Gwad'Boy

Bonsoir et encore merci pour l'aide Voici le rapport hijack suite aux suppressions: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:59:29, on 04/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\igfxsrvc.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe E:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe E:\Program Files\FL.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe G:\yron\Program Files\Adobe\Illustrator CS\Support Files\Contents\Windows\Illustrator.exe E:\Program Files\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [superCopier2.exe] E:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1243970982091 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{247BF06F-CBF1-47B6-A02A-B2F4CD36858B}: NameServer = 217.175.160.72 217.175.160.77 O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 6387 bytes

Voici le nouveau rapport HIJACK : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:30:22, on 03/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe E:\Program Files\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [superCopier2.exe] E:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1243970982091 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{247BF06F-CBF1-47B6-A02A-B2F4CD36858B}: NameServer = 217.175.160.72 217.175.160.77 O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 6687 bytes

Voici le rapport SDFix: SDFix: Version 1.240 Run by G6 on 03/06/2009 at 17:39 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\Documents and Settings\G6\Application Data\addons.dat - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-03 17:50:18 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Finished!

Suite a la désinfection, j'ai pu récupérer mon gestionnaire des tâches et je n'est plus "Hacked by proohak" écrit sur toute mes pages internet merci beaucoup. Voici le rapport suite à la désinfection: ############################## [ UsbFix V3.028 | Cleaning ] # User : G6 (Administrateurs) # ANGELE-4C035E91 # Update on 02/06/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 16:52:31 | 03/06/2009 # Intel® Pentium® 4 CPU 2.80GHz # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2 # Internet Explorer 6.0.2900.2180 # Windows Firewall Status : Enabled # AV : avast! antivirus 4.8.1335 [VPS 090602-0] 4.8.1335 [ Enabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 7,81 Go (764,09 Mo free) # NTFS # D:\ # Disque CD-ROM # E:\ # Disque fixe local # 145,57 Go (128,75 Go free) [Nouveau nom] # NTFS # G:\ # Disque fixe local # 298,09 Go (78,31 Go free) [YroN] # NTFS ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE ################## [ Fichiers # Dossiers infectieux ] Deleted ! C:\DOCUME~1\G6\LOCALS~1\Temp\flstudio8.0install.exe Deleted ! C:\DOCUME~1\G6\LOCALS~1\Temp\IXP000.TMP\install.exe ################## [ Registre # Clés Run infectieuses ] Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "CTFMON" Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "regdiit" Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autorun.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\A2SERVICE.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPAVSERVER.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPWIN.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashEnhcd.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpscan.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxservice.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxup.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\preupd.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Vba32arkit.exe Deleted ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vba32ldr.exe Deleted ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe Deleted ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\rstrui.exe Deleted ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\dwwin.exe # HKLM\software\microsoft\security center\\ "AntiVirusOverride" # -> Reset sucessfully ! ################## [ Registre # Mountpoints2 ] Deleted ! HKCU\...\Explorer\MountPoints2\{3af6bbd4-4383-11de-b7fb-0019669a7b26}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{3af6bbd5-4383-11de-b7fb-0019669a7b26}\Shell\AutoRun\Command Deleted ! HKCU\...\Explorer\MountPoints2\{990374ca-4135-11de-b7f0-0019669a7b26}\Shell\AutoRun\Command ################## [ Listing des fichiers présent ] [15/05/2009 11:23|--a------|0] - C:\AUTOEXEC.BAT [15/05/2009 11:18|---hs----|216] - C:\boot.ini [05/08/2004 14:00|-rahs----|4952] - C:\Bootfont.bin [15/05/2009 11:23|--a------|0] - C:\CONFIG.SYS [15/05/2009 11:23|-rahs----|0] - C:\IO.SYS [15/05/2009 11:23|-rahs----|0] - C:\MSDOS.SYS [18/05/2009 14:16|--a------|32720] - C:\Nat.exe [05/08/2004 14:00|-rahs----|47564] - C:\NTDETECT.COM [05/08/2004 14:00|-rahs----|251712] - C:\ntldr [?|?|?] - C:\pagefile.sys [03/06/2009 16:53|--a------|5527] - C:\UsbFix.txt [20/05/2009 18:33|--ahs----|6144] - E:\Thumbs.db [06/10/2008 23:29|--a------|4176116] - G:\01-despo_rutti-one_beat.mp3 [01/11/2008 15:26|--a------|2751745] - G:\dragon_ball_trailer.mkv [06/11/2006 01:55|--a------|734380032] - G:\L'Age De Glace 2.avi [14/12/2008 15:35|--a------|730431488] - G:\Madagascar 2.avi [26/02/2008 06:19|--a------|732856320] - G:\pbg_xvid.avi [12/05/2009 18:25|--ahs----|92672] - G:\Thumbs.db ################## [ Vaccination ] # C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix. # E:\autorun.inf ( # Not infected ) -> Folder created by UsbFix. # G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix. ################## [ ! Fin du rapport # UsbFix V3.028 ! ]

