CALO41

Bonjour, merci de veiller si tard pour m'aider! j'ai executer tdsskiller et il a supprimer un truc! Bravo ! Voici le rapport 10:35:15:093 1928 TDSS rootkit removing tool 2.2.2 Jan 13 2010 08:42:25 10:35:15:093 1928 ================================================================================ 10:35:15:093 1928 SystemInfo: 10:35:15:093 1928 OS Version: 5.1.2600 ServicePack: 3.0 10:35:15:093 1928 Product type: Workstation 10:35:15:093 1928 ComputerName: PCH 10:35:15:093 1928 UserName: PASCAL 10:35:15:093 1928 Windows directory: C:\WINDOWS 10:35:15:093 1928 Processor architecture: Intel x86 10:35:15:093 1928 Number of processors: 2 10:35:15:093 1928 Page size: 0x1000 10:35:15:093 1928 Boot type: Normal boot 10:35:15:093 1928 ================================================================================ 10:35:15:125 1928 UnloadDriverW: NtUnloadDriver error 2 10:35:15:125 1928 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2 10:35:15:125 1928 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 10:35:15:140 1928 UtilityInit: KLMD drop and load success 10:35:15:140 1928 KLMD_OpenDevice: Trying to open KLMD Device(KLMD201000) 10:35:15:140 1928 UtilityInit: KLMD open success 10:35:15:140 1928 UtilityInit: Initialize success 10:35:15:140 1928 10:35:15:140 1928 Scanning Services ... 10:35:15:140 1928 CreateRegParser: Registry parser init started 10:35:15:140 1928 DisableWow64Redirection: GetProcAddress(Wow64DisableWow64FsRedirection) error 127 10:35:15:140 1928 CreateRegParser: DisableWow64Redirection error 10:35:15:140 1928 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 10:35:15:140 1928 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\system) returned status C0000043 10:35:15:140 1928 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 10:35:15:140 1928 wfopen_ex: Trying to KLMD file open 10:35:15:140 1928 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\system 10:35:15:140 1928 wfopen_ex: File opened ok (Flags 2) 10:35:15:140 1928 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\system) init success: 274C08 10:35:15:140 1928 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 10:35:15:140 1928 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\software) returned status C0000043 10:35:15:140 1928 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 10:35:15:140 1928 wfopen_ex: Trying to KLMD file open 10:35:15:140 1928 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\software 10:35:15:140 1928 wfopen_ex: File opened ok (Flags 2) 10:35:15:140 1928 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\software) init success: 274C70 10:35:15:140 1928 EnableWow64Redirection: GetProcAddress(Wow64RevertWow64FsRedirection) error 127 10:35:15:140 1928 CreateRegParser: EnableWow64Redirection error 10:35:15:140 1928 CreateRegParser: RegParser init completed 10:35:15:656 1928 GetAdvancedServicesInfo: Raw services enum returned 350 services 10:35:15:656 1928 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 10:35:15:656 1928 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 10:35:15:656 1928 10:35:15:656 1928 Scanning Kernel memory ... 10:35:15:656 1928 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 10:35:15:656 1928 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 8AD2E9E8 10:35:15:656 1928 DetectCureTDL3: KLMD_GetDeviceObjectList returned 3 DevObjects 10:35:15:656 1928 10:35:15:656 1928 DetectCureTDL3: DEVICE_OBJECT: 8AD20C68 10:35:15:656 1928 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8AD20C68 10:35:15:656 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AD20C68[0x38] 10:35:15:656 1928 DetectCureTDL3: DRIVER_OBJECT: 8AD2E9E8 10:35:15:656 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AD2E9E8[0xA8] 10:35:15:656 1928 KLMD_ReadMem: Trying to ReadMemory 0xE16A2218[0x18] 10:35:15:656 1928 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 10:35:15:656 1928 DetectCureTDL3: IrpHandler (0) addr: BA96EBB0 10:35:15:656 1928 DetectCureTDL3: IrpHandler (1) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (2) addr: BA96EBB0 10:35:15:656 1928 DetectCureTDL3: IrpHandler (3) addr: BA968D1F 10:35:15:656 1928 DetectCureTDL3: IrpHandler (4) addr: BA968D1F 10:35:15:656 1928 DetectCureTDL3: IrpHandler (5) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (6) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (7) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler ( addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (9) addr: BA9692E2 10:35:15:656 1928 DetectCureTDL3: IrpHandler (10) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (11) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (12) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (13) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (14) addr: BA9693BB 10:35:15:656 1928 DetectCureTDL3: IrpHandler (15) addr: BA96CF28 10:35:15:656 1928 DetectCureTDL3: IrpHandler (16) addr: BA9692E2 10:35:15:656 1928 DetectCureTDL3: IrpHandler (17) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (18) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (19) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (20) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (21) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (22) addr: BA96AC82 10:35:15:656 1928 DetectCureTDL3: IrpHandler (23) addr: BA96F99E 10:35:15:656 1928 DetectCureTDL3: IrpHandler (24) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (25) addr: 804F4562 10:35:15:656 1928 DetectCureTDL3: IrpHandler (26) addr: 804F4562 10:35:15:656 1928 TDL3_FileDetect: Processing driver: Disk 10:35:15:656 1928 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 10:35:15:656 1928 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 10:35:15:687 1928 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 10:35:15:687 1928 10:35:15:687 1928 DetectCureTDL3: DEVICE_OBJECT: 8AC1AC68 10:35:15:687 1928 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8AC1AC68 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AC1AC68[0x38] 10:35:15:687 1928 DetectCureTDL3: DRIVER_OBJECT: 8AD2E9E8 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AD2E9E8[0xA8] 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0xE16A2218[0x18] 10:35:15:687 1928 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 10:35:15:687 1928 DetectCureTDL3: IrpHandler (0) addr: BA96EBB0 10:35:15:687 1928 DetectCureTDL3: IrpHandler (1) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (2) addr: BA96EBB0 10:35:15:687 1928 DetectCureTDL3: IrpHandler (3) addr: BA968D1F 10:35:15:687 1928 DetectCureTDL3: IrpHandler (4) addr: BA968D1F 10:35:15:687 1928 DetectCureTDL3: IrpHandler (5) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (6) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (7) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler ( addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (9) addr: BA9692E2 10:35:15:687 1928 DetectCureTDL3: IrpHandler (10) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (11) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (12) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (13) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (14) addr: BA9693BB 10:35:15:687 1928 DetectCureTDL3: IrpHandler (15) addr: BA96CF28 10:35:15:687 1928 DetectCureTDL3: IrpHandler (16) addr: BA9692E2 10:35:15:687 1928 DetectCureTDL3: IrpHandler (17) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (18) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (19) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (20) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (21) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (22) addr: BA96AC82 10:35:15:687 1928 DetectCureTDL3: IrpHandler (23) addr: BA96F99E 10:35:15:687 1928 DetectCureTDL3: IrpHandler (24) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (25) addr: 804F4562 10:35:15:687 1928 DetectCureTDL3: IrpHandler (26) addr: 804F4562 10:35:15:687 1928 TDL3_FileDetect: Processing driver: Disk 10:35:15:687 1928 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 10:35:15:687 1928 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 10:35:15:687 1928 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 10:35:15:687 1928 10:35:15:687 1928 DetectCureTDL3: DEVICE_OBJECT: 8AD01AB8 10:35:15:687 1928 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8AD01AB8 10:35:15:687 1928 DetectCureTDL3: DEVICE_OBJECT: 8AD070F8 10:35:15:687 1928 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8AD070F8 10:35:15:687 1928 DetectCureTDL3: DEVICE_OBJECT: 8AD81BD0 10:35:15:687 1928 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8AD81BD0 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AD81BD0[0x38] 10:35:15:687 1928 DetectCureTDL3: DRIVER_OBJECT: 8ACD7210 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8ACD7210[0xA8] 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8ACEFD98[0x38] 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AD04F38[0xA8] 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0xE1008EF8[0x1A] 10:35:15:687 1928 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 10:35:15:687 1928 DetectCureTDL3: IrpHandler (0) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (1) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (2) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (3) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (4) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (5) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (6) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (7) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler ( addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (9) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (10) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (11) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (12) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (13) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (14) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (15) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (16) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (17) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (18) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (19) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (20) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (21) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (22) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (23) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (24) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (25) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: IrpHandler (26) addr: 8AC1E841 10:35:15:687 1928 DetectCureTDL3: All IRP handlers pointed to one addr: 8AC1E841 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AC1E841[0x400] 10:35:15:687 1928 TDL3_IrpHookDetect: CheckParameters: 4, FFDF0308, 333, 121, 3, 109 10:35:15:687 1928 Driver "atapi" Irp handler infected by TDSS rootkit ... 10:35:15:687 1928 KLMD_WriteMem: Trying to WriteMemory 0x8AC1E8BA[0xD] 10:35:15:687 1928 cured 10:35:15:687 1928 KLMD_ReadMem: Trying to ReadMemory 0x8AC1E6EC[0x400] 10:35:15:687 1928 TDL3_StartIoHookDetect: CheckParameters: 9, FFDF0308, 1 10:35:15:687 1928 Driver "atapi" StartIo handler infected by TDSS rootkit ... 10:35:15:687 1928 TDL3_StartIoHookCure: Number of patches 1 10:35:15:687 1928 KLMD_WriteMem: Trying to WriteMemory 0x8AC1E7F5[0x6] 10:35:15:687 1928 cured 10:35:15:687 1928 TDL3_FileDetect: Processing driver: atapi 10:35:15:687 1928 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 10:35:15:687 1928 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys 10:35:15:687 1928 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Infected 10:35:15:687 1928 File C:\WINDOWS\system32\DRIVERS\atapi.sys infected by TDSS rootkit ... 