Antivir me détecte un virus increvable...

[Ekarissor]

Bonsoir à tous,

chaque fois que quelqu'un ouvre une session sur mon PC, Antivir ouvre deux fenêtres pour me dire qu'il a détecté un seul et même virus: HTML/Crypted.gen.

Que je l'efface, le mette en quarantaine ou lui interdise de se propager, quoi que je fasse, il réapparait à chaque réouverture de session.

Est-ce que quelqu'un saurait le faire disparaitre et me dire s'il est dangeureux ou pas ?

[Falkra]

Bonsoir.

 

Cool, un truc coriace.

 

Désactive Antivir le temps de ce scan, sinon ça pourrait ne pas laisser apparaître des fichiers.

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  

[Ekarissor]

log.txt

 

 

Logfile of random's system information tool 1.02 (written by random/random)

Run by Alexandre at 2008-09-22 18:07:26

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 252 GB (87%) free of 290 GB

Total RAM: 2038 MB (52% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:07:59, on 22/09/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\WLTRAY.EXE

C:\Windows\System32\MediaButtons.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\DELLOSD.exe

C:\Windows\System32\TestUnitReady.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Users\Alexandre\Desktop\RSIT.exe

C:\Program Files\trend micro\Alexandre.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=4080910

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [DellOSD] C:\Windows\System32\MediaButtons.exe

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Logitech SetPoint.lnk = ?

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O13 - Gopher Prefix:

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

 

--

End of file - 7819 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]

CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-16 5296128]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-25 150040]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-25 170520]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-25 141848]

"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]

"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-05-16 3444736]

"DellOSD"=C:\Windows\System32\MediaButtons.exe [2008-05-08 2166784]

"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

"Adobe Reader Speed Launcher"=c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-09-17 1783808]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-01-23 101136]

"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-01-12 488984]

"LVCOMSX"=C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe [2007-01-12 244512]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]

C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-09-10 10536]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-04-19 208896]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=95000000

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======List of files/folders created in the last 1 months======

 