Voici le rapport usbfix: ############################## [ UsbFix V3.028 | Scan ] # User : G6 (Administrateurs) # ANGELE-4C035E91 # Update on 02/06/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 16:44:07 | 03/06/2009 # Intel® Pentium® 4 CPU 2.80GHz # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2 # Internet Explorer 6.0.2900.2180 # Windows Firewall Status : Enabled # AV : avast! antivirus 4.8.1335 [VPS 090602-0] 4.8.1335 [ (!) Disabled | Updated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 7,81 Go (757,39 Mo free) # NTFS # D:\ # Disque CD-ROM # E:\ # Disque fixe local # 145,57 Go (128,75 Go free) [Nouveau nom] # NTFS # G:\ # Disque fixe local # 298,09 Go (78,31 Go free) [YroN] # NTFS ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\SuperCopier2\SuperCopier2.exe E:\Program Files\FL.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\QuickZip4\QuickZip.exe C:\Program Files\QuickZip4\QuickZip.exe C:\Program Files\QuickZip4\QuickZip.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Registre Startup ] HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm" HKCU_Main: "Search Page"="http://search.live.com" HKCU_Main: "Start Page"="http://www.freewebtown.com/alrefai/login.live.html" HKCU_Main: "Window Title"=" .-~= Hacked by ( ProoHack )X =~-. " HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="G6" HKLM_logon: "AltDefaultUserName"="G6" HKLM_logon: "LegalNoticeCaption"="" HKLM_logon: "LegalNoticeText"="" HKLM_Run: IgfxTray=C:\WINDOWS\system32\igfxtray.exe HKLM_Run: HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe HKLM_Run: Persistence=C:\WINDOWS\system32\igfxpers.exe HKLM_Run: RTHDCPL=RTHDCPL.EXE HKLM_Run: Alcmtr=ALCMTR.EXE HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" HKLM_Run: AdslTaskBar=rundll32.exe stmctrl.dll,TaskBar HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe" HKLM_Run: CTFMON=C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe HKLM_Run: regdiit=C:\WINDOWS\system32\win.exe HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe HKCU_Run: ASRock OC Tuner= HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKCU_Run: SuperCopier2.exe=E:\Program Files\SuperCopier2\SuperCopier2.exe ################## [ Fichiers # Dossiers infectieux ] Found ! C:\DOCUME~1\G6\LOCALS~1\Temp\flstudio8.0install.exe Found ! C:\DOCUME~1\G6\LOCALS~1\Temp\IXP000.TMP\install.exe ################## [ Registre # Clés Run infectieuses ] Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "CTFMON" Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "regdiit" Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autorun.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\A2SERVICE.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPAVSERVER.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPWIN.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashEnhcd.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpscan.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxservice.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxup.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\preupd.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Vba32arkit.exe Found ! HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vba32ldr.exe Found ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe Found ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\MSConfig.exe Found ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\rstrui.exe Found ! HKLM\software\microsoft\windows nt\currentversion\image file execution options\dwwin.exe Found ! HKLM\software\microsoft\security center "AntiVirusOverride" ( 0x1 ) ################## [ Registre # Mountpoints2 ] HKCU\...\Explorer\MountPoints2\{3af6bbd4-4383-11de-b7fb-0019669a7b26}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{3af6bbd5-4383-11de-b7fb-0019669a7b26}\Shell\AutoRun\Command HKCU\...\Explorer\MountPoints2\{990374ca-4135-11de-b7f0-0019669a7b26}\Shell\AutoRun\Command ################## [ ! Fin du rapport # UsbFix V3.028 ! ]

Voici le rapport info info.txt logfile of random's system information tool 1.06 2009-06-03 04:39:04 ======Uninstall list====== -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} ASIO4ALL-->E:\Program Files\ASIO4ALL v2\uninstall.exe ASRock OC Tuner-->"C:\Program Files\ASRock Utility\OCTuner\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup BeWAN ADSL modem-->rundll32.exe stmcfg32.dll,Uninstall Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Collab-->E:\Program Files\Collab\uninstall.exe DeepBurner v1.6.0.198-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log" FL Studio 7-->E:\Program Files\uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"E:\Program Files\HijackThis.exe" /uninstall IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Kit de connexion OOL ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{429538E2-7226-4833-BE21-73DE155F661E}\setup.exe" -l0x40c LimeWire 5.1.2-->"C:\Program Files\LimeWire\uninstall.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c Quick Zip 4.60.007-->"C:\Program Files\QuickZip4\unins000.exe" REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SuperCopier2-->"E:\Program Files\SuperCopier2\SC2Uninst.exe" VideoLAN VLC media player 0.8.