10:35:15:687 1928 TDL3_FileCure: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 10:35:15:687 1928 ProcessDirEnumEx: FindFirstFile(C:\WINDOWS\system32\DriverStore\FileRepository\*) error 3 10:35:15:718 1928 CABFileCallback: Processing cab-file: C:\WINDOWS\Driver Cache\i386\sp3.cab 10:35:15:734 1928 CabinetCallback: Backup candidate found: atapi.sys:96512, extracting.. 10:35:15:781 1928 CabinetCallback: File extracted successfully: C:\DOCUME~1\PASCAL\LOCALS~1\Temp\bck9.tmp 10:35:15:781 1928 ValidateDriverFile: Stage 1 passed 10:35:15:781 1928 ValidateDriverFile: Stage 2 passed 10:35:15:843 1928 DigitalSignVerifyByHandle: Embedded DS result: 800B0100 10:35:16:109 1928 DigitalSignVerifyByHandle: Cat DS result: 00000000 10:35:16:109 1928 ValidateDriverFile: Stage 3 passed 10:35:16:109 1928 CabinetCallback: File validated successfully, restore information prepared 10:35:16:109 1928 FindDriverFileBackup: Backup copy found in cab-file 10:35:16:109 1928 TDL3_FileCure: Backup copy found, using it.. 10:35:16:125 1928 TDL3_FileCure: Dumping cured buffer to file C:\WINDOWS\system32\drivers\tskA.tmp 10:35:16:171 1928 TDL3_FileCure: New / Old Image paths: (system32\drivers\tskA.tmp, system32\drivers\atapi.sys) 10:35:16:171 1928 TDL3_FileCure: KLMD jobs schedule success 10:35:16:171 1928 will be cured on next reboot 10:35:16:171 1928 UtilityBootReinit: Reboot required for cure complete.. 10:35:16:171 1928 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmdb.sys) returned status 00000000 10:35:16:171 1928 UtilityBootReinit: KLMD drop success 10:35:16:171 1928 KLMD_ApplyPendList: Pending buffer(2F2F_7DF8, 600) dropped successfully 10:35:16:171 1928 UtilityBootReinit: Cure on reboot scheduled successfully 10:35:16:171 1928 10:35:16:171 1928 Completed 10:35:16:171 1928 10:35:16:187 1928 Results: 10:35:16:187 1928 Memory objects infected / cured / cured on reboot: 2 / 2 / 0 10:35:16:187 1928 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 10:35:16:187 1928 File objects infected / cured / cured on reboot: 1 / 0 / 1 10:35:16:187 1928 10:35:16:187 1928 UnloadDriverW: NtUnloadDriver error 1 10:35:16:187 1928 KLMD_Unload: UnloadDriverW(klmd21) error 1 10:35:16:187 1928 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 10:35:16:187 1928 UtilityDeinit: KLMD(ARK) unloaded successfully Comme d'habitude le rapport mbam ne signale rien : Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3644 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 27/01/2010 13:26:43 mbam-log-2010-01-27 (13-26-43).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 215025 Temps écoulé: 1 hour(s), 2 minute(s), 35 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) A priori depuis tdsskiller, je n'ai plus de signal d'avir par lequel je suis infecté! A vous lire cordialement calou41

Pear, Voila le premier rapport info.txt logfile of random's system information tool 1.06 2010-01-18 13:48:25 ======Uninstall list====== -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log -->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87} -->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} -->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048} -->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82} -->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20} -->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE} -->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} -->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\Setup.exe" -l0x40c anything -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe GoLive CS2 Français-->msiexec /i {46548E80-040C-0000-7E8A-45000F855001} Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101} Adobe Illustrator CS2-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601} Adobe InDesign CS2-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC} Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D} Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Agere Systems HDA Modem-->agrsmdel Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE BlackBerry Desktop Software 4.2.2-->MsiExec.exe /I{75D6745B-2239-4182-A31F-F95CEBB35099} BlackBerry Desktop Software 4.2.2-->MsiExec.exe /i{75D6745B-2239-4182-A31F-F95CEBB35099} Brother HL-2070N-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2484BCC-8919-4EC0-840E-914EFC3B4F4E}\SETUP.exe" -l0x40c -removeonly /uninst Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E89658-5D6B-4F0D-B72B-57863C3AD06C}\Setup.exe" -l0x40c Brunin03.dllBrunin03.dll CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Ciel Business Plan-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4A31ABB-229F-4922-8499-4731B0A0A2AD}\install.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" EBP Gestion Commerciale 14.0-->"C:\Documents and Settings\All Users\Application Data\{FE069067-C990-443D-9D40-5996B35ACE1D}\setup.exe" REMOVE=TRUE MODIFY=FALSE EBP Gestion Commerciale 14.0-->C:\Documents and Settings\All Users\Application Data\{FE069067-C990-443D-9D40-5996B35ACE1D}\setup.exe EBP Utilitaire d'échanges 1.1-->"C:\Documents and Settings\All Users\Application Data\{4890FF13-BFC8-467A-AD6A-71025F041ADD}\setup.exe" REMOVE=TRUE MODIFY=FALSE EBP Utilitaire d'échanges 1.1-->C:\Documents and Settings\All Users\Application Data\{4890FF13-BFC8-467A-AD6A-71025F041ADD}\setup.exe High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\driver\HIJACKTHIS\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Officejet Pro K5300/5400 Series-->C:\Program Files\HP\Digital Imaging\{AAF42A99-B684-49B1-AEBC-AE5B287CB98D}\setup\hpzscr01.exe -datfile hpwscr06.dat Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2 IZArc 4.1-->"C:\Program Files\IZArc\unins000.exe" J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040} Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} K-Lite Codec Pack 5.6.1 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC} Pervasive System Analyzer-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Fichiers communs\Pervasive Software Shared\PSA\psa.isu" Pervasive.SQL V8 Workgroup (v8.6)-->MsiExec.exe /I{5FCFC78C-438A-4F4D-B266-E32B8468BAFC} REALTEK GbE & FE Ethernet PCI NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe" -l0x40c -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Roxio Media Manager-->MsiExec.exe /X{66D171AA-670F-4309-9C74-5BA7F7DBA0B3} Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" =====HijackThis Backups===== O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') [2010-01-15] O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [2010-01-15] O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2010-01-15] O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE [2010-01-15] O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2010-01-15] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.nec-computers.fr/ [2010-01-15] O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') [2010-01-15] O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE [2010-01-15] O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [2010-01-15] O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-01-15] O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [2010-01-15] O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [2010-01-15] O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') [2010-01-15] O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') [2010-01-15] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2010-01-15] O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll [2010-01-15] O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun [2010-01-15] O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [2010-01-15] O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2010-01-15] O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll [2010-01-15] ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: PCH Event Code: 7036 Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution. Record Number: 125 Source Name: Service Control Manager Time Written: 20100108155441.000000+060 Event Type: Informations User: Computer Name: PCH Event Code: 7036 Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution. Record Number: 124 Source Name: Service Control Manager Time Written: 20100108155440.000000+060 Event Type: Informations User: Computer Name: PCH Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness). Record Number: 123 Source Name: Service Control Manager Time Written: 20100108155440.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: PCH Event Code: 17 Message: AVGNTFLT successfully loaded Record Number: 122 Source Name: avgntflt Time Written: 20100108155351.000000+060 Event Type: Informations User: Computer Name: PCH Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 121 Source Name: EventLog Time Written: 20100108155322.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: PCH Event Code: 0 Message: Record Number: 5 Source Name: myAgtSvc Time Written: 20100108120707.000000+060 Event Type: Informations User: Computer Name: PCH Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 4 Source Name: SecurityCenter Time Written: 20100108120704.000000+060 Event Type: Informations User: Computer Name: PCH Event Code: 5000 Message: Record Number: 3 Source Name: McLogEvent Time Written: 20100108120700.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: PCH Event Code: 0 Message: Record Number: 2 Source Name: CLSched Time Written: 20100108120653.000000+060 Event Type: Informations User: Computer Name: PCH Event Code: 0 Message: Record Number: 1 Source Name: CLCapSvc Time Written: 20100108120652.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\PVSW\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=C:\PVSW\bin\pvjdbc2x.jar;C:\PVSW\bin\pvjdbc.jar "QTJAVA"="C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip" "VSL"=C:\PVSW\bin "RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\9.0\Roxio Central33\ -----------------EOF----------------- Cordialement calou41 Bonsoir, voici enfin le 2 eme log ! c'ets du chinois pour moi ! Logfile of random's system information tool 1.06 (written by random/random) Run by PASCAL at 2010-01-26 21:58:13 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 36 GB (51%) free of 70 GB Total RAM: 3062 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:58:24, on 26/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\brss01a.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PVSW\Bin\WGE_SRV.EXE C:\WINDOWS\System32\svchost.exe C:\PVSW\BIN\W3dbsmgr.EXE C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Protector Suite QL\menusw.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\driver\HIJACKTHIS\HiJackThis.exe C:\Documents and Settings\PASCAL\Bureau\RSIT\RSIT.exe C:\driver\HIJACKTHIS\PASCAL.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [biomenu] "C:\Program Files\Protector Suite QL\menusw.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [windef.exe] C:\WINDOWS\system32\windef.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [windef.exe] C:\WINDOWS\system32\windef.