02-19 20:42:33 ----D---- C:\Program Files\Java 2009-02-19 13:02:09 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-02-19 13:02:07 ----HD---- C:\WINDOWS\inf 2009-02-17 15:44:55 ----D---- C:\WINDOWS\VC Good Ol Boys dir 2009-02-17 15:42:16 ----D---- C:\Program Files\Canon 2009-02-16 22:17:35 ----D---- C:\Documents and Settings 2009-02-14 00:09:52 ----D---- C:\WINDOWS\system32\CatRoot 2009-02-13 19:04:48 ----D---- C:\WINDOWS\system32\Restore 2009-02-12 18:21:16 ----N---- C:\WINDOWS\win.ini 2009-02-12 05:24:52 ----D---- C:\Documents and Settings\Vince\Application Data\dvdcss 2009-02-11 20:08:45 ----D---- C:\Program Files\Messenger Plus! Live 2009-02-11 19:59:48 ----D---- C:\WINDOWS\Debug 2009-02-11 19:56:17 ----HD---- C:\WINDOWS\$hf_mig$ 2009-02-11 19:55:51 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-02-11 19:55:47 ----D---- C:\Program Files\Internet Explorer 2009-02-11 19:55:34 ----D---- C:\WINDOWS\ie7updates 2009-02-11 16:19:42 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-09 20:09:40 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-02-07 23:05:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-02-07 20:43:11 ----D---- C:\Program Files\Fichiers communs 2009-02-06 18:29:11 ----D---- C:\Program Files\VideoLAN 2009-02-05 16:03:40 ----D---- C:\WINDOWS\Microsoft.NET 2009-02-05 16:03:34 ----RSD---- C:\WINDOWS\assembly 2009-02-05 14:38:35 ----D---- C:\WINDOWS\Minidump 2009-02-05 14:31:39 ----D---- C:\WINDOWS\pss 2009-02-05 14:22:31 ----D---- C:\WINDOWS\system32\LogFiles 2009-02-05 13:50:13 ----D---- C:\WINDOWS\system32\fr-fr 2009-02-05 13:48:00 ----D---- C:\WINDOWS\WinSxS 2009-02-05 13:44:14 ----RSD---- C:\WINDOWS\Fonts 2009-02-05 13:43:43 ----D---- C:\WINDOWS\system32\spool 2009-02-05 13:05:17 ----D---- C:\WINDOWS\SoftwareDistribution 2009-02-05 13:05:14 ----HD---- C:\Program Files\WindowsUpdate 2009-02-05 13:02:32 ----AHD---- C:\WINDOWS\Help 2009-02-04 15:24:47 ----D---- C:\WINDOWS\Media 2009-02-04 15:24:47 ----D---- C:\WINDOWS\Cursors 2009-02-04 15:24:47 ----D---- C:\Program Files\Outlook Express 2009-02-04 15:24:47 ----D---- C:\Program Files\Movie Maker 2009-02-04 15:24:46 ----D---- C:\WINDOWS\system32\usmt 2009-02-04 15:21:32 ----A---- C:\WINDOWS\BricoPackUninst.txt 2009-02-04 15:21:32 ----A---- C:\WINDOWS\BricoPackUninst.cmd 2009-02-04 15:17:34 ----D---- C:\WINDOWS\BricoPacks 2009-02-04 15:04:31 ----HD---- C:\Program Files\InstallShield Installation Information 2009-02-04 14:19:12 ----D---- C:\WINDOWS\system32\inetsrv 2009-02-04 14:17:33 ----D---- C:\WINDOWS\system32\wbem 2009-02-04 14:17:33 ----D---- C:\WINDOWS\system32\Setup 2009-02-04 14:17:33 ----D---- C:\WINDOWS\AppPatch 2009-02-04 14:15:37 ----D---- C:\Program Files\Messenger 2009-02-04 14:15:16 ----D---- C:\WINDOWS\security 2009-02-04 14:13:25 ----ASH---- C:\boot.ini 2009-02-04 14:10:26 ----D---- C:\WINDOWS\system32\npp 2009-02-04 14:10:25 ----D---- C:\WINDOWS\msagent 2009-02-04 14:10:24 ----D---- C:\WINDOWS\srchasst 2009-02-04 14:10:24 ----D---- C:\WINDOWS\ime 2009-02-04 14:10:21 ----D---- C:\Program Files\NetMeeting 2009-02-04 14:10:20 ----D---- C:\WINDOWS\system32\Com 2009-02-04 14:10:19 ----D---- C:\Program Files\Windows Media Player 2009-02-04 14:10:17 ----D---- C:\Program Files\Windows NT 2009-02-04 14:10:14 ----D---- C:\Program Files\Fichiers communs\System 2009-02-04 14:10:05 ----D---- C:\WINDOWS\system32\oobe 2009-02-04 14:10:04 ----D---- C:\WINDOWS\system 2009-02-04 14:08:58 ----SD---- C:\WINDOWS\Web 2009-02-04 14:08:43 ----RASH---- C:\NTDETECT.COM 2009-02-04 14:04:30 ----D---- C:\WINDOWS\ehome 2009-02-04 02:13:28 ----D---- C:\WINDOWS\Registration 2009-02-04 02:01:40 ----D---- C:\WINDOWS\system32\1036 2009-02-04 02:01:29 ----D---- C:\WINDOWS\twain_32 2009-02-04 02:01:10 ----D---- C:\WINDOWS\system32\icsxml 2009-02-04 02:00:33 ----D---- C:\WINDOWS\system32\1033 2009-02-04 01:58:32 ----D---- C:\WINDOWS\Driver Cache 2009-02-04 01:57:41 ----D---- C:\WINDOWS\system32\config 2009-02-04 01:55:44 ----D---- C:\WINDOWS\repair 2009-02-04 01:30:10 ----A---- C:\WINDOWS\ODBCINST.INI 2009-02-04 01:29:46 ----D---- C:\WINDOWS\system32\ias 2009-02-04 01:27:00 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-02-04 01:11:36 ----N---- C:\WINDOWS\system.ini 2009-02-04 01:11:25 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-02-04 00:21:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-02-01 02:01:49 ----D---- C:\Program Files\Fichiers communs\Ahead 2009-01-31 23:01:48 ----D---- C:\Program Files\MSI 2009-01-31 11:15:34 ----D---- C:\WINDOWS\system32\NtmsData 2009-01-18 14:13:12 ----SD---- C:\Documents and Settings\Vince\Application Data\Microsoft 2009-01-15 02:34:12 ----D---- C:\Program Files\Driver Cleaner 2009-01-12 02:29:43 ----D---- C:\Documents and Settings\Vince\Application Data\Samsung 2009-01-12 01:45:02 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 43008] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-07-16 13056] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R2 ousbehci;OrangeWare USB Enhanced Host Controller Service; C:\WINDOWS\System32\Drivers\ousbehci.sys [2004-06-15 44928] R2 SVKP;SVKP; \??\C:\WINDOWS\System32\SVKP.sys [] R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-24 3331072] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928] R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support; C:\WINDOWS\System32\DRIVERS\ousb2hub.sys [2004-06-15 55808] R3 PCAlertDriver;PCAlertDriver; \??\C:\Program Files\MSI\Core Center\NTGLM7X.sys [] R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-02-15 47360] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2005-12-02 21760] R3 RushTopDevice;RushTopDevice; \??\C:\Program Files\MSI\Core Center\RushTop.sys [] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144] R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064] S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [] S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344] S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-02-21 85969] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 IPFilter;Microsoft IntelliPoint Features driver; C:\WINDOWS\System32\DRIVERS\IPFilter.sys [2002-04-11 11136] S3 marlbus;NEC WMC USB_AD1 Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\marlbus.sys [2005-04-29 52480] S3 marlmdfl;NEC WMC USB_AD1 Modem Filter; C:\WINDOWS\system32\DRIVERS\marlmdfl.sys [2005-04-29 6000] S3 marlmdm;NEC WMC USB_AD1 Modem Drivers; C:\WINDOWS\system32\DRIVERS\marlmdm.sys [2005-04-29 86496] S3 marlobex;NEC WMC USB_AD1 OBEX Interface Drivers (WDM); C:\WINDOWS\system32\DRIVERS\marlobex.sys [2005-04-29 76256] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 orans;orans; \??\C:\WINDOWS\system32\orans.sys [] S3 PALLADIA;Palladia 300/400 Usb Adsl Modem; C:\WINDOWS\System32\DRIVERS\usbiad.sys [2004-07-14 31547] S3 PentaxUsb;PENTAX Optio 60 on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-11-24 50976] S3 PentaxVc;PENTAX Optio 60 Video Capture; C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2004-11-24 44256] S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] S3 Ptserlp;PCTEL Serial Device Driver for PCI; C:\WINDOWS\System32\DRIVERS\ptserlp.sys [2001-08-17 112574] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WEBNTACCESS;WEBNTACCESS; \??\C:\WINDOWS\system32\NTACCESS.SYS [] S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280] S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2004-08-10 18944] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC302;Cammaestro 4.2GU build 1104.72; C:\WINDOWS\System32\Drivers\usbvm302.sys [2005-01-13 195263] S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Vince\LOCALS~1\Temp\mc21.tmp [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-01-27 421496] R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-24 581632] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-19 152984] R2 Pctspk;PCTEL Speaker Phone; C:\WINDOWS\system32\pctspk.exe [2001-08-23 86016] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-09-23 593920] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-01-14 72704] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2006-05-09 86016] S3 UMWdf;Infrastructure de pilote-mode utilisateur Windows; C:\WINDOWS\System32\wdfmgr.exe [2004-08-10 38912] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Et le fichier info: info.txt logfile of random's system information tool 1.05 2009-02-22 18:28:34 ======Uninstall list====== -->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{230CCBE9-14B0-4008-97AF-30C10F99E42C}\Setup.exe" -l0x40c a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Canon MP Toolbox 4.1.1.0.mp10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4669544E-20E4-4E56-8B44-2E6E1200051F}\Setup.exe" -l0x40c -Uninstall CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDex extraction audio-->"C:\Program Files\CDex_150\uninstall.exe" Cooliris for Internet Explorer-->MsiExec.exe /I{B46BC183-3713-3814-9067-D1C6BC952F7B} Core Center-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\Core Center\Uninst.isu" DJMixStation 2 feat. Virtual DJ-->C:\PROGRA~1\DJMIXS~1\UNWISE.EXE C:\PROGRA~1\DJMIXS~1\INSTALL.LOG DkZ Studio-->C:\WINDOWS\iun6002.exe "C:\Program Files\DkZ Studio\irunin.ini" Driver Cleaner 3-->C:\Program Files\Driver Cleaner\Uninst.exe DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe" DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" DVD Solution-->"C:\Program Files\Uninstall_CDS.exe" DVDFab Platinum 2.9.7.2-->"C:\Program Files\DVDFab Platinum\unins000.exe" eMule-->"C:\Program Files\eMule\Uninstall.exe" ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" ExplorerXP (remove only)-->C:\Program Files\ExplorerXP\Uninst.exe Finance2002 9.1.0.0-->"C:\Program Files\SoftChris\Finance 2002\unins000.exe" FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe" FreeAgent Pro Tools-->C:\Program Files\InstallShield Installation Information\{F5A83924-6A0A-40A2-9A9C-00D876B62E7F}\setup.exe -runfromtemp -l0x040c Google Video Player-->"C:\Program Files\Google\Google Video Player\Uninstall.exe" Haali Media Splitter-->"C:\Program Files\Matroska Pack\haali\uninstall.exe" HD Tune 2.54-->"C:\Program Files\HD Tune\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" ImgBurn 2.3.2.0 Fr-->"C:\Program Files\ImgBurn\unins000.exe" iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070} J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Joost Beta 1.0.8-->C:\Program Files\Joost\uninst.exe Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~2\kavuninstall.exe KC Softwares AudioGrail-->"C:\Program Files\KC Softwares\AudioGrail\unins000.exe" Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x40c Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Matroska Pack-->C:\Program Files\Matroska Pack\uninstall.exe Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 CD-ROM 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7} Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" mkv2vob-->MsiExec.exe /X{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D} MKVtoolnix 2.2.0-->C:\Program Files\MKVtoolnix\uninst.exe MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe MotoGP URT 3-->"C:\Program Files\THQ\MotoGP URT 3\unins000.exe" Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MP3 explorer-->"C:\Program Files\mp3-explorer\uninstall.exe" MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} OutRun2006 Coast 2 Coast-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{839911F0-D9CB-400F-AE78-5D8264F38C42}\setup.exe" -l0x40c -removeonly Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe Pangya_Eu (GOA)-->C:\Program Files\GOA\Pangya_Eu\uninstall.exe PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c PENTAX Optio 60 Driver-->C:\PROGRA~1\PENTAX~1\UNWISE.EXE C:\PROGRA~1\PENTAX~1\INSTALL.LOG PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" PicLens for Internet Explorer-->MsiExec.exe /X{82AA5D60-D11A-3EAB-A777-9007DF4721CE} Pilotes Canon MP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F8C6D9-5B55-486A-A322-4E8D87670031}\Setup.exe" -l0x40c -Uninstall PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Pro Evolution Soccer 6-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036 pvAuthor v3.3.1-->C:\PROGRA~1\PACKET~1\PVAuthor\UNWISE.EXE C:\PROGRA~1\PACKET~1\PVAuthor\INSTALL.LOG Quake III Arena-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Quake III Arena\QIII.isu" QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Real Alternative 1.29-->"C:\Program Files\Real Alternative\unins000.exe" Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE SpaceMonger 2.1-->C:\Program Files\SpaceMonger\unins000.exe SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe" System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe TomTom HOME 2.5.1.36-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe TrackMania Nations ESWC 0.1.7.5-->"C:\Program Files\TrackMania Nations ESWC\unins000.exe" TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe USB MODEM Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{042E2C9D-6647-4C5F-9CEF-387D72023128}\setup.exe" -l0x9 UNINSTALL Vista Drive Icon 1.4-->C:\Program Files\Vista Drive Icon\uninst.exe VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B} Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe" Winamp 5 FR-->"C:\Program Files\Winamp\UninstFR.