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} ======Security center information====== AV: avast! antivirus 4.8.1335 [VPS 090602-0] ======System event log====== Computer Name: ANGELE-4C035E91 Event Code: 26 Message: Application popup : Windows - L'écriture décalée a échoué : Windows n'a pas pu sauvegarder toutes les données pour le fichier F:\G6\bases\Butterfly cd2 f-m. Les données ont été perdues. Cette erreur peut être due à une panne de votre matériel ou de votre connexion réseau. Essayez de sauvegarder ce fichier à un autre emplacement. Record Number: 1996 Source Name: Application Popup Time Written: 20090520105105.000000+120 Event Type: Informations User: Computer Name: ANGELE-4C035E91 Event Code: 50 Message: {L'écriture décalée a échoué} Windows n'a pas pu sauvegarder toutes les données pour le fichier hs. Les données ont été perdues. Cette erreur peut être due à une panne de votre matériel ou de votre connexion réseau. Essayez de sauvegarder ce fichier à un autre emplacement. Record Number: 1995 Source Name: Ntfs Time Written: 20090520105105.000000+120 Event Type: Avertissement User: Computer Name: ANGELE-4C035E91 Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\D au cours d'une opération de pagination. Record Number: 1994 Source Name: Disk Time Written: 20090520105105.000000+120 Event Type: Avertissement User: Computer Name: ANGELE-4C035E91 Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\D au cours d'une opération de pagination. Record Number: 1993 Source Name: Disk Time Written: 20090520105105.000000+120 Event Type: Avertissement User: Computer Name: ANGELE-4C035E91 Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\D au cours d'une opération de pagination. Record Number: 1992 Source Name: Disk Time Written: 20090520105105.000000+120 Event Type: Avertissement User: =====Application event log===== Computer Name: ANGELE-4C035E91 Event Code: 1000 Message: Les compteurs de performances pour le service ContentIndex (ContentIndex) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 5 Source Name: LoadPerf Time Written: 20090515112008.000000+120 Event Type: Informations User: Computer Name: ANGELE-4C035E91 Event Code: 1000 Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 4 Source Name: LoadPerf Time Written: 20090515112006.000000+120 Event Type: Informations User: Computer Name: ANGELE-4C035E91 Event Code: 1000 Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 3 Source Name: LoadPerf Time Written: 20090515111908.000000+120 Event Type: Informations User: Computer Name: ANGELE-4C035E91 Event Code: 1000 Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 2 Source Name: LoadPerf Time Written: 20090515111845.000000+120 Event Type: Informations User: Computer Name: ANGELE-4C035E91 Event Code: 1000 Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 1 Source Name: LoadPerf Time Written: 20090515111844.000000+120 Event Type: Informations User: =====Security event log===== Computer Name: ANGELE-4C035E91 Event Code: 515 Message: Un Processus d'ouv. de session s'est fait reconnaître par l'autorité locale de sécurité. Ce Processus d'ouv. de session sera autorisé à soumettre des requêtes d'ouverture de session. Processus d'ouv. de session : KSecDD Record Number: 1902 Source Name: Security Time Written: 20090523085443.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: ANGELE-4C035E91 Event Code: 515 Message: Un Processus d'ouv. de session s'est fait reconnaître par l'autorité locale de sécurité. Ce Processus d'ouv. de session sera autorisé à soumettre des requêtes d'ouverture de session. Processus d'ouv. de session : LAN Manager Workstation Service Record Number: 1901 Source Name: Security Time Written: 20090523085443.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: ANGELE-4C035E91 Event Code: 806 Message: La stratégie d'audit par utilisateur a été actualisée. Nombre d'éléments : 0 Id de stratégie : (0x0,0xD5D1) Record Number: 1900 Source Name: Security Time Written: 20090523085438.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: ANGELE-4C035E91 Event Code: 515 Message: Un Processus d'ouv. de session s'est fait reconnaître par l'autorité locale de sécurité. Ce Processus d'ouv. de session sera autorisé à soumettre des requêtes d'ouverture de session. Processus d'ouv. de session : CHAP Record Number: 1899 Source Name: Security Time Written: 20090523085434.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: ANGELE-4C035E91 Event Code: 576 Message: Privilèges spéciaux assignés à la nouvelle session : Utilisateur : Domaine : Id. de la session : (0x0,0x3E5) Privilèges : SeAuditPrivilege SeAssignPrimaryTokenPrivilege SeChangeNotifyPrivilege Record Number: 1898 Source Name: Security Time Written: 20090523085433.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SERVICE LOCAL ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0403 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------

Merci pour la réponse et surtout la rapidité Voici le nouveau rapport: Logfile of random's system information tool 1.06 (written by random/random) Run by G6 at 2009-06-03 04:38:59 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 884 MB (11%) free of 8 GB Total RAM: 2038 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:39:02, on 03/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\SuperCopier2\SuperCopier2.exe E:\Program Files\FL.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe E:\Je6\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe E:\Program Files\G6.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freewebtown.com/alrefai/login.live.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = .-~= Hacked by ( ProoHack )X =~-. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [CTFMON] C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [regdiit] C:\WINDOWS\system32\win.