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) - Unknown owner - C:\PVSW\Bin\WGE_SRV.EXE O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- End of file - 7970 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-15 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-04-28 766041] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-12-13 88204] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-15 149280] "Biomenu"=C:\Program Files\Protector Suite QL\menusw.exe [2005-08-30 1371648] "PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] ""= [] "RoxWatchTray"=C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-03-26 228088] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-12-28 98304] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] C:\WINDOWS\system32\fusstub.dll [2005-08-30 39936] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli fusstub [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-01-26 21:49:18 ----A---- C:\WINDOWS\IE4 Error Log.txt 2010-01-25 16:27:32 ----D---- C:\Program Files\Yooda 2010-01-21 13:28:33 ----A---- C:\WINDOWS\system32\QTUninst.dll 2010-01-21 13:18:45 ----A---- C:\WINDOWS\uninst.exe 2010-01-20 12:28:36 ----D---- C:\Casse chez Crabb & Sons 2010-01-20 10:32:52 ----D---- C:\Documents and Settings\PASCAL\Application Data\Research In Motion 2010-01-19 20:07:24 ----D---- C:\Documents and Settings\PASCAL\Application Data\Protector Suite 2010-01-19 16:27:41 ----RSH---- C:\WINDOWS\system32\windef.exe 2010-01-19 14:37:58 ----HD---- C:\WINDOWS\PIF 2010-01-18 13:48:06 ----D---- C:\rsit 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\javaws.exe 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\javaw.exe 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\java.exe 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\deploytk.dll 2010-01-14 14:29:11 ----A---- C:\WINDOWS\system32\lsdelete.exe 2010-01-14 11:49:06 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-14 11:40:03 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2010-01-14 11:39:22 ----D---- C:\Program Files\Lavasoft 2010-01-14 11:39:21 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2010-01-14 10:06:14 ----D---- C:\Program Files\Fichiers communs\Sonic Shared 2010-01-14 10:06:11 ----D---- C:\Program Files\Roxio 2010-01-14 10:01:52 ----D---- C:\Documents and Settings\PASCAL\Application Data\Blackberry Desktop 2010-01-14 10:00:37 ----D---- C:\Program Files\Fichiers communs\Research In Motion 2010-01-13 15:43:42 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic 2010-01-13 15:39:40 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio 2010-01-13 15:39:32 ----D---- C:\Program Files\Fichiers communs\Roxio Shared 2010-01-13 15:32:06 ----D---- C:\Program Files\Research In Motion 2010-01-13 15:25:30 ----SHD---- C:\WINDOWS\ftpcache 2010-01-13 13:15:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 13:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-13 09:22:20 ----A---- C:\WINDOWS\system32\hpz3l4sa.dll 2010-01-13 09:22:19 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2010-01-13 09:22:14 ----A---- C:\WINDOWS\system32\AddPort.ini 2010-01-13 09:21:04 ----A---- C:\WINDOWS\hpntwksetup.ini 2010-01-13 09:20:36 ----D---- C:\TEMP 2010-01-13 09:19:09 ----D---- C:\WINDOWS\ccr 2010-01-13 09:18:28 ----HD---- C:\Config.Msi 2010-01-13 09:18:12 ----D---- C:\Program Files\HP 2010-01-12 23:39:44 ----D---- C:\WINDOWS\Minidump 2010-01-11 22:16:43 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2010-01-11 22:15:21 ----D---- C:\Documents and Settings\PASCAL\Application Data\AdobeUM 2010-01-11 09:20:34 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2010-01-10 14:02:04 ----D---- C:\Documents and Settings\PASCAL\Application Data\Malwarebytes 2010-01-10 14:01:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-01-10 14:01:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-10 11:45:44 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-01-10 11:45:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-10 09:09:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-01-10 09:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2010-01-10 09:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2010-01-10 09:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2010-01-10 09:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-01-09 22:46:44 ----A---- C:\WINDOWS\system32\unrar.dll 2010-01-09 22:46:43 ----A---- C:\WINDOWS\avisplitter.ini 2010-01-09 22:46:40 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2010-01-09 22:46:40 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2010-01-09 22:46:40 ----A---- C:\WINDOWS\system32\xvidcore.dll 2010-01-09 22:46:36 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2010-01-09 22:46:36 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2010-01-09 22:46:33 ----D---- C:\Program Files\K-Lite Codec Pack 2010-01-09 19:44:12 ----A---- C:\WINDOWS\system32\FileOps.exe 2010-01-09 19:44:11 ----D---- C:\WINDOWS\system32\Adobe 2010-01-09 19:29:43 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2010-01-09 19:24:02 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared 2010-01-09 17:50:03 ----D---- C:\WINDOWS\Sun 2010-01-09 17:50:03 ----D---- C:\Documents and Settings\PASCAL\Application Data\Sun 2010-01-09 13:57:49 ----D---- C:\Program Files\IZArc 2010-01-09 12:37:58 ----D---- C:\Program Files\CCleaner 2010-01-09 12:00:33 ----D---- C:\WINDOWS\Prefetch 2010-01-09 11:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-01-09 11:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-01-09 11:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-01-09 11:56:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-01-09 11:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-01-09 11:56:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-01-09 11:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-01-09 11:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-01-09 11:56:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-01-09 11:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-01-09 11:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2010-01-09 11:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-01-09 11:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-01-09 11:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2010-01-09 11:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2010-01-09 11:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-01-09 11:55:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-01-09 11:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-01-09 11:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-01-09 11:54:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-01-09 11:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-01-09 11:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$ 2010-01-09 11:54:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-01-09 11:54:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-01-09 11:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-01-09 11:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-01-09 11:53:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2010-01-09 11:53:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-01-09 11:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2010-01-09 11:53:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-01-09 11:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-01-09 11:53:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-01-09 11:52:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-01-09 11:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-01-09 11:52:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-01-09 11:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-01-09 11:52:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-01-09 11:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-01-09 11:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-01-09 11:51:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-01-09 11:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2010-01-09 11:51:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-01-09 11:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-01-09 11:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-01-09 11:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-01-09 11:45:42 ----D---- C:\WINDOWS\l2schemas 2010-01-09 11:45:41 ----D---- C:\WINDOWS\system32\fr 2010-01-09 11:45:41 ----D---- C:\WINDOWS\system32\bits 2010-01-09 11:37:40 ----D---- C:\WINDOWS\network diagnostic 2010-01-09 11:30:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-01-09 11:12:59 ----D---- C:\WINDOWS\system32\XPSViewer 2010-01-09 11:12:54 ----D---- C:\Program Files\MSBuild 2010-01-09 11:12:52 ----D---- C:\WINDOWS\system32\en-US 2010-01-09 11:12:46 ----D---- C:\Program Files\Reference Assemblies 2010-01-09 11:12:12 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2010-01-09 11:12:12 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2010-01-09 11:12:12 ----N---- C:\WINDOWS\system32\prntvpt.dll 2010-01-09 11:12:11 ----D---- C:\9de6f3d6823d184b4f352867bc2e 2010-01-09 11:08:13 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2010-01-09 11:08:07 ----D---- C:\Program Files\MSXML 6.0 2010-01-09 10:59:45 ----D---- C:\WINDOWS\ie8updates 2010-01-09 10:58:43 ----D---- C:\WINDOWS\WBEM 2010-01-09 10:57:20 ----HDC---- C:\WINDOWS\ie8 2010-01-09 10:57:20 ----D---- C:\WINDOWS\system32\fr-FR 2010-01-09 10:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2010-01-09 10:48:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2010-01-09 10:47:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ 2010-01-09 10:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2010-01-09 10:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2010-01-09 10:47:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$ 2010-01-09 10:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$ 2010-01-09 10:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-01-09 10:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-01-09 10:47:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$ 2010-01-09 10:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2010-01-09 10:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$ 2010-01-09 10:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$ 2010-01-09 10:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2_0$ 2010-01-09 10:46:17 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2010-01-09 10:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2010-01-09 10:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$ 2010-01-09 10:41:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971557_0$ 2010-01-09 10:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$ 2010-01-09 10:41:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$ 2010-01-09 10:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$ 2010-01-09 10:39:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$ 2010-01-09 10:38:54 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$ 2010-01-09 10:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2010-01-09 10:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633_0$ 2010-01-09 10:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-01-09 10:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$ 2010-01-09 10:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$ 2010-01-09 10:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2010-01-09 10:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$ 2010-01-09 10:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$ 2010-01-09 10:36:12 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$ 2010-01-09 10:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$ 2010-01-09 10:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-01-09 10:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$ 2010-01-09 10:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2010-01-09 10:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$ 2010-01-09 10:34:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$ 2010-01-09 10:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2010-01-09 10:34:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$ 2010-01-09 10:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-01-09 10:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$ 2010-01-09 10:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2010-01-09 10:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$ 2010-01-09 10:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2010-01-09 10:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-01-09 10:32:10 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$ 2010-01-09 10:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$ 2010-01-09 10:31:44 ----D---- C:\WINDOWS\ServicePackFiles 2010-01-09 10:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2010-01-09 10:31:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$ 2010-01-09 10:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$ 2010-01-09 10:31:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2010-01-09 10:30:03 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-09 10:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2010-01-09 10:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2010-01-09 10:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2010-01-09 10:29:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ 2010-01-09 10:28:51 ----D---- C:\Program Files\MSXML 4.0 2010-01-09 10:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2010-01-09 10:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$ 2010-01-09 10:28:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$ 2010-01-09 10:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$ 2010-01-09 10:27:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$ 2010-01-09 09:55:11 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-01-09 09:32:19 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-01-08 19:50:32 ----SHD---- C:\WINDOWS\Installer 2010-01-08 19:50:32 ----SHD---- C:\RECYCLER 2010-01-08 19:50:32 ----SD---- C:\WINDOWS\Tasks 2010-01-08 19:50:32 ----SD---- C:\WINDOWS\system32\Microsoft 2010-01-08 19:50:32 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-08 19:50:32 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-08 19:50:32 ----RSD---- C:\WINDOWS\Fonts 2010-01-08 19:50:32 ----RSD---- C:\WINDOWS\assembly 2010-01-08 19:50:32 ----RD---- C:\WINDOWS\Web 2010-01-08 19:50:32 ----RD---- C:\WINDOWS\Offline Web Pages 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\inf 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\I386 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB924496$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB924191$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB923414$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB923191$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB922819$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB922616$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB922582$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB921883$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB921398$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920872$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920685$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920683$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920670$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920214$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB919007$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB918899$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB918439$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917953$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917734_WMP10$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917422$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917344$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917159$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB916595$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB914389$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB914388$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB913580$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB913446$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB912919$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911927$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911567$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911565$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911564$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911562$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911280$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB910728$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB910437$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB908531$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB908519$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB905749$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB905414$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB904706$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB902400$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB901214$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB901190$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB901017$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB900725$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB900485$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB899591$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB899589$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB899587$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB898461$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB898458$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896428$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896424$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896423$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896422$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896358$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896256$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB894391$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB893756$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB891781$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB890859$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB890046$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888302$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888239$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888113$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB887742$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB887472$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB886185$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB885836$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB885835$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB885250$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB873339$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-08 19:50:32 ----HD---- C:\Program Files\WindowsUpdate 2010-01-08 19:50:32 ----HD---- C:\Program Files\Uninstall Information 2010-01-08 19:50:32 ----D---- C:\WINDOWS\WinSxS 2010-01-08 19:50:32 ----D---- C:\WINDOWS\twain_32 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Temp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\xircom 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\wins 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\wbem 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\usmt 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\URTTemp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\spool 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ShellExt 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Setup 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\RTCOM 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Restore 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ras 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\QuickTime 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\PreInstall 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\oobe 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\npp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\mui 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\MsDtc 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Macromed 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Lang 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\inetsrv 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\IME 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\icsxml 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ias 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\export 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\drivers 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\DirectX 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\dhcp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\config 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Com 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\CatRoot 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\3com_dmi 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\3076 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\2052 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1054 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1042 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1041 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1037 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1036 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1033 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1031 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1028 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1025 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system 2010-01-08 19:50:32 ----D---- C:\WINDOWS\srchasst 2010-01-08 19:50:32 ----D---- C:\WINDOWS\SoftwareDistribution 2010-01-08 19:50:32 ----D---- C:\WINDOWS\security 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Resources 2010-01-08 19:50:32 ----D---- C:\WINDOWS\REPAIR 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Registration 2010-01-08 19:50:32 ----D---- C:\WINDOWS\RegisteredPackages 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Provisioning 2010-01-08 19:50:32 ----D---- C:\WINDOWS\PeerNet 2010-01-08 19:50:32 ----D---- C:\WINDOWS\pchealth 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Options 2010-01-08 19:50:32 ----D---- C:\WINDOWS\mui 2010-01-08 19:50:32 ----D---- C:\WINDOWS\msapps 2010-01-08 19:50:32 ----D---- C:\WINDOWS\msagent 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Microsoft.NET 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Media 2010-01-08 19:50:32 ----D---- C:\WINDOWS\java 2010-01-08 19:50:32 ----D---- C:\WINDOWS\ime 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Help 2010-01-08 19:50:32 ----D---- C:\WINDOWS\ehome 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Driver Cache 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Debug 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Cursors 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Connection Wizard 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Config 2010-01-08 19:50:32 ----D---- C:\WINDOWS\AppPatch 2010-01-08 19:50:32 ----D---- C:\WINDOWS\addins 2010-01-08 19:50:32 ----D---- C:\WINDOWS 2010-01-08 19:50:32 ----D---- C:\Program Files\xerox 2010-01-08 19:50:32 ----D---- C:\Program Files\Windows NT 2010-01-08 19:50:32 ----D---- C:\Program Files\Windows Media Player 2010-01-08 19:50:32 ----D---- C:\Program Files\Synaptics 2010-01-08 19:50:32 ----D---- C:\Program Files\Sonic 2010-01-08 19:50:32 ----D---- C:\Program Files\Services en ligne 2010-01-08 19:50:32 ----D---- C:\Program Files\Realtek 2010-01-08 19:50:32 ----D---- C:\Program Files\QuickTime 2010-01-08 19:50:32 ----D---- C:\Program Files\Protector Suite QL 2010-01-08 19:50:32 ----D---- C:\Program Files\Outlook Express 2010-01-08 19:50:32 ----D---- C:\Program Files\Online Services 2010-01-08 