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPcap 4.0 alpha1-->C:\Program Files\WinPcap\uninstall.exe WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe =====HijackThis Backups===== O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://80lili.spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://18807.kit.carpediem.fr/Gay-connection-a.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Avira AntiVir PersonalEdition Classic FW: ZoneAlarm Firewall System event log Computer Name: VINCE Event Code: 2 Message: Device identified. Record Number: 1450 Source Name: nvatabus Time Written: 20090204135646.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 1449 Source Name: EventLog Time Written: 20090204135634.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 1 Uniprocessor Free. Record Number: 1448 Source Name: EventLog Time Written: 20090204135634.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 2 Message: Device identified. Record Number: 1447 Source Name: nvatabus Time Written: 20090204135646.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 6006 Message: Le service d'Enregistrement d'événement a été arrêté. Record Number: 1446 Source Name: EventLog Time Written: 20090204135513.000000+060 Event Type: Informations User: Application event log Computer Name: VINCE Event Code: 0 Message: Record Number: 5 Source Name: iPod Service Time Written: 20090221115126.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 4096 Message: Le service AntiVir a bien démarré! Record Number: 4 Source Name: Avira AntiVir Time Written: 20090221115058.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: VINCE Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 3 Source Name: SecurityCenter Time Written: 20090221115057.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 1 Message: Record Number: 2 Source Name: Bonjour Service Time Written: 20090221115051.000000+060 Event Type: Informations User: Computer Name: VINCE Event Code: 105 Message: The service was started. Record Number: 1 Source Name: ATI Smart Time Written: 20090221115051.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 12 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0c00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "tvdumpflags"=8 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF-----------------
  8. salut, le pc plante de plus en plus souvent, (écran gelé, obligé de faire un reset), quand je le laisse sans activité ou pendant un scan. Je suis obligé de rester dessus et de faire quelque chose. voila le rapport gmer : GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2009-02-21 12:02:14 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.14 ---- SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwClose [0xB9F4D028] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0x9F346040] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0x9F342930] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0x9F34DA80] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwCreatePagingFile [0xB9F40B00] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0x9F346510] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0x9F34C870] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0x9F34CAA0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0x9F34FFD0] SSDT 9C4A02B4 ZwCreateThread SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0x9F346600] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0x9F342F20] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0x9F34E6E0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0x9F34E440] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0x9F34C580] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwEnumerateKey [0xB9F415DC] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwEnumerateValueKey [0xB9F4D120] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0x9F34E8B0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0x9F342D70] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwOpenKey [0xB9F4CFA4] SSDT 9C4A02A0 ZwOpenProcess SSDT 9C4A02A5 ZwOpenThread SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwQueryKey [0xB9F415FC] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwQueryValueKey [0xB9F4D076] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0x9F34F250] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0x9F34ECB0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0x9F345C00] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0x9F34F080] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0x9F346220] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0x9F343120] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwSetSystemPowerState [0xB9F4C550] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0x9F34E140] SSDT 9C4A02AF ZwTerminateProcess SSDT 9C4A02AA ZwWriteVirtualMemory ---- Kernel code sections - GMER 1.0.14 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2418 80501C50 16 Bytes [ 00, 0B, F4, B9, 10, 65, 34, ... ] ? srescan.sys Le fichier spécifié est introuvable. ! ? C:\DOCUME~1\Vince\LOCALS~1\Temp\mc21.tmp Le fichier spécifié est introuvable. ! ---- User code sections - GMER 1.0.14 ---- .text C:\Program Files\MSI\Core Center\CoreCenter.exe[2724] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ] .text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2744] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ] .text C:\WINDOWS\System32\wbem\wmiprvse.exe[2788] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ] .text C:\Program Files\iPod\bin\iPodService.exe[2856] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ] .text C:\WINDOWS\system32\wuauclt.exe[3012] kernel32.dll!FreeLibrary + 15 7C80AC83 4 Bytes [ B5, 53, 7F, E2 ] .text ... ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [9F34AE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [9F34AE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [9F34AE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [9F34AE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [9F34AE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [9F34ACA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [9F34AE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [9F34B320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [9F34B1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 89DF7A18 Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\prodrv06 \Device\ProDrv06 E1B88008 Device \Driver\Cdrom \Device\CdRom0 896A6948 Device \FileSystem\Rdbss \Device\FsWrap 896FF030 Device \Driver\Cdrom \Device\CdRom1 896A6948 Device \Driver\prohlp02 \Device\ProHlp02 E100E008 Device \Driver\nvatabus \Device\00000083 896A6B08 Device \Driver\USBSTOR \Device\00000090 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\USBSTOR \Device\00000091 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\USBSTOR \Device\00000092 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\nvatabus \Device\00000085 896A6B08 Device \Driver\USBSTOR \Device\00000093 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \FileSystem\Srv \Device\LanmanServer 89D06580 Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\nvatabus \Device\NvAta0 896A6B08 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8973BCC0 Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\nvatabus \Device\NvAta1 896A6B08 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8973BCC0 Device \Driver\nvatabus \Device\NvAta2 896A6B08 Device \FileSystem\Npfs \Device\NamedPipe 896B7F90 Device \FileSystem\Msfs \Device\Mailslot 8954A380 Device \Driver\a347scsi \Device\Scsi\a347scsi1 895F4AA0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port0Path0Target0Lun0 895F4AA0 Device \Driver\USBSTOR \Device\0000008d sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 89144670 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer 89144670 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 89144670 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 89144670 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 89144670 Device \FileSystem\Cdfs \Cdfs 891546E0 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg41 Reg HKLM\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg41@ujdew 0x20 0x02 0x00 0x00 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}@DisplayName Alcohol 120% Reg HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6@ProductName Alcohol 120% ---- EOF - GMER 1.0.14 ----
  9. Salut, Le scan antivir en mode sans échec est négatif, j'ai finalement réussi a faire un scan en ligne kapersky et il n'a rien trouvé non plus.