2008-09-22 18:07:27 ----DC---- C:\Program Files\trend micro

2008-09-22 18:07:26 ----DC---- C:\rsit

2008-09-20 18:52:08 ----AC---- C:\Windows\system32\AudPlayer.dll

2008-09-20 18:52:08 ----AC---- C:\Windows\system32\AudioVisu.dll

2008-09-20 18:52:08 ----AC---- C:\Windows\system32\AudioRecord.dll

2008-09-20 18:52:08 ----AC---- C:\Windows\system32\AudioInfos.dll

2008-09-20 18:52:08 ----AC---- C:\Windows\system32\AudFile.dll

2008-09-20 18:52:08 ----AC---- C:\Windows\system32\AudDisplay.dll

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\VB6STKIT.DLL

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\VB6FR.DLL

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\TABCTFR.DLL

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\MSCMCFR.DLL

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\Mscc2fr.dll

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\inetfr.DLL

2008-09-20 18:52:07 ----AC---- C:\Windows\system32\AudDesign.dll

2008-09-20 18:52:06 ----DC---- C:\Program Files\Free Audio Pack

2008-09-20 18:52:06 ----AC---- C:\Windows\system32\msvcr70.dll

2008-09-20 18:52:06 ----AC---- C:\Windows\system32\lame_enc.dll

2008-09-20 18:52:06 ----AC---- C:\Windows\system32\CMDLGFR.DLL

2008-09-20 18:38:26 ----DC---- C:\Program Files\Free Video Converter

2008-09-20 18:02:13 ----DC---- C:\Windows\Downloaded Installations

2008-09-20 14:44:01 ----DC---- C:\Users\Alexandre\AppData\Roaming\Template

2008-09-20 01:31:00 ----DC---- C:\Program Files\Real

2008-09-20 01:30:40 ----DC---- C:\Users\Alexandre\AppData\Roaming\Real

2008-09-18 13:30:46 ----DC---- C:\Users\Alexandre\AppData\Roaming\Logitech

2008-09-18 13:30:19 ----DC---- C:\Program Files\Common Files\LogiShrd

2008-09-18 13:26:16 ----AC---- C:\Windows\system32\KemXML.dll

2008-09-18 13:26:16 ----AC---- C:\Windows\system32\kemutb.dll

2008-09-18 13:26:15 ----AC---- C:\Windows\system32\KemWnd.dll

2008-09-18 13:26:15 ----AC---- C:\Windows\system32\KemUtil.dll

2008-09-18 13:25:35 ----DC---- C:\ProgramData\Logitech

2008-09-18 13:25:32 ----DC---- C:\Program Files\Logitech

2008-09-18 13:25:29 ----DC---- C:\Program Files\Common Files\Logitech

2008-09-18 01:23:03 ----DC---- C:\Users\Alexandre\AppData\Roaming\CyberLink

2008-09-18 01:10:25 ----A---- C:\Windows\system32\wups2.dll

2008-09-18 01:10:25 ----A---- C:\Windows\system32\wucltux.dll

2008-09-18 01:10:25 ----A---- C:\Windows\system32\wuauclt.exe

2008-09-18 01:10:22 ----A---- C:\Windows\system32\wuaueng.dll

2008-09-18 01:09:51 ----A---- C:\Windows\system32\wups.dll

2008-09-18 01:09:51 ----A---- C:\Windows\system32\wudriver.dll

2008-09-18 01:09:51 ----A---- C:\Windows\system32\wuapi.dll

2008-09-18 01:09:33 ----A---- C:\Windows\system32\wuwebv.dll

2008-09-18 01:09:33 ----A---- C:\Windows\system32\wuapp.exe

2008-09-18 00:47:51 ----DC---- C:\ProgramData\Avira

2008-09-18 00:47:51 ----DC---- C:\Program Files\Avira

2008-09-17 18:21:58 ----A---- C:\Windows\system32\Apphlpdm.dll

2008-09-17 18:21:57 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2008-09-17 04:12:17 ----DC---- C:\Users\Alexandre\AppData\Roaming\Apple Computer

2008-09-17 04:11:47 ----AC---- C:\Windows\system32\GEARAspi.dll

2008-09-17 04:11:46 ----DC---- C:\Windows\system32\DRVSTORE

2008-09-17 04:11:12 ----DC---- C:\Program Files\iPod

2008-09-17 04:11:07 ----DC---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-09-17 04:11:07 ----DC---- C:\Program Files\iTunes