19:50:32 ----D---- C:\Program Files\NetMeeting 2010-01-08 19:50:32 ----D---- C:\Program Files\MSN Gaming Zone 2010-01-08 19:50:32 ----D---- C:\Program Files\MSN 2010-01-08 19:50:32 ----D---- C:\Program Files\Movie Maker 2010-01-08 19:50:32 ----D---- C:\Program Files\microsoft frontpage 2010-01-08 19:50:32 ----D---- C:\Program Files\Messenger 2010-01-08 19:50:32 ----D---- C:\Program Files\McAfee 2010-01-08 19:50:32 ----D---- C:\Program Files\Java 2010-01-08 19:50:31 ----SHD---- C:\DRIVERS 2010-01-08 19:50:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-01-08 19:50:31 ----RSHD---- C:\cmdcons 2010-01-08 19:50:31 ----RD---- C:\Program Files 2010-01-08 19:50:31 ----HD---- C:\Program Files\InstallShield Installation Information 2010-01-08 19:50:31 ----HD---- C:\PNP 2010-01-08 19:50:31 ----D---- C:\Program Files\Internet Explorer 2010-01-08 19:50:31 ----D---- C:\Program Files\Intel 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\System 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\SureThing Shared 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Services 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Protector Suite QL 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\ODBC 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\MSSoap 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Java 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\InstallShield 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs 2010-01-08 19:50:31 ----D---- C:\Program Files\CyberLink 2010-01-08 19:50:31 ----D---- C:\Program Files\ComPlus Applications 2010-01-08 19:50:31 ----D---- C:\Program Files\Adobe 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\SBSI 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\Network Associates 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-01-08 19:50:31 ----D---- C:\Documents and Settings 2010-01-08 19:50:31 ----D---- C:\APPS 2010-01-08 19:50:31 ----AHD---- C:\DIVTOOLS 2010-01-08 19:50:29 ----SHD---- C:\System Volume Information 2010-01-08 18:39:08 ----HDC---- C:\Documents and Settings\All Users\Application Data\{4890FF13-BFC8-467A-AD6A-71025F041ADD} 2010-01-08 16:43:21 ----A---- C:\WINDOWS\BO9420CN.INI 2010-01-08 16:42:53 ----D---- C:\Documents and Settings\PASCAL\Application Data\EBP 2010-01-08 16:42:53 ----D---- C:\Documents and Settings\All Users\Application Data\EBP 2010-01-08 16:42:39 ----A---- C:\WINDOWS\system32\cdintf400.dll 2010-01-08 16:41:43 ----D---- C:\Program Files\Fichiers communs\EBP 2010-01-08 16:40:49 ----HDC---- C:\Documents and Settings\All Users\Application Data\{FE069067-C990-443D-9D40-5996B35ACE1D} 2010-01-08 16:40:34 ----D---- C:\Program Files\EBP 2010-01-08 16:31:38 ----D---- C:\Documents and Settings\PASCAL\Application Data\Adobe 2010-01-08 16:20:32 ----A---- C:\WINDOWS\system32\brss01a.ini 2010-01-08 16:20:32 ----A---- C:\WINDOWS\BRPP2KA.INI 2010-01-08 16:19:27 ----A---- C:\WINDOWS\Brpfx04a.ini 2010-01-08 16:19:27 ----A---- C:\WINDOWS\brpcfx.ini 2010-01-08 16:19:10 ----N---- C:\WINDOWS\system32\brinsstr.dll 2010-01-08 16:18:55 ----D---- C:\Program Files\Common Files 2010-01-08 16:18:55 ----A---- C:\WINDOWS\system32\BrWiaNCp.dll 2010-01-08 16:18:55 ----A---- C:\WINDOWS\system32\Brnsplg.dll 2010-01-08 16:18:55 ----A---- C:\WINDOWS\system32\BrNetSti.dll 2010-01-08 16:18:54 ----A---- C:\WINDOWS\system32\BrWia05b.dll 2010-01-08 16:18:53 ----D---- C:\Brother 2010-01-08 16:18:53 ----A---- C:\WINDOWS\system32\BrfxD05a.dll 2010-01-08 16:18:52 ----A---- C:\WINDOWS\system32\NSSearch.dll 2010-01-08 16:18:52 ----A---- C:\WINDOWS\system32\BrMuSNMP.dll 2010-01-08 16:18:52 ----A---- C:\WINDOWS\brunin03.dll 2010-01-08 16:16:39 ----A---- C:\WINDOWS\maxlink.ini 2010-01-08 16:16:22 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2010-01-08 16:16:12 ----D---- C:\Program Files\Fichiers communs\ScanSoft Shared 2010-01-08 16:16:05 ----D---- C:\Program Files\ScanSoft 2010-01-08 16:16:05 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft 2010-01-08 16:15:10 ----D---- C:\Documents and Settings\All Users\Application Data\Brother 2010-01-08 16:07:26 ----A---- C:\WINDOWS\bti.ini 2010-01-08 16:06:51 ----D---- C:\Program Files\Fichiers communs\Pervasive Software Shared 2010-01-08 16:06:50 ----A---- C:\WINDOWS\keyhh.exe 2010-01-08 16:06:49 ----A---- C:\WINDOWS\IsUninst.exe 2010-01-08 16:06:47 ----D---- C:\PVSW 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\pscore.dll 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\pscl.dll 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\nwlocale.dll 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\mfcoleui.dll 2010-01-08 16:06:06 ----D---- C:\Install 2010-01-08 15:57:16 ----RD---- C:\Documents and Settings\PASCAL\Application Data\Brother 2010-01-08 15:56:49 ----A---- C:\WINDOWS\BRVIDEO.INI 2010-01-08 15:56:49 ----A---- C:\WINDOWS\Brownie.ini 2010-01-08 15:56:49 ----A---- C:\WINDOWS\BRDIAG.INI 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRVPDNTA.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRVPD95A.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRRBTOOL.EXE 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BROSNMP.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRLM03A.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRGSRC32.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRGSRC16.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\Brdiag2.exe 2010-01-08 15:56:41 ----D---- C:\Program Files\Brownie 2010-01-08 15:56:41 ----A---- C:\WINDOWS\HL-2070N.INI 2010-01-08 15:56:15 ----A---- C:\WINDOWS\BRWMARK.INI 2010-01-08 15:56:03 ----N---- C:\WINDOWS\system32\PTRCFRE.DLL 2010-01-08 15:55:59 ----D---- C:\Program Files\Brother 2010-01-08 15:55:59 ----A---- C:\WINDOWS\system32\PDRVINST.DLL 2010-01-08 15:55:59 ----A---- C:\WINDOWS\system32\BRWEBUP.EXE 2010-01-08 15:55:59 ----A---- C:\WINDOWS\system32\BrWebIns.dll 2010-01-08 15:05:56 ----A---- C:\WINDOWS\Gcr70fr.INI 2010-01-08 15:05:52 ----A---- C:\WINDOWS\gescap.ini 2010-01-08 15:05:49 ----D---- C:\CIEL 2010-01-08 15:05:31 ----N---- C:\WINDOWS\system32\CRUN500.DLL 2010-01-08 14:08:02 ----A---- C:\WINDOWS\ODBC.INI 2010-01-08 14:07:55 ----A---- C:\WINDOWS\system32\mdimon.dll 2010-01-08 14:05:35 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2010-01-08 14:05:28 ----D---- C:\Program Files\Microsoft Works 2010-01-08 14:05:15 ----D---- C:\Program Files\Microsoft Visual Studio 2010-01-08 14:04:43 ----D---- C:\WINDOWS\SHELLNEW 2010-01-08 14:04:17 ----D---- C:\Program Files\Microsoft.NET 2010-01-08 14:04:17 ----D---- C:\Program Files\Microsoft Office 2010-01-08 12:23:57 ----D---- C:\Program Files\Avira 2010-01-08 12:23:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-01-08 12:22:34 ----A---- C:\WINDOWS\myClean.bat 2010-01-08 12:19:28 ----D---- C:\driver 2010-01-08 12:06:42 ----ASH---- C:\Documents and Settings\PASCAL\Application Data\desktop.ini 2010-01-08 12:06:41 ----SD---- C:\Documents and Settings\PASCAL\Application Data\Microsoft 2010-01-08 12:06:41 ----D---- C:\Documents and Settings\PASCAL\Application Data\Macromedia 2010-01-08 12:06:41 ----D---- C:\Documents and Settings\PASCAL\Application Data\Identities ======List of files/folders modified in the last 1 months====== 2010-01-26 19:59:54 ----N---- C:\WINDOWS\SchedLgU.Txt 2010-01-19 15:34:57 ----A---- C:\WINDOWS\win.ini 2010-01-10 09:32:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-01-08 12:08:02 ----RASH---- C:\BOOT.INI 2010-01-08 12:01:35 ----A---- C:\WINDOWS\system.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-01-08 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-01-08 56816] R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537] R2 FdRedir;FdRedir; \??\C:\Program Files\Fichiers communs\Protector Suite QL\Drivers\FdRedir.sys [] R2 FileDisk2;FileDisk Protector Kernel Driver; \??\C:\Program Files\Fichiers communs\Protector Suite QL\Drivers\filedisk.sys [] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-12-13 1124097] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-03-16 4249088] R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928] R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496] R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-04-28 193056] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-02-01 28800] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-02-25 1428480] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] S3 RimUsb;Appareil BlackBerry; C:\WINDOWS\System32\Drivers\RimUsb.sys [2006-11-07 22272] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-01-08 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-01-08 185089] R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2004-06-14 57344] R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266] R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672] R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440] R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-15 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-14 1181328] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 Pervasive.SQL Workgroup;EBP - Pervasive.SQL Workgroup; C:\PVSW\Bin\WGE_SRV.EXE [2006-12-07 32768] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-03-25 359160] S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-03-26 310008] S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-03-26 166648] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-01-09 72704] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-03-25 88824] S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-03-26 1010424] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- merci de votre aide cordialement calou41

Bonsoir Pear, merci de votre aide! Pas facile ce truc invisible! voici le post de rsit : Logfile of random's system information tool 1.06 (written by random/random) Run by PASCAL at 2010-01-26 21:49:20 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 36 GB (51%) free of 70 GB Total RAM: 3062 MB (73% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:49:37, on 26/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\brss01a.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PVSW\Bin\WGE_SRV.EXE C:\WINDOWS\System32\svchost.exe C:\PVSW\BIN\W3dbsmgr.EXE C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Protector Suite QL\menusw.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\PASCAL\Bureau\RSIT\RSIT.exe C:\driver\HIJACKTHIS\PASCAL.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [biomenu] "C:\Program Files\Protector Suite QL\menusw.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [windef.exe] C:\WINDOWS\system32\windef.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [windef.exe] C:\WINDOWS\system32\windef.