  10. Ecran gelé, reset obligatoire. Je suis en train de faire un scan antivir en mode sans échec, je te tiens au courant.
  11. Salut, voila déjà le rapport OTScanIT, le pc a planté deux fois pendant le scan kapersky. [Win32 Services - Safe List] Service SVC Module stopped successfully! Service SVC Module deleted successfully! File not found. Service telecable stopped successfully! Service telecable deleted successfully! File not found. Service Windows HWinfo Loader stopped successfully! Service Windows HWinfo Loader deleted successfully! File not found. [Registry - Additional Scans - Safe List] Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\EnableFirewall not found. [Empty Temp Folders] File delete failed. C:\Documents and Settings\Vince\Local Settings\Temp\etilqs_4rv8YVp3mPr1DwPJkuSf scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_284.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT06b0c.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT06b0f.TMP scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. RecycleBin -> emptied. < End of fix log > OTScanIt2 by OldTimer - Version 1.0.7.1 fix logfile created on 02192009_114806 Files moved on Reboot... File C:\Documents and Settings\Vince\Local Settings\Temp\etilqs_4rv8YVp3mPr1DwPJkuSf not found! C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_284.dat not found! File C:\WINDOWS\temp\ZLT06b0c.TMP not found! File C:\WINDOWS\temp\ZLT06b0f.TMP not found! C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\53e2wd5f.default\XUL.mfl moved successfully. Registry entries deleted on Reboot...
  12. Salut, voila le rapport : rapport OTSCANIT merci
  13. Bonsoir à tous, Après plus d'une semaine de recherche je me tourne vers vous pour essayer de trouver une solution à mon problème : l'espace libre de mon disque dur systeme diminue à une vitesse incroyable, je perds plus d'un giga par heure, que se soit en mode normal ou sans échec meme sans connexion internet, et ce jusqu'à ce que le disque soit rempli. Par contre je récupere tout l'espace libre après reboot. Par exemple à 19h11, 63.7go de libre alors qu'à 19h24 63.2go de libre. L'espace utilisé m'indique 25.7go alors que tout le contenu de mon disque pèse 24.1go!!! J'ai changé avast pour antivir qui ma trouvé quelques chevaux de troie, même chose avec bitdefender, kapersky et eset online ainsi que spybot, spysweeper ou Malwarebytes qui mon trouvé quelque probleme et qui les ont résolu, mais mon espace libre diminue toujours. J'ai biensur désactivé la restauration systeme et nettoyé tous les fichiers temporaires. Voici mon log hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:02:33, on 17/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Microsoft Hardware\Keyboard\type32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Vista Drive Icon\DrvIcon.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSI\Core Center\CoreCenter.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\System32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [stxTrayMenu] "C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [superCopier2.exe] "C:\Program Files\SuperCopier2\SuperCopier2.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O4 - Global Startup: CoreCenter.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SVC Module - Unknown owner - C:\WINDOWS\svchost.exe (file missing) O23 - Service: telecable - Unknown owner - C:\WINDOWS\telecable.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Windows HWinfo Loader - Unknown owner - C:\WINDOWS\iexplre.exe (file missing) -- End of file - 8153 bytes Merci par avance pour votre aide.
×
×
  • Créer...