2008-09-17 04:06:15 ----DC---- C:\Program Files\Bonjour

2008-09-17 04:04:29 ----DC---- C:\Program Files\QuickTime

2008-09-17 04:04:28 ----DC---- C:\ProgramData\Apple Computer

2008-09-17 04:03:43 ----DC---- C:\Program Files\Apple Software Update

2008-09-17 04:02:42 ----DC---- C:\Program Files\Common Files\Apple

2008-09-17 04:02:41 ----DC---- C:\ProgramData\Apple

2008-09-17 03:52:24 ----A---- C:\Windows\system32\tzres.dll

2008-09-17 03:45:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll

2008-09-17 03:45:14 ----A---- C:\Windows\system32\NlsLexicons0009.dll

2008-09-17 03:44:57 ----A---- C:\Windows\system32\NaturalLanguage6.dll

2008-09-17 03:40:27 ----A---- C:\Windows\system32\IPSECSVC.DLL

2008-09-17 03:40:23 ----A---- C:\Windows\system32\rpcrt4.dll

2008-09-17 03:40:23 ----A---- C:\Windows\system32\ntoskrnl.exe

2008-09-17 03:40:23 ----A---- C:\Windows\system32\ntkrnlpa.exe

2008-09-17 03:40:22 ----A---- C:\Windows\system32\pacerprf.dll

2008-09-17 03:40:14 ----A---- C:\Windows\system32\shell32.dll

2008-09-17 03:40:04 ----A---- C:\Windows\system32\es.dll

2008-09-17 03:40:01 ----A---- C:\Windows\system32\wmpeffects.dll

2008-09-17 03:39:54 ----A---- C:\Windows\system32\mshtml.dll

2008-09-17 03:39:52 ----A---- C:\Windows\system32\wininet.dll

2008-09-17 03:39:52 ----A---- C:\Windows\system32\ieframe.dll

2008-09-17 03:39:51 ----A---- C:\Windows\system32\urlmon.dll

2008-09-17 03:39:49 ----A---- C:\Windows\system32\mstime.dll

2008-09-17 03:39:46 ----A---- C:\Windows\system32\jsproxy.dll

2008-09-17 03:39:39 ----A---- C:\Windows\system32\emdmgmt.dll

2008-09-17 03:39:38 ----A---- C:\Windows\system32\dataclen.dll

2008-09-17 03:39:38 ----A---- C:\Windows\system32\cdd.dll

2008-09-17 03:39:35 ----A---- C:\Windows\system32\vbscript.dll

2008-09-17 03:39:35 ----A---- C:\Windows\system32\jscript.dll

2008-09-17 03:39:34 ----A---- C:\Windows\system32\wshext.dll

2008-09-17 03:39:34 ----A---- C:\Windows\system32\wscript.exe

2008-09-17 03:39:34 ----A---- C:\Windows\system32\scrobj.dll

2008-09-17 03:39:34 ----A---- C:\Windows\system32\cscript.exe

2008-09-17 03:39:33 ----A---- C:\Windows\system32\scrrun.dll

2008-09-17 03:39:31 ----A---- C:\Windows\system32\inetcomm.dll

2008-09-17 03:27:10 ----DC---- C:\Windows\PCHEALTH

2008-09-17 03:22:52 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller

2008-09-17 03:22:39 ----DC---- C:\Program Files\Windows Live

2008-09-17 03:21:58 ----DC---- C:\ProgramData\WLInstaller

2008-09-17 03:20:37 ----DC---- C:\Program Files\CCleaner

2008-09-17 03:19:26 ----DC---- C:\Program Files\WinClamAVShield

2008-09-17 03:18:45 ----DC---- C:\Users\Alexandre\AppData\Roaming\Spyware Terminator

2008-09-17 03:18:45 ----DC---- C:\ProgramData\Spyware Terminator

2008-09-17 03:18:41 ----DC---- C:\Program Files\Spyware Terminator

2008-09-17 03:16:06 ----DC---- C:\Users\Alexandre\AppData\Roaming\Macromedia

2008-09-17 03:14:45 ----DC---- C:\Users\Alexandre\AppData\Roaming\Adobe

2008-09-17 03:06:39 ----AC---- C:\Windows\Kit.ini

2008-09-17 03:06:37 ----DC---- C:\Program Files\Wanadoo

2008-09-17 03:03:53 ----DC---- C:\Users\Alexandre\AppData\Roaming\Google

2008-09-17 03:01:12 ----DC---- C:\Program Files\SAGEM

2008-09-17 02:55:15 ----DC---- C:\Program Files\Securitoo

2008-09-16 13:11:06 ----DC---- C:\Users\Alexandre\AppData\Roaming\Identities

2008-09-16 13:10:40 ----AC---- C:\Windows\IMAPIShellExt.dll

2008-09-16 13:10:40 ----AC---- C:\Windows\BurnImage.exe

2008-09-16 13:10:19 ----DC---- C:\Users\Alexandre\AppData\Roaming\Dell

2008-09-16 13:10:02 ----SDC---- C:\Users\Alexandre\AppData\Roaming\Microsoft

2008-09-16 13:10:02 ----DC---- C:\Users\Alexandre\AppData\Roaming\Media Center Programs