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) - Unknown owner - C:\PVSW\Bin\WGE_SRV.EXE O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- End of file - 7933 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-15 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-04-28 766041] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-12-13 88204] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-15 149280] "Biomenu"=C:\Program Files\Protector Suite QL\menusw.exe [2005-08-30 1371648] "PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] ""= [] "RoxWatchTray"=C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-03-26 228088] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-12-28 98304] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] C:\WINDOWS\system32\fusstub.dll [2005-08-30 39936] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli fusstub [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-01-26 21:49:18 ----A---- C:\WINDOWS\IE4 Error Log.txt 2010-01-25 16:27:32 ----D---- C:\Program Files\Yooda 2010-01-21 13:28:33 ----A---- C:\WINDOWS\system32\QTUninst.dll 2010-01-21 13:18:45 ----A---- C:\WINDOWS\uninst.exe 2010-01-20 12:28:36 ----D---- C:\Casse chez Crabb & Sons 2010-01-20 10:32:52 ----D---- C:\Documents and Settings\PASCAL\Application Data\Research In Motion 2010-01-19 20:07:24 ----D---- C:\Documents and Settings\PASCAL\Application Data\Protector Suite 2010-01-19 16:27:41 ----RSH---- C:\WINDOWS\system32\windef.exe 2010-01-19 14:37:58 ----HD---- C:\WINDOWS\PIF 2010-01-18 13:48:06 ----D---- C:\rsit 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\javaws.exe 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\javaw.exe 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\java.exe 2010-01-15 17:53:48 ----A---- C:\WINDOWS\system32\deploytk.dll 2010-01-14 14:29:11 ----A---- C:\WINDOWS\system32\lsdelete.exe 2010-01-14 11:49:06 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-14 11:40:03 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2010-01-14 11:39:22 ----D---- C:\Program Files\Lavasoft 2010-01-14 11:39:21 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2010-01-14 10:06:14 ----D---- C:\Program Files\Fichiers communs\Sonic Shared 2010-01-14 10:06:11 ----D---- C:\Program Files\Roxio 2010-01-14 10:01:52 ----D---- C:\Documents and Settings\PASCAL\Application Data\Blackberry Desktop 2010-01-14 10:00:37 ----D---- C:\Program Files\Fichiers communs\Research In Motion 2010-01-13 15:43:42 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic 2010-01-13 15:39:40 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio 2010-01-13 15:39:32 ----D---- C:\Program Files\Fichiers communs\Roxio Shared 2010-01-13 15:32:06 ----D---- C:\Program Files\Research In Motion 2010-01-13 15:25:30 ----SHD---- C:\WINDOWS\ftpcache 2010-01-13 13:15:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 13:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-13 09:22:20 ----A---- C:\WINDOWS\system32\hpz3l4sa.dll 2010-01-13 09:22:19 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2010-01-13 09:22:14 ----A---- C:\WINDOWS\system32\AddPort.ini 2010-01-13 09:21:04 ----A---- C:\WINDOWS\hpntwksetup.ini 2010-01-13 09:20:36 ----D---- C:\TEMP 2010-01-13 09:19:09 ----D---- C:\WINDOWS\ccr 2010-01-13 09:18:28 ----HD---- C:\Config.Msi 2010-01-13 09:18:12 ----D---- C:\Program Files\HP 2010-01-12 23:39:44 ----D---- C:\WINDOWS\Minidump 2010-01-11 22:16:43 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2010-01-11 22:15:21 ----D---- C:\Documents and Settings\PASCAL\Application Data\AdobeUM 2010-01-11 09:20:34 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2010-01-10 14:02:04 ----D---- C:\Documents and Settings\PASCAL\Application Data\Malwarebytes 2010-01-10 14:01:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-01-10 14:01:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-10 11:45:44 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-01-10 11:45:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-10 09:09:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-01-10 09:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2010-01-10 09:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2010-01-10 09:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2010-01-10 09:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-01-09 22:46:44 ----A---- C:\WINDOWS\system32\unrar.dll 2010-01-09 22:46:43 ----A---- C:\WINDOWS\avisplitter.ini 2010-01-09 22:46:40 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2010-01-09 22:46:40 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2010-01-09 22:46:40 ----A---- C:\WINDOWS\system32\xvidcore.dll 2010-01-09 22:46:36 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2010-01-09 22:46:36 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2010-01-09 22:46:33 ----D---- C:\Program Files\K-Lite Codec Pack 2010-01-09 19:44:12 ----A---- C:\WINDOWS\system32\FileOps.exe 2010-01-09 19:44:11 ----D---- C:\WINDOWS\system32\Adobe 2010-01-09 19:29:43 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2010-01-09 19:24:02 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared 2010-01-09 17:50:03 ----D---- C:\WINDOWS\Sun 2010-01-09 17:50:03 ----D---- C:\Documents and Settings\PASCAL\Application Data\Sun 2010-01-09 13:57:49 ----D---- C:\Program Files\IZArc 2010-01-09 12:37:58 ----D---- C:\Program Files\CCleaner 2010-01-09 12:00:33 ----D---- C:\WINDOWS\Prefetch 2010-01-09 11:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-01-09 11:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-01-09 11:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-01-09 11:56:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-01-09 11:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-01-09 11:56:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-01-09 11:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-01-09 11:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-01-09 11:56:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-01-09 11:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-01-09 11:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2010-01-09 11:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-01-09 11:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2010-01-09 11:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2010-01-09 11:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2010-01-09 11:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-01-09 11:55:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-01-09 11:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-01-09 11:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-01-09 11:54:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-01-09 11:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-01-09 11:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$ 2010-01-09 11:54:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-01-09 11:54:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-01-09 11:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-01-09 11:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-01-09 11:53:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2010-01-09 11:53:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-01-09 11:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2010-01-09 11:53:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-01-09 11:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-01-09 11:53:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-01-09 11:52:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-01-09 11:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-01-09 11:52:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-01-09 11:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-01-09 11:52:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-01-09 11:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-01-09 11:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-01-09 11:51:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-01-09 11:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2010-01-09 11:51:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-01-09 11:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-01-09 11:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-01-09 11:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-01-09 11:45:42 ----D---- C:\WINDOWS\l2schemas 2010-01-09 11:45:41 ----D---- C:\WINDOWS\system32\fr 2010-01-09 11:45:41 ----D---- C:\WINDOWS\system32\bits 2010-01-09 11:37:40 ----D---- C:\WINDOWS\network diagnostic 2010-01-09 11:30:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-01-09 11:12:59 ----D---- C:\WINDOWS\system32\XPSViewer 2010-01-09 11:12:54 ----D---- C:\Program Files\MSBuild 2010-01-09 11:12:52 ----D---- C:\WINDOWS\system32\en-US 2010-01-09 11:12:46 ----D---- C:\Program Files\Reference Assemblies 2010-01-09 11:12:12 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2010-01-09 11:12:12 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2010-01-09 11:12:12 ----N---- C:\WINDOWS\system32\prntvpt.dll 2010-01-09 11:12:11 ----D---- C:\9de6f3d6823d184b4f352867bc2e 2010-01-09 11:08:13 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2010-01-09 11:08:07 ----D---- C:\Program Files\MSXML 6.0 2010-01-09 10:59:45 ----D---- C:\WINDOWS\ie8updates 2010-01-09 10:58:43 ----D---- C:\WINDOWS\WBEM 2010-01-09 10:57:20 ----HDC---- C:\WINDOWS\ie8 2010-01-09 10:57:20 ----D---- C:\WINDOWS\system32\fr-FR 2010-01-09 10:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2010-01-09 10:48:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2010-01-09 10:47:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ 2010-01-09 10:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2010-01-09 10:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2010-01-09 10:47:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$ 2010-01-09 10:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$ 2010-01-09 10:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-01-09 10:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-01-09 10:47:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$ 2010-01-09 10:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2010-01-09 10:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$ 2010-01-09 10:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$ 2010-01-09 10:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2_0$ 2010-01-09 10:46:17 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2010-01-09 10:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2010-01-09 10:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$ 2010-01-09 10:41:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971557_0$ 2010-01-09 10:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$ 2010-01-09 10:41:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$ 2010-01-09 10:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$ 2010-01-09 10:39:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$ 2010-01-09 10:38:54 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$ 2010-01-09 10:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2010-01-09 10:38:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633_0$ 2010-01-09 10:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-01-09 10:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$ 2010-01-09 10:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$ 2010-01-09 10:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2010-01-09 10:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$ 2010-01-09 10:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$ 2010-01-09 10:36:12 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$ 2010-01-09 10:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$ 2010-01-09 10:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-01-09 10:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$ 2010-01-09 10:35:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2010-01-09 10:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$ 2010-01-09 10:34:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$ 2010-01-09 10:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2010-01-09 10:34:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$ 2010-01-09 10:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-01-09 10:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$ 2010-01-09 10:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2010-01-09 10:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$ 2010-01-09 10:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2010-01-09 10:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-01-09 10:32:10 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$ 2010-01-09 10:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$ 2010-01-09 10:31:44 ----D---- C:\WINDOWS\ServicePackFiles 