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [superCopier2.exe] E:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1243970982091 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{247BF06F-CBF1-47B6-A02A-B2F4CD36858B}: NameServer = 217.175.160.72 217.175.160.77 O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 6953 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-05-15 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-15 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-15 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-08 135168] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-08 159744] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-08 131072] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "AdslTaskBar"=stmctrl.dll,TaskBar [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-15 136600] "CTFMON"=C:\WINDOWS\system32\wscript.exe [2004-08-05 114688] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000] "regdiit"=C:\WINDOWS\system32\win.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "ASRock OC Tuner"= [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "SuperCopier2.exe"=E:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-02-08 208896] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3af6bbd4-4383-11de-b7fb-0019669a7b26}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3af6bbd5-4383-11de-b7fb-0019669a7b26}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{990374ca-4135-11de-b7f0-0019669a7b26}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg ======File associations====== .reg - open - "regedit.exe" "%1" ======List of files/folders created in the last 1 months====== 2009-06-03 04:38:59 ----D---- C:\rsit 2009-06-03 03:55:49 ----D---- C:\WINDOWS\LastGood 2009-06-03 03:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-06-03 03:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-06-02 21:51:37 ----D---- C:\WINDOWS\system32\CatRoot_bak 2009-06-02 21:37:53 ----D---- C:\WINDOWS\system32\PreInstall 2009-06-02 21:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2009-06-02 21:37:52 ----HD---- C:\WINDOWS\$hf_mig$ 2009-06-02 21:31:52 ----A---- C:\WINDOWS\system32\wups2.dll 2009-06-02 21:31:52 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2009-06-02 21:31:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-06-02 21:31:51 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2009-06-02 21:31:51 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2009-05-24 21:52:37 ----D---- C:\Program Files\VstPlugins 2009-05-24 21:52:37 ----A---- C:\WINDOWS\system32\rewire.dll 2009-05-24 21:52:32 ----D---- C:\Program Files\Image-Line 2009-05-23 21:03:47 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2009-05-23 12:50:49 ----D---- C:\Program Files\Messenger Plus! Live 2009-05-23 08:46:20 ----A---- C:\WINDOWS\system32\MSVCR71.dll 2009-05-23 08:46:20 ----A---- C:\WINDOWS\system32\MSVCP71.dll 2009-05-23 08:46:20 ----A---- C:\WINDOWS\system32\MFC71.dll 2009-05-23 08:46:20 ----A---- C:\WINDOWS\system32\aswBoot.exe 2009-05-23 08:46:18 ----D---- C:\Program Files\Alwil Software 2009-05-20 10:59:33 ----A---- C:\WINDOWS\UPGRADE.TXT 2009-05-20 10:59:31 ----D---- C:\WINDOWS\setup.pss 2009-05-20 10:58:54 ----D---- C:\WINDOWS\setupupd 2009-05-20 10:12:37 ----D---- C:\Program Files\Microsoft Silverlight 2009-05-20 10:10:21 ----RSD---- C:\WINDOWS\assembly 2009-05-20 10:09:57 ----D---- C:\WINDOWS\Microsoft.NET 2009-05-20 10:09:30 ----D---- C:\Program Files\Microsoft Sync Framework 2009-05-20 10:08:55 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2009-05-20 10:08:53 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2009-05-20 10:08:06 ----D---- C:\Program Files\Microsoft 2009-05-20 10:07:41 ----D---- C:\Program Files\Windows Live 2009-05-20 08:11:00 ----D---- C:\WINDOWS\SxsCaPendDel 2009-05-20 08:10:34 ----SHD---- C:\Config.Msi 2009-05-19 14:55:42 ----HD---- C:\WINDOWS\msdownld.tmp 2009-05-18 14:11:39 ----A---- C:\Nat.exe 2009-05-18 11:50:29 ----A---- C:\WINDOWS\stmchart.INI 2009-05-17 17:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision 2009-05-17 17:02:47 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared 2009-05-17 16:56:23 ----D---- C:\install 2009-05-17 10:50:50 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\TTIC32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\TTI32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\STRING32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\MXRestore.exe 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\msxml4r.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\msxml4a.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\msxml4.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\mgxcdr.txt 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\mgxasio2.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLTPO32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLRES32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLRD32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLPTL32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLPRF32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLPNT32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLMSC32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLIX.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLISO32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLIO32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLIMG32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLDRV32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLDIR32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLDEV32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLCPY32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLCDF32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLCDA32.dll 2009-05-16 11:18:29 ----A---- C:\WINDOWS\system32\DLLAV32.dll 2009-05-16 11:18:28 ----D---- C:\Documents and Settings\All Users\Application Data\MAGIX 2009-05-16 11:17:58 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll 2009-05-15 19:58:03 ----D---- C:\Documents and Settings\G6\Application Data\Mozilla 2009-05-15 19:57:51 ----D---- C:\Documents and Settings\G6\Application Data\LimeWire 2009-05-15 19:56:58 ----A---- C:\WINDOWS\system32\javaws.exe 2009-05-15 19:56:58 ----A---- C:\WINDOWS\system32\javaw.exe 2009-05-15 19:56:58 ----A---- C:\WINDOWS\system32\java.exe 2009-05-15 19:56:58 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-05-15 19:56:51 ----D---- C:\Program Files\Java 2009-05-15 19:52:51 ----D---- C:\Documents and Settings\G6\Application Data\Sun 2009-05-15 19:52:42 ----D---- C:\Program Files\LimeWire 2009-05-15 19:23:49 ----D---- C:\Program Files\Windows Live SkyDrive 2009-05-15 19:12:18 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-05-15 19:03:27 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-05-15 19:03:20 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2009-05-15 18:52:27 ----D---- C:\Documents and Settings\G6\Application Data\MSNInstaller 2009-05-15 18:36:54 ----D---- C:\Program Files\PC Inspector File Recovery 2009-05-15 18:15:27 ----D---- C:\WINDOWS\system32\systeme34 2009-05-15 18:13:08 ----A---- C:\WINDOWS\system32\wpa.bak 2009-05-15 18:12:23 ----D---- C:\WINDOWS\system32\MAGIX 2009-05-15 18:12:23 ----A---- C:\WINDOWS\system32\mgxoschk.dll 2009-05-15 18:12:23 ----A---- C:\WINDOWS\mgxoschk.ini 2009-05-15 18:03:40 ----SHD---- C:\RECYCLER 2009-05-15 18:01:44 ----A---- C:\Documents and Settings\G6\Application Data\QuickZip45.ini 2009-05-15 18:01:41 ----D---- C:\Program Files\QuickZip4 2009-05-15 18:01:10 ----D---- C:\Program Files\Astonsoft 2009-05-15 18:00:12 ----D---- C:\Documents and Settings\G6\Application Data\Adobe 2009-05-15 17:59:32 ----D---- C:\Documents and Settings\G6\Application Data\Macromedia 2009-05-15 17:11:27 ----D---- C:\Documents and Settings\G6\Application Data\vlc 2009-05-15 17:06:52 ----D---- C:\Program Files\VideoLAN 2009-05-15 16:58:36 ----D---- C:\Documents and Settings\G6\Application Data\DeepBurner 2009-05-15 16:00:45 ----A---- C:\WINDOWS\system32\wmpns.dll 2009-05-15 15:05:23 ----D---- C:\Documents and Settings\G6\Application Data\DAEMON Tools Lite 2009-05-15 14:50:39 ----D---- C:\Program Files\Mozilla Firefox 2009-05-15 13:18:23 ----A---- C:\WINDOWS\system32\h323log.txt 2009-05-15 12:52:53 ----A---- C:\WINDOWS\system32\usbui.dll 2009-05-15 12:51:49 ----A---- C:\WINDOWS\imsins.BAK 2009-05-15 12:51:47 ----SHD---- C:\WINDOWS\Installer 2009-05-15 12:51:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-15 12:51:46 ----D---- C:\Program Files\Fichiers communs\ODBC 2009-05-15 12:51:46 ----A---- C:\WINDOWS\ODBCINST.INI 2009-05-15 12:51:43 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2009-05-15 12:51:42 ----RD---- C:\Program Files 2009-05-15 12:51:42 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-05-15 12:51:42 ----D---- C:\Program Files\Fichiers communs 2009-05-15 12:51:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2009-05-15 12:51:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2009-05-15 12:51:38 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdur.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdru.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2009-05-15 12:51:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2009-05-15 12:51:35 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2009-05-15 12:51:34 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2009-05-15 12:51:34 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2009-05-15 12:51:34 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2009-05-15 12:51:34 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2009-05-15 12:51:34 ----RA---- C:\WINDOWS\system32\kbdest.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdro.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2009-05-15 12:51:32 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2009-05-15 12:51:30 ----A---- C:\WINDOWS\system32\irclass.dll 2009-05-15 12:51:29 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-05-15 12:51:29 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2009-05-15 12:51:29 ----A---- C:\WINDOWS\system32\dgsetup.dll 2009-05-15 12:51:29 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2009-05-15 12:51:27 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2009-05-15 12:51:27 ----A---- C:\WINDOWS\TASKMAN.EXE 2009-05-15 12:51:27 ----A---- C:\WINDOWS\system32\batt.dll 2009-05-15 12:51:26 ----A---- C:\WINDOWS\NOTEPAD.EXE 2009-05-15 12:51:23 ----A---- C:\WINDOWS\system32\storprop.dll 2009-05-15 12:51:15 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-05-15 12:49:33 ----RA---- C:\WINDOWS\SET8.tmp 2009-05-15 12:49:31 ----RA---- C:\WINDOWS\SET4.tmp 2009-05-15 12:49:30 ----RA---- C:\WINDOWS\SET3.tmp 2009-05-15 12:49:26 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-15 12:49:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-05-15 12:49:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-05-15 12:49:02 ----A---- C:\WINDOWS\setuplog.txt 2009-05-15 12:48:59 ----SHD---- C:\System Volume Information 2009-05-15 12:48:59 ----D---- C:\Documents and Settings 2009-05-15 12:48:17 ----SH---- C:\boot.ini 2009-05-15 12:42:57 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-05-15 12:42:57 ----RSD---- C:\WINDOWS\Fonts 2009-05-15 12:42:57 ----RD---- C:\WINDOWS\Web 2009-05-15 12:42:57 ----HD---- C:\WINDOWS\inf 2009-05-15 12:42:57 ----D---- C:\WINDOWS\WinSxS 2009-05-15 12:42:57 ----D---- C:\WINDOWS\twain_32 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Temp 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\wins 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\wbem 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\usmt 