2008-09-16 13:06:29 ----SHD---- C:\ProgramData\Modèles

2008-09-16 13:06:29 ----SHD---- C:\ProgramData\Menu Démarrer

2008-09-16 13:06:29 ----SHD---- C:\ProgramData\Favoris

2008-09-16 13:06:29 ----SHD---- C:\ProgramData\Documents

2008-09-16 13:06:29 ----SHD---- C:\ProgramData\Bureau

2008-09-16 13:06:29 ----SHD---- C:\ProgramData\Application Data

2008-09-16 13:06:29 ----SHD---- C:\Program Files\Fichiers communs

2008-09-16 13:06:29 ----SHD---- C:\Documents and Settings

2008-09-10 19:40:44 ----AC---- C:\Windows\csup.txt

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\oemdspif.dll

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxzoom.exe

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxtray.exe

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxext.exe

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxexps.dll

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxdo.dll

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxCoIn_v1472.dll

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igfxcfg.exe

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\igd10umd32.dll

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\ig4icd32.dll

2008-09-10 19:40:35 ----AC---- C:\Windows\system32\ig4dev32.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxTMM.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxsrvc.exe

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxsrvc.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxress.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxpph.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxpers.exe

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igfxdev.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igdumdx32.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\igdumd32.dll

2008-09-10 19:40:35 ----A---- C:\Windows\system32\hkcmd.exe

2008-09-10 19:40:35 ----A---- C:\Windows\system32\hccutils.dll

2008-09-10 19:40:26 ----AC---- C:\Windows\system32\bcmwlcoi.dll

2008-09-10 19:40:26 ----AC---- C:\Windows\system32\bcmihvui.dll

2008-09-10 19:40:26 ----A---- C:\Windows\system32\bcmihvsrv.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\SRSWOW.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\SRSTSXT.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\RtkPgExt.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\RtkCoInst.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\ppChain.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\AERTARen.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\system32\AERTACap.dll