2010-01-09 10:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2010-01-09 10:31:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$ 2010-01-09 10:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$ 2010-01-09 10:31:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2010-01-09 10:30:03 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-09 10:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2010-01-09 10:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2010-01-09 10:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2010-01-09 10:29:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ 2010-01-09 10:28:51 ----D---- C:\Program Files\MSXML 4.0 2010-01-09 10:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2010-01-09 10:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$ 2010-01-09 10:28:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$ 2010-01-09 10:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$ 2010-01-09 10:27:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$ 2010-01-09 09:55:11 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-01-09 09:32:19 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-01-08 19:50:32 ----SHD---- C:\WINDOWS\Installer 2010-01-08 19:50:32 ----SHD---- C:\RECYCLER 2010-01-08 19:50:32 ----SD---- C:\WINDOWS\Tasks 2010-01-08 19:50:32 ----SD---- C:\WINDOWS\system32\Microsoft 2010-01-08 19:50:32 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-08 19:50:32 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-08 19:50:32 ----RSD---- C:\WINDOWS\Fonts 2010-01-08 19:50:32 ----RSD---- C:\WINDOWS\assembly 2010-01-08 19:50:32 ----RD---- C:\WINDOWS\Web 2010-01-08 19:50:32 ----RD---- C:\WINDOWS\Offline Web Pages 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\inf 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\I386 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB924496$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB924191$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB923414$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB923191$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB922819$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB922616$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB922582$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB921883$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB921398$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920872$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920685$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920683$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920670$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB920214$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB919007$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB918899$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB918439$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917953$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917734_WMP10$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917422$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917344$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB917159$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB916595$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB914389$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB914388$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB913580$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB913446$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB912919$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911927$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911567$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911565$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911564$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911562$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB911280$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB910728$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB910437$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB908531$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB908519$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB905749$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB905414$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB904706$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB902400$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB901214$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB901190$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB901017$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB900725$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB900485$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB899591$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB899589$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB899587$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB898461$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB898458$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896428$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896424$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896423$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896422$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896358$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB896256$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB894391$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB893756$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB891781$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB890859$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB890046$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888302$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888239$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888113$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB887742$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB887472$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB886185$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB885836$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB885835$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB885250$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$NtUninstallKB873339$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2010-01-08 19:50:32 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-08 19:50:32 ----HD---- C:\Program Files\WindowsUpdate 2010-01-08 19:50:32 ----HD---- C:\Program Files\Uninstall Information 2010-01-08 19:50:32 ----D---- C:\WINDOWS\WinSxS 2010-01-08 19:50:32 ----D---- C:\WINDOWS\twain_32 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Temp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\xircom 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\wins 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\wbem 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\usmt 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\URTTemp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\spool 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ShellExt 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Setup 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\RTCOM 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Restore 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ras 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\QuickTime 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\PreInstall 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\oobe 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\npp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\mui 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\MsDtc 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Macromed 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Lang 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\inetsrv 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\IME 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\icsxml 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\ias 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\export 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\drivers 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\DirectX 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\dhcp 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\config 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\Com 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\CatRoot 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\3com_dmi 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\3076 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\2052 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1054 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1042 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1041 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1037 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1036 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1033 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1031 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1028 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32\1025 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system32 2010-01-08 19:50:32 ----D---- C:\WINDOWS\system 2010-01-08 19:50:32 ----D---- C:\WINDOWS\srchasst 2010-01-08 19:50:32 ----D---- C:\WINDOWS\SoftwareDistribution 2010-01-08 19:50:32 ----D---- C:\WINDOWS\security 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Resources 2010-01-08 19:50:32 ----D---- C:\WINDOWS\REPAIR 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Registration 2010-01-08 19:50:32 ----D---- C:\WINDOWS\RegisteredPackages 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Provisioning 2010-01-08 19:50:32 ----D---- C:\WINDOWS\PeerNet 2010-01-08 19:50:32 ----D---- C:\WINDOWS\pchealth 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Options 2010-01-08 19:50:32 ----D---- C:\WINDOWS\mui 2010-01-08 19:50:32 ----D---- C:\WINDOWS\msapps 2010-01-08 19:50:32 ----D---- C:\WINDOWS\msagent 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Microsoft.NET 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Media 2010-01-08 19:50:32 ----D---- C:\WINDOWS\java 2010-01-08 19:50:32 ----D---- C:\WINDOWS\ime 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Help 2010-01-08 19:50:32 ----D---- C:\WINDOWS\ehome 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Driver Cache 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Debug 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Cursors 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Connection Wizard 2010-01-08 19:50:32 ----D---- C:\WINDOWS\Config 2010-01-08 19:50:32 ----D---- C:\WINDOWS\AppPatch 2010-01-08 19:50:32 ----D---- C:\WINDOWS\addins 2010-01-08 19:50:32 ----D---- C:\WINDOWS 2010-01-08 19:50:32 ----D---- C:\Program Files\xerox 2010-01-08 19:50:32 ----D---- C:\Program Files\Windows NT 2010-01-08 19:50:32 ----D---- C:\Program Files\Windows Media Player 2010-01-08 19:50:32 ----D---- C:\Program Files\Synaptics 2010-01-08 19:50:32 ----D---- C:\Program Files\Sonic 2010-01-08 19:50:32 ----D---- C:\Program Files\Services en ligne 2010-01-08 19:50:32 ----D---- C:\Program Files\Realtek 2010-01-08 19:50:32 ----D---- C:\Program Files\QuickTime 2010-01-08 19:50:32 ----D---- C:\Program Files\Protector Suite QL 2010-01-08 19:50:32 ----D---- C:\Program Files\Outlook Express 2010-01-08 19:50:32 ----D---- C:\Program Files\Online Services 2010-01-08 19:50:32 ----D---- C:\Program Files\NetMeeting 2010-01-08 19:50:32 ----D---- C:\Program Files\MSN Gaming Zone 2010-01-08 19:50:32 ----D---- C:\Program Files\MSN 2010-01-08 19:50:32 ----D---- C:\Program Files\Movie Maker 2010-01-08 19:50:32 ----D---- C:\Program Files\microsoft frontpage 2010-01-08 19:50:32 ----D---- C:\Program Files\Messenger 2010-01-08 19:50:32 ----D---- C:\Program Files\McAfee 2010-01-08 19:50:32 ----D---- C:\Program Files\Java 2010-01-08 19:50:31 ----SHD---- C:\DRIVERS 2010-01-08 19:50:31 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-01-08 19:50:31 ----RSHD---- C:\cmdcons 2010-01-08 19:50:31 ----RD---- C:\Program Files 2010-01-08 19:50:31 ----HD---- C:\Program Files\InstallShield Installation Information 2010-01-08 19:50:31 ----HD---- C:\PNP 2010-01-08 19:50:31 ----D---- C:\Program Files\Internet Explorer 2010-01-08 19:50:31 ----D---- C:\Program Files\Intel 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\System 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\SureThing Shared 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Services 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Protector Suite QL 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\ODBC 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\MSSoap 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Java 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\InstallShield 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-01-08 19:50:31 ----D---- C:\Program Files\Fichiers communs 2010-01-08 19:50:31 ----D---- C:\Program Files\CyberLink 2010-01-08 19:50:31 ----D---- C:\Program Files\ComPlus Applications 2010-01-08 19:50:31 ----D---- C:\Program Files\Adobe 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\SBSI 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\Network Associates 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2010-01-08 19:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-01-08 19:50:31 ----D---- C:\Documents and Settings 2010-01-08 19:50:31 ----D---- C:\APPS 2010-01-08 19:50:31 ----AHD---- C:\DIVTOOLS 2010-01-08 19:50:29 ----SHD---- C:\System Volume Information 2010-01-08 18:39:08 ----HDC---- C:\Documents and Settings\All Users\Application Data\{4890FF13-BFC8-467A-AD6A-71025F041ADD} 2010-01-08 16:43:21 ----A---- C:\WINDOWS\BO9420CN.INI 2010-01-08 16:42:53 ----D---- C:\Documents and Settings\PASCAL\Application Data\EBP 2010-01-08 16:42:53 ----D---- C:\Documents and Settings\All Users\Application Data\EBP 2010-01-08 16:42:39 ----A---- C:\WINDOWS\system32\cdintf400.dll 2010-01-08 16:41:43 ----D---- C:\Program Files\Fichiers communs\EBP 2010-01-08 16:40:49 ----HDC---- C:\Documents and Settings\All Users\Application Data\{FE069067-C990-443D-9D40-5996B35ACE1D} 2010-01-08 16:40:34 ----D---- C:\Program Files\EBP 2010-01-08 16:31:38 ----D---- C:\Documents and Settings\PASCAL\Application Data\Adobe 2010-01-08 16:20:32 ----A---- C:\WINDOWS\system32\brss01a.ini 2010-01-08 16:20:32 ----A---- C:\WINDOWS\BRPP2KA.INI 2010-01-08 16:19:27 ----A---- C:\WINDOWS\Brpfx04a.ini 2010-01-08 16:19:27 ----A---- C:\WINDOWS\brpcfx.ini 2010-01-08 16:19:10 ----N---- C:\WINDOWS\system32\brinsstr.dll 2010-01-08 16:18:55 ----D---- C:\Program Files\Common Files 2010-01-08 16:18:55 ----A---- C:\WINDOWS\system32\BrWiaNCp.dll 2010-01-08 16:18:55 ----A---- C:\WINDOWS\system32\Brnsplg.dll 2010-01-08 16:18:55 ----A---- C:\WINDOWS\system32\BrNetSti.dll 2010-01-08 16:18:54 ----A---- C:\WINDOWS\system32\BrWia05b.dll 2010-01-08 16:18:53 ----D---- C:\Brother 2010-01-08 16:18:53 ----A---- C:\WINDOWS\system32\BrfxD05a.dll 2010-01-08 16:18:52 ----A---- C:\WINDOWS\system32\NSSearch.dll 2010-01-08 16:18:52 ----A---- C:\WINDOWS\system32\BrMuSNMP.dll 2010-01-08 16:18:52 ----A---- C:\WINDOWS\brunin03.dll 2010-01-08 16:16:39 ----A---- C:\WINDOWS\maxlink.ini 2010-01-08 16:16:22 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2010-01-08 16:16:12 ----D---- C:\Program Files\Fichiers communs\ScanSoft Shared 2010-01-08 16:16:05 ----D---- C:\Program Files\ScanSoft 2010-01-08 16:16:05 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft 2010-01-08 16:15:10 ----D---- C:\Documents and Settings\All Users\Application Data\Brother 2010-01-08 16:07:26 ----A---- C:\WINDOWS\bti.ini 2010-01-08 16:06:51 ----D---- C:\Program Files\Fichiers communs\Pervasive Software Shared 2010-01-08 16:06:50 ----A---- C:\WINDOWS\keyhh.exe 2010-01-08 16:06:49 ----A---- C:\WINDOWS\IsUninst.exe 2010-01-08 16:06:47 ----D---- C:\PVSW 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\pscore.dll 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\pscl.dll 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\nwlocale.dll 2010-01-08 16:06:44 ----A---- C:\WINDOWS\system32\mfcoleui.dll 2010-01-08 16:06:06 ----D---- C:\Install 2010-01-08 15:57:16 ----RD---- C:\Documents and Settings\PASCAL\Application Data\Brother 2010-01-08 15:56:49 ----A---- C:\WINDOWS\BRVIDEO.INI 2010-01-08 15:56:49 ----A---- C:\WINDOWS\Brownie.ini 2010-01-08 15:56:49 ----A---- C:\WINDOWS\BRDIAG.INI 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRVPDNTA.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRVPD95A.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRRBTOOL.EXE 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BROSNMP.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRLM03A.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRGSRC32.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\BRGSRC16.DLL 2010-01-08 15:56:42 ----A---- C:\WINDOWS\system32\Brdiag2.exe 2010-01-08 15:56:41 ----D---- C:\Program Files\Brownie 2010-01-08 15:56:41 ----A---- C:\WINDOWS\HL-2070N.INI 2010-01-08 15:56:15 ----A---- C:\WINDOWS\BRWMARK.INI 2010-01-08 15:56:03 ----N---- C:\WINDOWS\system32\PTRCFRE.DLL 2010-01-08 15:55:59 ----D---- C:\Program Files\Brother 2010-01-08 15:55:59 ----A---- C:\WINDOWS\system32\PDRVINST.DLL 2010-01-08 15:55:59 ----A---- C:\WINDOWS\system32\BRWEBUP.EXE 2010-01-08 15:55:59 ----A---- C:\WINDOWS\system32\BrWebIns.dll 2010-01-08 15:05:56 ----A---- C:\WINDOWS\Gcr70fr.INI 2010-01-08 15:05:52 ----A---- C:\WINDOWS\gescap.ini 2010-01-08 15:05:49 ----D---- C:\CIEL 2010-01-08 15:05:31 ----N---- C:\WINDOWS\system32\CRUN500.DLL 2010-01-08 14:08:02 ----A---- C:\WINDOWS\ODBC.INI 2010-01-08 14:07:55 ----A---- C:\WINDOWS\system32\mdimon.dll 2010-01-08 14:05:35 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2010-01-08 14:05:28 ----D---- C:\Program Files\Microsoft Works 2010-01-08 14:05:15 ----D---- C:\Program Files\Microsoft Visual Studio 2010-01-08 14:04:43 ----D---- C:\WINDOWS\SHELLNEW 2010-01-08 14:04:17 ----D---- C:\Program Files\Microsoft.NET 2010-01-08 14:04:17 ----D---- C:\Program Files\Microsoft Office 2010-01-08 12:23:57 ----D---- C:\Program Files\Avira 2010-01-08 12:23:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-01-08 12:22:34 ----A---- C:\WINDOWS\myClean.bat 2010-01-08 12:19:28 ----D---- C:\driver 2010-01-08 12:06:42 ----ASH---- C:\Documents and Settings\PASCAL\Application Data\desktop.ini 2010-01-08 12:06:41 ----SD---- C:\Documents and Settings\PASCAL\Application Data\Microsoft 2010-01-08 12:06:41 ----D---- C:\Documents and Settings\PASCAL\Application Data\Macromedia 2010-01-08 12:06:41 ----D---- C:\Documents and Settings\PASCAL\Application Data\Identities ======List of files/folders modified in the last 1 months====== 2010-01-26 19:59:54 ----N---- C:\WINDOWS\SchedLgU.Txt 2010-01-19 15:34:57 ----A---- C:\WINDOWS\win.ini 2010-01-10 09:32:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-01-08 12:08:02 ----RASH---- C:\BOOT.INI 2010-01-08 12:01:35 ----A---- C:\WINDOWS\system.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-01-08 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-01-08 56816] R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537] R2 FdRedir;FdRedir; \??\C:\Program Files\Fichiers communs\Protector Suite QL\Drivers\FdRedir.sys [] R2 FileDisk2;FileDisk Protector Kernel Driver; \??\C:\Program Files\Fichiers communs\Protector Suite QL\Drivers\filedisk.sys [] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-12-13 1124097] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-03-16 4249088] R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928] R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496] R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-04-28 193056] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-02-01 28800] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-02-25 1428480] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] S3 RimUsb;Appareil BlackBerry; C:\WINDOWS\System32\Drivers\RimUsb.sys [2006-11-07 22272] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-01-08 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-01-08 185089] R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2004-06-14 57344] R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266] R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672] R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440] R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-15 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-14 1181328] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 Pervasive.SQL Workgroup;EBP - Pervasive.SQL Workgroup; C:\PVSW\Bin\WGE_SRV.EXE [2006-12-07 32768] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-03-25 359160] S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-03-26 310008] S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-03-26 166648] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-01-09 72704] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-03-25 88824] S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-03-26 1010424] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- mais il n'y en 1 seul je le refais cordialement calou41

Bonjour, merci de votre réponse et de votre aide. J'ai installeé et exécuté rkill, puis mbam qui ne trouve rien! Mais, le panneau avir me signalant le virus est bien toujours présent !! voici le post de mbam : Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3640 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/01/2010 14:02:15 mbam-log-2010-01-26 (14-02-15).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 214688 Temps écoulé: 1 hour(s), 42 minute(s), 54 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Que dois je faire? merci de votre soutien cordialement calou41

Bonjour, je suis nouveau sur ce forum et pas très bon en informatique. J'ai lu pleins de postes sur le meme problème mais évidement ce n'est pas tout a fait le meme souci. Avir me signale que j'ai un virus dans un fichier temps qui se régénre tout seul dan smes fichiers temp. Je suis monté en xp pro pack 3. C'est un pc pro ! J'ai lu qu'il fallais un rapport hijackthis donc le voici : (même si c'est du chinois pour moi) UN ebonne âme pourrait elle m'aider ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:59:45, on 25/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\brss01a.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\Explorer.EXE c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Protector Suite QL\menusw.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\PVSW\Bin\WGE_SRV.EXE C:\WINDOWS\System32\svchost.exe C:\PVSW\BIN\W3dbsmgr.EXE C:\WINDOWS\system32\svchost.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\igfxsrvc.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\EBP\GestionCommerciale14.0\Gestion.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\driver\HIJACKTHIS\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [biomenu] "C:\Program Files\Protector Suite QL\menusw.exe" O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [windef.exe] C:\WINDOWS\system32\windef.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [windef.exe] C:\WINDOWS\system32\windef.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) - Unknown owner - C:\PVSW\Bin\WGE_SRV.EXE O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- End of file - 8147 bytes merci de votre aide cordialement calou41