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\spool 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\ShellExt 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\Setup 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\ras 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\oobe 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\npp 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\mui 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\inetsrv 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\IME 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\icsxml 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\ias 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\export 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\drivers 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\dhcp 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\config 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\3com_dmi 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\3076 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\2052 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1054 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1042 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1041 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1037 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1036 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1033 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1031 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1028 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32\1025 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system32 2009-05-15 12:42:57 ----D---- C:\WINDOWS\system 2009-05-15 12:42:57 ----D---- C:\WINDOWS\security 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Resources 2009-05-15 12:42:57 ----D---- C:\WINDOWS\repair 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Provisioning 2009-05-15 12:42:57 ----D---- C:\WINDOWS\PeerNet 2009-05-15 12:42:57 ----D---- C:\WINDOWS\pchealth 2009-05-15 12:42:57 ----D---- C:\WINDOWS\mui 2009-05-15 12:42:57 ----D---- C:\WINDOWS\msapps 2009-05-15 12:42:57 ----D---- C:\WINDOWS\msagent 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Media 2009-05-15 12:42:57 ----D---- C:\WINDOWS\java 2009-05-15 12:42:57 ----D---- C:\WINDOWS\ime 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Help 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Driver Cache 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Debug 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Cursors 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Connection Wizard 2009-05-15 12:42:57 ----D---- C:\WINDOWS\Config 2009-05-15 12:42:57 ----D---- C:\WINDOWS\AppPatch 2009-05-15 12:42:57 ----D---- C:\WINDOWS\addins 2009-05-15 12:42:57 ----D---- C:\WINDOWS 2009-05-15 11:49:50 ----D---- C:\WINDOWS\system32\InsFiles 2009-05-15 11:41:49 ----A---- C:\WINDOWS\system32\stmctrl.dll 2009-05-15 11:41:49 ----A---- C:\WINDOWS\system32\stmcfg32.dll 2009-05-15 11:41:46 ----D---- C:\Program Files\BeWAN ADSL V1.9.0.10 2009-05-15 11:41:46 ----A---- C:\WINDOWS\stmtrace.exe 2009-05-15 11:41:46 ----A---- C:\WINDOWS\stmchart.exe 2009-05-15 11:41:46 ----A---- C:\WINDOWS\editadsl.exe 2009-05-15 11:41:38 ----A---- C:\WINDOWS\system32\SMMSCRPT.DLL 2009-05-15 11:41:38 ----A---- C:\WINDOWS\system32\RNAPH.DLL 2009-05-15 11:41:34 ----D---- C:\Program Files\OOL 2009-05-15 11:41:13 ----D---- C:\WINDOWS\OOL_ADSL 2009-05-15 11:39:08 ----D---- C:\Program Files\ASRock Utility 2009-05-15 11:38:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-05-15 11:37:55 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-05-15 11:37:55 ----D---- C:\Program Files\Adobe 2009-05-15 11:36:49 ----RA---- C:\WINDOWS\system32\RtNicProp32.dll 2009-05-15 11:36:41 ----D---- C:\WINDOWS\OPTIONS 2009-05-15 11:36:32 ----D---- C:\Documents and Settings\G6\Application Data\InstallShield 2009-05-15 11:36:14 ----R---- C:\WINDOWS\system32\ChCfg.exe 2009-05-15 11:35:58 ----D---- C:\WINDOWS\system32\RTCOM 2009-05-15 11:35:57 ----A---- C:\WINDOWS\system32\ksuser.dll 2009-05-15 11:35:31 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-05-15 11:35:30 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2009-05-15 11:35:28 ----R---- C:\WINDOWS\SoundMan.exe 2009-05-15 11:35:27 ----R---- C:\WINDOWS\SkyTel.exe 2009-05-15 11:35:26 ----R---- C:\WINDOWS\RtlUpd.exe 2009-05-15 11:35:22 ----R---- C:\WINDOWS\RTLCPL.exe 2009-05-15 11:35:13 ----R---- C:\WINDOWS\RTHDCPL.exe 2009-05-15 11:35:12 ----R---- C:\WINDOWS\MicCal.exe 2009-05-15 11:35:08 ----R---- C:\WINDOWS\Alcmtr.exe 2009-05-15 11:35:07 ----R---- C:\WINDOWS\alcwzrd.exe 2009-05-15 11:35:06 ----D---- C:\Program Files\Realtek 2009-05-15 11:35:05 ----HD---- C:\Program Files\InstallShield Installation Information 2009-05-15 11:35:02 ----R---- C:\WINDOWS\RtlExUpd.dll 2009-05-15 11:35:02 ----A---- C:\WINDOWS\HideWin.exe 2009-05-15 11:34:58 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igxprd32.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igxpgd32.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igxpdx32.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igxpdv32.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\iglicd32.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igldev32.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxzoom.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxtray.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxsrvc.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxsrvc.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxress.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxpph.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxpers.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxext.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxexps.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxdo.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxdev.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxCoIn_v4924.dll 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\igfxcfg.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\hkcmd.exe 2009-05-15 11:34:43 ----A---- C:\WINDOWS\system32\hccutils.dll 2009-05-15 11:34:42 ----D---- C:\WINDOWS\system32\Lang 2009-05-15 11:34:42 ----A---- C:\WINDOWS\system32\igxpun.exe 2009-05-15 11:34:42 ----A---- C:\WINDOWS\system32\difxapi.dll 2009-05-15 11:33:30 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-05-15 11:33:28 ----RA---- C:\WINDOWS\system32\CSVer.dll 2009-05-15 11:33:28 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-05-15 11:33:27 ----D---- C:\Program Files\Intel 2009-05-15 11:33:07 ----D---- C:\Intel 2009-05-15 11:31:54 ----A---- C:\WINDOWS\Ascd_tmp.ini 2009-05-15 11:28:13 ----D---- C:\Documents and Settings\G6\Application Data\Identities 2009-05-15 11:28:12 ----HD---- C:\Program Files\Uninstall Information 2009-05-15 11:28:02 ----ASH---- C:\Documents and Settings\G6\Application Data\desktop.ini 2009-05-15 11:28:01 ----SD---- C:\Documents and Settings\G6\Application Data\Microsoft 2009-05-15 11:25:52 ----D---- C:\WINDOWS\SoftwareDistribution 2009-05-15 11:25:51 ----SD---- C:\WINDOWS\system32\Microsoft 2009-05-15 11:25:51 ----D---- C:\WINDOWS\Prefetch 2009-05-15 11:25:51 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-15 11:23:16 ----D---- C:\WINDOWS\system32\xircom 2009-05-15 11:23:16 ----D---- C:\Program Files\xerox 2009-05-15 11:23:16 ----D---- C:\Program Files\microsoft frontpage 2009-05-15 11:23:03 ----A---- C:\WINDOWS\control.ini 2009-05-15 11:23:03 ----A---- C:\AUTOEXEC.BAT 2009-05-15 11:22:55 ----A---- C:\WINDOWS\OEWABLog.txt 2009-05-15 11:22:51 ----A---- C:\WINDOWS\system32\mapi32.dll 2009-05-15 11:22:10 ----RD---- C:\WINDOWS\Offline Web Pages 2009-05-15 11:22:09 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-05-15 11:22:09 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-05-15 11:22:04 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-05-15 11:22:00 ----HD---- C:\Program Files\WindowsUpdate 2009-05-15 11:21:57 ----D---- C:\Program Files\Services en ligne 2009-05-15 11:21:44 ----D---- C:\WINDOWS\system32\DirectX 2009-05-15 11:21:28 ----A---- C:\WINDOWS\system32\atrace.dll 2009-05-15 11:21:26 ----A---- C:\WINDOWS\system32\desktop.ini 2009-05-15 11:21:25 ----A---- C:\WINDOWS\desktop.ini 2009-05-15 11:21:20 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2009-05-15 11:21:19 ----A---- C:\WINDOWS\system32\acctres.dll 2009-05-15 11:21:18 ----D---- C:\Program Files\Fichiers communs\Services 2009-05-15 11:21:16 ----SD---- C:\WINDOWS\Tasks 2009-05-15 11:21:16 ----D---- C:\Program Files\Fichiers communs\MSSoap 2009-05-15 11:21:16 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2009-05-15 11:21:13 ----D---- C:\WINDOWS\srchasst 2009-05-15 11:21:12 ----D---- C:\WINDOWS\system32\Macromed 2009-05-15 11:21:10 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wups.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2009-05-15 11:21:09 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2009-05-15 11:21:08 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-05-15 11:21:08 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-05-15 11:21:05 ----D---- C:\Program Files\Movie Maker 2009-05-15 11:21:02 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-05-15 11:21:02 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-05-15 11:21:02 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-05-15 11:21:02 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-05-15 11:20:59 ----D---- C:\WINDOWS\system32\Restore 2009-05-15 11:20:59 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-05-15 11:20:59 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-05-15 11:20:59 ----A---- C:\WINDOWS\system32\srclient.dll 2009-05-15 11:20:59 ----A---- C:\WINDOWS\system32\fltMc.exe 2009-05-15 11:20:59 ----A---- C:\WINDOWS\system32\fltlib.dll 2009-05-15 11:20:58 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-05-15 11:20:58 ----A---- C:\WINDOWS\system32\msconf.dll 2009-05-15 11:20:58 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-05-15 11:20:58 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-05-15 11:20:58 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-05-15 11:20:58 ----A---- C:\WINDOWS\system32\ils.dll 2009-05-15 11:20:56 ----D---- C:\Program Files\NetMeeting 2009-05-15 11:20:56 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-05-15 11:20:55 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-05-15 11:20:55 ----A---- C:\WINDOWS\system32\inetres.dll 2009-05-15 11:20:54 ----A---- C:\WINDOWS\system32\inetcomm.dll 2009-05-15 11:20:53 ----D---- C:\Program Files\Outlook Express 2009-05-15 11:20:53 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-05-15 11:20:53 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-05-15 11:20:53 ----A---- C:\WINDOWS\system32\mstask.dll 2009-05-15 11:20:52 ----A---- C:\WINDOWS\system32\isign32.dll 2009-05-15 11:20:52 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-05-15 11:20:52 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-05-15 11:20:52 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-05-15 11:20:48 ----D---- C:\Program Files\Fichiers communs\System 2009-05-15 11:20:47 ----D---- C:\Program Files\Internet Explorer 2009-05-15 11:20:37 ----D---- C:\Program Files\ComPlus Applications 