2008-09-10 19:40:20 ----AC---- C:\Windows\RtlUpd.exe

2008-09-10 19:40:20 ----A---- C:\Windows\system32\RtkAPO.dll

2008-09-10 19:40:20 ----A---- C:\Windows\system32\DaisyWrp.dll

2008-09-10 19:40:20 ----A---- C:\Windows\system32\CTAPO32.dll

2008-09-10 19:40:20 ----A---- C:\Windows\system32\AERTSrv.exe

2008-09-10 19:40:20 ----A---- C:\Windows\RtHDVCpl.exe

2008-09-10 19:40:10 ----A---- C:\Windows\system32\hcrstco.dll

2008-09-10 19:40:10 ----A---- C:\Windows\system32\hccoin.dll

2008-09-10 19:40:00 ----A---- C:\Windows\system32\hidserv.dll

2008-09-10 19:40:00 ----A---- C:\Windows\system32\hid.dll

2008-09-10 19:39:38 ----A---- C:\Windows\system32\EncDec.dll

2008-09-10 19:39:37 ----A---- C:\Windows\system32\psisdecd.dll

2008-09-10 19:37:18 ----A---- C:\Windows\system32\gdi32.dll

2008-09-10 19:37:05 ----A---- C:\Windows\system32\RacEngn.dll

2008-09-10 19:37:00 ----A---- C:\Windows\system32\quartz.dll

2008-09-10 19:36:52 ----A---- C:\Windows\system32\gameux.dll

2008-09-10 19:36:31 ----A---- C:\Windows\system32\winresume.exe

2008-09-10 19:36:31 ----A---- C:\Windows\system32\winload.exe

2008-09-10 19:36:31 ----A---- C:\Windows\system32\srdelayed.exe

2008-09-10 19:36:31 ----A---- C:\Windows\system32\srcore.dll

2008-09-10 19:36:31 ----A---- C:\Windows\system32\srclient.dll

2008-09-10 19:36:31 ----A---- C:\Windows\system32\rstrui.exe

2008-09-10 19:36:31 ----A---- C:\Windows\system32\kd1394.dll

2008-09-10 19:36:31 ----A---- C:\Windows\system32\kbd106n.dll

2008-09-10 19:36:30 ----A---- C:\Windows\system32\setbcdlocale.dll

2008-09-10 19:36:30 ----A---- C:\Windows\system32\ci.dll

2008-09-10 19:35:40 ----DC---- C:\Windows\Users

2008-09-10 19:34:05 ----DC---- C:\doctemp

2008-09-10 19:32:44 ----DC---- C:\Windows\system32\oem

2008-09-10 19:32:43 ----DC---- C:\Drivers

2008-09-10 19:32:43 ----DC---- C:\DELL

2008-09-10 11:47:25 ----DC---- C:\Windows\SoftwareDistribution

2008-09-10 11:47:18 ----DC---- C:\Windows\system32\RTCOM

2008-09-10 11:45:23 ----SHD---- C:\System Volume Information

2008-09-10 11:21:02 ----DC---- C:\ProgramData\Adobe

2008-09-10 11:20:59 ----DC---- C:\Program Files\Common Files\Adobe

2008-09-10 11:20:59 ----DC---- C:\Program Files\Adobe

2008-09-10 11:16:24 ----DC---- C:\Program Files\Citrix

2008-09-10 11:14:08 ----DC---- C:\ProgramData\McAfee

2008-09-10 11:14:05 ----DC---- C:\ProgramData\Dell

2008-09-10 11:14:03 ----DC---- C:\ProgramData\CyberLink

2008-09-10 11:13:42 ----AC---- C:\Windows\system32\msvcr71.dll

2008-09-10 11:13:42 ----AC---- C:\Windows\system32\msvcp71.dll

2008-09-10 11:13:42 ----AC---- C:\Windows\system32\MFC71u.dll

2008-09-10 11:13:42 ----AC---- C:\Windows\system32\MFC71.dll

2008-09-10 11:13:41 ----AC---- C:\Windows\system32\atl71.dll

2008-09-10 11:13:34 ----DC---- C:\Program Files\Dell Video Chat

2008-09-10 11:12:57 ----DC---- C:\Program Files\Microsoft Office

2008-09-10 11:12:19 ----DC---- C:\Program Files\Microsoft Works

2008-09-10 11:11:31 ----DC---- C:\ProgramData\SupportSoft

2008-09-10 11:11:23 ----DC---- C:\Program Files\Dell Support Center

2008-09-10 11:10:37 ----DC---- C:\Program Files\Common Files\supportsoft

2008-09-10 11:09:21 ----DC---- C:\ProgramData\Google

2008-09-10 11:09:19 ----DC---- C:\Program Files\Google

2008-09-10 11:05:35 ----AC---- C:\Windows\system32\TestUnitReady.exe.intermediate.manifest

2008-09-10 11:05:35 ----A---- C:\Windows\system32\TestUnitReady.exe

2008-09-10 11:05:35 ----A---- C:\Windows\system32\MediaButtons.exe

2008-09-10 11:05:35 ----A---- C:\Windows\system32\DELLOSD.exe

2008-09-10 11:04:54 ----DC---- C:\Program Files\Realtek

2008-09-10 11:04:26 ----DC---- C:\Program Files\Cisco

2008-09-10 11:03:54 ----AC---- C:\Windows\system32\BCMLogon.dll

2008-09-10 11:03:53 ----AC---- C:\Windows\system32\Uninst_EAPModules.bat

2008-09-10 11:03:52 ----AC---- C:\Windows\system32\vcredist_x86.exe

2008-09-10 11:03:52 ----AC---- C:\Windows\system32\vcredist_x86.bat

2008-09-10 11:03:52 ----AC---- C:\Windows\system32\bcmwlu00.exe

2008-09-10 11:03:52 ----AC---- C:\Windows\system32\bcmttls.dll

2008-09-10 11:03:51 ----A---- C:\Windows\system32\wltrynt.dll

2008-09-10 11:03:51 ----A---- C:\Windows\system32\bcmwlrmt.dll

2008-09-10 11:03:50 ----A---- C:\Windows\system32\WLTRYSVC.EXE

2008-09-10 11:03:50 ----A---- C:\Windows\system32\WLTRAY.EXE

2008-09-10 11:03:50 ----A---- C:\Windows\system32\BCMWLTRY.EXE

2008-09-10 11:03:48 ----DC---- C:\Program Files\Dell

2008-09-10 11:02:31 ----C---- C:\Windows\system32\CTSVCCTL.EXE

2008-09-10 11:02:31 -------- C:\Windows\system32\CTSVCCDA.EXE

2008-09-10 11:02:16 ----DC---- C:\Program Files\Common Files\Creative

2008-09-10 11:02:14 ----HDC---- C:\Program Files\Creative Installation Information

2008-09-10 11:01:59 ----C---- C:\Windows\system32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini

2008-09-10 11:01:58 ----C---- C:\Windows\Updreg.EXE

2008-09-10 11:01:58 ----C---- C:\Windows\system32\CmdRtr.dll

2008-09-10 11:01:58 ----C---- C:\Windows\system32\APOMngr.dll

2008-09-10 11:01:55 ----C---- C:\Windows\system32\Sens_oal.dll

2008-09-10 11:01:55 ----AC---- C:\Windows\system32\wrap_oal.dll

2008-09-10 11:01:55 ----AC---- C:\Windows\system32\OpenAL32.dll

2008-09-10 11:01:24 ----DC---- C:\Program Files\Creative

2008-09-10 11:01:19 ----DC---- C:\ProgramData\Creative Labs

2008-09-10 11:01:19 ----DC---- C:\ProgramData\Creative

2008-09-10 11:01:18 ----DC---- C:\Program Files\Common Files\Creative Labs Shared

2008-09-10 11:01:07 ----HDC---- C:\Program Files\InstallShield Installation Information

2008-09-10 11:01:06 ----DC---- C:\Program Files\Common Files\InstallShield

2008-09-10 11:01:04 ----AC---- C:\Windows\system32\javaws.exe

2008-09-10 11:01:04 ----AC---- C:\Windows\system32\javaw.exe

2008-09-10 11:01:04 ----AC---- C:\Windows\system32\java.exe

2008-09-10 11:00:34 ----DC---- C:\Program Files\Java

2008-09-10 11:00:33 ----DC---- C:\Program Files\Common Files\Java

2008-09-10 11:00:32 ----SHDC---- C:\Windows\Installer

2008-09-10 11:00:05 ----DC---- C:\Windows\system32\Macromed

2008-08-29 10:18:58 ----AC---- C:\Windows\system32\dns-sd.exe

2008-08-29 09:53:50 ----AC---- C:\Windows\system32\dnssd.dll

 

======List of files/folders modified in the last 1 months======

 