2009-05-15 11:20:35 ----A---- C:\WINDOWS\vbaddin.ini 2009-05-15 11:20:35 ----A---- C:\WINDOWS\vb.ini 2009-05-15 11:20:31 ----D---- C:\WINDOWS\Registration 2009-05-15 11:20:06 ----D---- C:\Program Files\Windows Media Player 2009-05-15 11:20:06 ----D---- C:\Program Files\Online Services 2009-05-15 11:20:02 ----D---- C:\Program Files\Messenger 2009-05-15 11:19:59 ----D---- C:\Program Files\MSN Gaming Zone 2009-05-15 11:19:59 ----A---- C:\WINDOWS\system32\write.exe 2009-05-15 11:19:52 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-05-15 11:19:52 ----A---- C:\WINDOWS\system32\hticons.dll 2009-05-15 11:19:52 ----A---- C:\WINDOWS\system32\avwav.dll 2009-05-15 11:19:52 ----A---- C:\WINDOWS\system32\avtapi.dll 2009-05-15 11:19:52 ----A---- C:\WINDOWS\system32\avmeter.dll 2009-05-15 11:19:51 ----A---- C:\WINDOWS\system32\winchat.exe 2009-05-15 11:19:46 ----A---- C:\WINDOWS\system32\sol.exe 2009-05-15 11:19:46 ----A---- C:\WINDOWS\system32\getuname.dll 2009-05-15 11:19:46 ----A---- C:\WINDOWS\system32\charmap.exe 2009-05-15 11:19:46 ----A---- C:\WINDOWS\system32\calc.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\winmine.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\tslabels.ini 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\tskill.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\tscon.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\shadow.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\rwinsta.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\reset.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\mshearts.exe 2009-05-15 11:19:45 ----A---- C:\WINDOWS\system32\freecell.exe 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\regini.exe 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\qwinsta.exe 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\qappsrv.exe 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\msg.exe 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\logoff.exe 2009-05-15 11:19:44 ----A---- C:\WINDOWS\system32\cdmodem.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\stclient.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-05-15 11:19:43 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-05-15 11:19:39 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2009-05-15 11:19:31 ----D---- C:\Program Files\MSN 2009-05-15 11:19:30 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-05-15 11:19:30 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-05-15 11:19:30 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-05-15 11:19:29 ----D---- C:\Program Files\Windows NT 2009-05-15 11:19:29 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-05-15 11:19:29 ----A---- C:\WINDOWS\system32\hypertrm.dll 2009-05-15 11:19:29 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-05-15 11:19:28 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-05-15 11:19:28 ----A---- C:\WINDOWS\system32\spider.exe 2009-05-15 11:19:28 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-05-15 11:19:28 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-05-15 11:19:28 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-05-15 11:19:27 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-05-15 11:19:26 ----D---- C:\WINDOWS\system32\MsDtc 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\mtxoci.dll 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-05-15 11:19:26 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-05-15 11:19:25 ----D---- C:\WINDOWS\system32\Com 2009-05-15 11:19:25 ----A---- C:\WINDOWS\system32\colbact.dll 2009-05-15 11:19:25 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-05-15 11:19:25 ----A---- C:\WINDOWS\system32\catsrvut.dll 2009-05-15 11:19:25 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-05-15 11:19:24 ----A---- C:\WINDOWS\system32\comuid.dll 2009-05-15 11:19:24 ----A---- C:\WINDOWS\system32\comsvcs.dll 2009-05-15 11:19:24 ----A---- C:\WINDOWS\system32\clbcatq.dll 2009-05-15 11:19:24 ----A---- C:\WINDOWS\system32\catsrv.dll 2009-05-15 11:19:20 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-05-15 11:19:20 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-05-15 11:19:20 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-05-15 11:19:19 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2009-05-15 12:51:41 ----A---- C:\WINDOWS\system.ini 2009-05-15 11:23:03 ----A---- C:\WINDOWS\win.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-08 5955232] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-07-01 108800] R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2005-07-07 60255] R3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-07-07 541990] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\G6\LOCALS~1\Temp\mc25.tmp [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-05 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-15 152984] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-05-17 68096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] -----------------EOF-----------------

Je n'arrive plus à ouvrir le gestionnaire de tache. Après le lancement j'ai un message me disant que j'ai un script absent : C:\WINDOWS\sytem32\winjpg\jpg, j'aimerais un peu d'aide svp Voici le rapport de Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:01:35, on 02/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe E:\Program Files\SuperCopier2\SuperCopier2.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe E:\Program Files\FL.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe E:\Program Files\HijackThis.exe Je sais pas trop quoi faire et j'ai pas trop envi de me planter, je sais pas ce qu'il faut effacer merci de me guider