2008-09-22 18:07:43 ----DC---- C:\Windows\Prefetch

2008-09-22 18:07:27 ----RDC---- C:\Program Files

2008-09-22 18:07:16 ----DC---- C:\Windows\Temp

2008-09-22 17:15:02 ----DC---- C:\Windows\System32

2008-09-22 17:15:02 ----DC---- C:\Windows\inf

2008-09-22 17:15:02 ----AC---- C:\Windows\system32\PerfStringBackup.INI

2008-09-21 18:00:20 ----DC---- C:\Windows\system32\LogFiles

2008-09-21 17:22:19 ----SDC---- C:\Windows\Downloaded Program Files

2008-09-21 17:03:25 ----DC---- C:\Windows\system32\WDI

2008-09-20 21:19:24 ----DC---- C:\Windows\Logs

2008-09-20 20:26:51 ----DC---- C:\Windows

2008-09-20 18:57:47 ----DC---- C:\Windows\Debug

2008-09-20 18:25:30 ----DC---- C:\Windows\system32\NDF

2008-09-20 17:50:56 ----DC---- C:\Windows\system32\Tasks

2008-09-20 12:29:45 ----DC---- C:\Windows\system32\drivers

2008-09-20 01:32:00 ----DC---- C:\Program Files\Common Files

2008-09-19 14:36:29 ----SHDC---- C:\$Recycle.Bin

2008-09-19 14:35:46 ----RDC---- C:\Users

2008-09-18 13:36:00 ----D---- C:\Windows\rescache

2008-09-18 13:30:30 ----D---- C:\Windows\winsxs

2008-09-18 13:29:07 ----DC---- C:\Windows\system32\catroot

2008-09-18 13:26:47 ----DC---- C:\Windows\system32\catroot2

2008-09-18 13:25:35 ----HDC---- C:\ProgramData

2008-09-18 13:17:29 ----DC---- C:\Windows\system32\fr-FR

2008-09-18 00:59:46 ----RSDC---- C:\Windows\assembly

2008-09-18 00:36:53 ----DC---- C:\Windows\Tasks

2008-09-17 19:06:39 ----DC---- C:\Windows\AppPatch

2008-09-17 18:55:27 ----DC---- C:\PerfLogs

2008-09-17 18:23:36 ----DC---- C:\Windows\ehome

2008-09-17 18:23:16 ----DC---- C:\Program Files\Windows Mail

2008-09-17 04:18:25 ----DC---- C:\Windows\system32\migration

2008-09-17 04:05:51 ----DC---- C:\Program Files\Internet Explorer

2008-09-17 03:26:23 ----DC---- C:\Program Files\Common Files\microsoft shared

2008-09-16 13:06:29 ----DC---- C:\Program Files\Windows NT

2008-09-10 19:36:41 ----D---- C:\Windows\system32\Boot

2008-09-10 19:33:49 ----A---- C:\Windows\system32\tcpmon.ini

2008-09-10 19:32:46 ----DC---- C:\Windows\Setup

2008-09-10 11:48:46 ----DC---- C:\Windows\Microsoft.NET

2008-09-10 11:30:37 ----DC---- C:\Windows\system32\sysprep

2008-09-10 11:30:37 ----DC---- C:\Windows\Panther

2008-09-10 11:12:22 ----SDC---- C:\ProgramData\Microsoft

2008-09-10 11:12:20 ----RSDC---- C:\Windows\Fonts

2008-09-10 11:03:54 ----DC---- C:\Windows\Help

2008-09-10 10:54:37 ----DC---- C:\Windows\system32\restore

2008-08-26 13:28:14 ----AC---- C:\Windows\system32\mrt.exe

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-06-27 75072]

R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-09-17 141312]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2008-05-08 27648]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 BCM43XX;Pilote de la carte réseau local sans fil Wireless de Dell; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-05-16 1044984]

R3 DLXPDisplayName;DLXPDisplayName; C:\Windows\system32\DRIVERS\DLACPI.sys [2008-04-16 14392]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-04-19 2354176]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-16 2077080]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-01-23 33296]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-24 118784]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 e1express;Pilote de la connexion réseau Intel® PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-10 32000]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AERTFilters;Andrea RT Filters Service; C:\Windows\system32\AERTSrv.exe [2008-04-16 73728]

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

R2 Creative Labs Licensing Service;Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [2008-09-10 72704]

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.exe [1999-12-13 44032]

R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-09-17 570880]

R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 202544]

R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-05-16 24064]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-09-10 16680]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

 

-----------------EOF-----------------

 

 

info.txt

 

 

 

info.txt logfile of random's system information tool 1.02 2008-09-22 18:08:03

 

======Uninstall list======

 

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC406C89-7668-46AE-8EFE-75D199C055AB}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC406C89-7668-46AE-8EFE-75D199C055AB}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c /remove

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}

Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}

Carte réseau local sans fil Wireless de Dell-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}

Cisco EAP-FAST Module-->MsiExec.exe /I{BF53252E-4AB2-4C7F-A0FD-6100755745E3}

Cisco LEAP Module-->MsiExec.exe /I{76F9CF97-FC4B-4E20-B363-D127C888448F}

Cisco PEAP Module-->MsiExec.exe /I{4E5386F5-C0F6-4532-A54A-374865AEAB71}

Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\Setup.exe" -l0x40c /remove

Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}

EDocs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}\setup.exe"

Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"

Free Video Converter V 1.3-->"C:\Program Files\Free Video Converter\unins000.exe"

GoToAssist 8.0.0.514-->C:\Program Files\Citrix\GoToAssist\514\G2AUninstaller.exe /uninstall

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

KhalSetup-->MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}

livebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c

Logitech Communications Manager-->MsiExec.exe /I{BD202930-5F70-4B35-B875-1E28604F328D}

Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly

MediaButtons 4.0.0.19-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{148DB7A0-BCA6-47DF-A715-DD01F9266478}\setup.exe" -l0x9

Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}

Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:\Program Files\InstallShield Installation Information\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}\setup.exe -runfromtemp -l0x040c -removeonly

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m

Sound Blaster Audigy ADVANCED MB-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}\Setup.exe" -l0x40c /remove

Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

 

======Security center information======

 

AS: Windows Defender

 

======Environment variables======

 

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"ComSpec"=%SystemRoot%\system32\cmd.exe

"DFSTRACINGON"=FALSE

"FP_NO_HOST_CHECK"=NO

"NUMBER_OF_PROCESSORS"=2

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

"PROCESSOR_LEVEL"=6

"PROCESSOR_REVISION"=0f0d

"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

 

-----------------EOF-----------------

 

 

 

 

 

 

Voila

[Falkra]

Apparemment, il l'a déjà viré, là rien d'anormal à première vue.

Comment est nommé le fichier en question, et quel est son chemin d'accès ?

[todm]

tu veu un truc coriace falkra va voir mon virus et di moi ce que c'est stp!!! j'ai essayer pas mal de truc!!! mai tu vera en lisant ( c'est pas bien long)!!!! article: "Je crois etre infecté! svp éclairé ma lanterne!!!"

[Ekarissor]

Je te donnerai tous ces renseignements à la réouverture de session dans la soirée.

Bonne soirée à tous !!

[Falkra]

Ok, à toute.

 

Todm, apollo.01 s'occupe déjà de ta machine. Tu es entre de bonnes mains. Il passe le soir, généralement, et ne t'oubliera pas.

[todm]

oki merci bocou!!!!!

[Ekarissor]

Re,

le "virus" est localisé dans C:\WIndows\Temp\...\main.ndb

 

Et j'ai trouvé ça sur le site d'antivir:

Nom: HTML/Crypted.Gen

La date de la découverte: 18/07/2007

Type: Cheval de Troie

En circulation: Oui

Infections signalées Faible

Potentiel de distribution: Faible

Potentiel de destruction: Faible

Fichier statique: Non

Version du moteur de scan: 7.04.00.44

 

Détection spéciale HTML/Crypted.Gen

 

Description:

HTML/Crypted.Gen description (fr)

 

Historique de la version:

Les mises à jour suivantes du moteur ont été créées afin d'améliorer la détection:

 

• 7.04.00.44 ( 18/07/2007 )

• 7.04.01.62 ( 17/08/2007 )

• 7.08.00.04 ( 08/04/2008 )

• 7.08.00.25 ( 30/05/2008 )

• 7.08.01.34 ( 18/09/2008 )

 

 

A toute et merci à toi falkra

[Falkra]

Télécharge ATF Cleaner (clique) par Atribune.

• Double-clique sur ATF-Cleaner.exe pour lancer le programme.
  Sous l'onglet Main, choisis : Select All
  Clique sur le bouton Empty Selected
  

Clique sur Exit, dans le menu principal, pour quitter le programme.

 

Vois si ça corrige tout ça.