Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[resolu]alert virus

lulia

Par lulia
dans Analyses et éradication malwares

 Partager

Messages recommandés

lulia Junior Member

lulia

Posté(e)
Posté(e)

Bonjour,

 

Je suis nouvelle sur ce site et pas vraiment douée en informatique......

 

Voila,il y'a quelques jours j'ai attrapé un virus,j'ai pu effacer de nombreux fichiers compromettant,il me reste tout de mm "un virus alert!" à côté de mon horloge en bas à droite et sur le gestionnaire des tâches je n'ai plus en autre "tous les programmes".

 

J'ai bitdéfender comme antivirus et je fonctionne sous xp......J'espere que vous allez pouvoir me dépanner......

 

J'ai fait un "rapport",je ne sais pas si il sera d'une grande importance ou si du moins il est bien fait......

 

Merci de votre aide Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:30: VIRUS ALERT!, on 20/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\OVT94TC7\HiJackThis[1].exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: (no name) - {B394BBFD-DC8F-44B4-8F97-962C9646DD95} - (no file)

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078

O18 - Protocol: bw+0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

 

--

End of file - 17031 bytes

angelique Devil Member !

angelique

Posté(e)
Posté(e)

salut.

 

HijackThis est mal plaçé !!!!!!!

 

• creer un nouveau dossier en c:\ nommé HJT

telecharger HijackThis.exe dans ce nouveau dossier crée::

http://www.trendsecure.com/portal/en-US/_d.../HiJackThis.exe

 

lDouble-clique dessus . Accepte la licence qui va apparaître par "I agree" .

 

Puis clique sur "Do a system scan only" , coche uniquement les lignes ci dessous et clic Fixchecked:

 

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {B394BBFD-DC8F-44B4-8F97-962C9646DD95} - (no file)

O18 - Protocol: bw+0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

==> clic Fixchecked

 

Fait attention tu en as 2 O18 que tu ne dois pas selectionner , celles ci!!!!!!!!!!!!!!::

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

• Télécharge SmitfraudFix de S!Ri

 

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

 

, exécute le un dossier de meme nom est crée sur ton bureau

Dans le menu, sélectionne l'option 2

 

-- A la question "Voulez-vous nettoyer le registre ?" répondre O (oui) afin de débloquer le fond d'écran et supprimer les clés de démarrage automatique de l'infection.

* Le fix déterminera si le fichier wininet.dll est infecté.

-- A la question "Corriger le fichier infecté ?" répondre O (oui) pour remplacer le fichier corrompu.

-- A la fin du scan, sauvegarder le rapport (Fichier/Enregistrer sous...) sur le Bureau.

-- Fais un copier coller du contenu de ce rapport dans ta prochaine réponse

process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky...) comme étant un RiskTool.

Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

 

•Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
     
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

lulia Junior Member

lulia

Posté(e)
  • Auteur
Posté(e)

Merci angélique de ton aide,c'est très gentil

 

Je t'envoi le rapport,j'espere que cette foix ci je l'ai bien fait.je télécharche maintenant smitfraudfix.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:05: VIRUS ALERT!, on 20/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\HJT\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

 

--

End of file - 5128 bytes

lulia Junior Member

lulia

Posté(e)
  • Auteur
Posté(e)

Re coucou angélique,

 

Je t'ai peut etre envoyé le rapport trop prématurément,il fallait peut etre attendre de télécharger Smitfraud.......

 

Je l'ai télechargé,j'ai appuyé sur 2 et d'un coup ca a beugué,j'ai du éteindre le pc et à ma grande surprise je n'ai plus alert virus et j'ai retrouvé "tous les programmes".Tu crois que le problème est résolu?plus de virus?

 

merci.......

lulia Junior Member

lulia

Posté(e)
  • Auteur
Posté(e)

J'ai ce rapport

SmitFraudFix v2.365

 

Rapport fait à 17:22:50,07, 20/10/2008

Executé à partir de C:\Documents and Settings\Sandrine\Bureau\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

lulia Junior Member

lulia

Posté(e)
  • Auteur
Posté(e)

info.txt logfile of random's system information tool 1.04 2008-10-20 17:28:24

 

======Uninstall list======

 

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

BitDefender Antivirus Plus v10-->MsiExec.exe /I{66307F14-2FD2-4BCD-AA0B-F0E0BC60B044}

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

eMule Plus 1.2d-->"C:\Program Files\eMule\unins000.exe"

Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}

HijackThis 2.0.2-->"C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\OVT94TC7\HijackThis.exe" /uninstall

HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat

K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly

Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041036}

Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}

Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9}

VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

VIA/S3G Display Driver 6.14.10.0331-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns

WebTarot 1.15-->"C:\Program Files\Taroteam\unins000.exe"

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"

Zuma Deluxe RA-->C:\PROGRA~1\ZUMADE~1\UNWISE.EXE C:\PROGRA~1\ZUMADE~1\INSTALL.LOG

 

=====HijackThis Backups=====

 

O18 - Protocol: bw40 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O3 - Toolbar: (no name) - {B394BBFD-DC8F-44B4-8F97-962C9646DD95} - (no file)

O18 - Protocol: bwj0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O18 - Protocol: bwn0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O18 - Protocol: bwd0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

======Security center information======

 

AV: Bitdefender Antivirus

FW: Bitdefender Firewall

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel

"PROCESSOR_REVISION"=0401

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

 

-----------------EOF-----------------

Logfile of random's system information tool 1.04 (written by random/random)

Run by Sandrine at 2008-10-20 17:28:06

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 52 GB (66%) free of 78 GB

Total RAM: 958 MB (66% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:28:20, on 20/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\WDQ7OXE7\RSIT[1].exe

C:\HJT\Sandrine.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

 

--

End of file - 5121 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-10-03 290816]

"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2008-10-03 69632]

"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2004-10-11 589824]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-17 32768]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft WinUpdate]

C:\WINDOWS\system32\msupdte.exe [2008-10-14 22330]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

C:\WINDOWS\system32\VTtrayp.exe [2006-08-30 180224]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]

C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sandrine^Menu Démarrer^Programmes^Démarrage^Rapid Antivirus.lnk]

C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WMPNetworkSvc"=3

"WLSetupSvc"=3

"usnjsvc"=3

"Pml Driver HPZ12"=2

"PLFlash DeviceIoControl Service"=2

"ose"=3

"odserv"=3

"Nero BackItUp Scheduler 3"=2

"NMIndexingService"=3

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="sockspy.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

 

======List of files/folders created in the last 1 months======

 

2008-10-20 17:28:06 ----D---- C:\rsit

2008-10-20 16:12:42 ----A---- C:\rapport.txt

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\o4Patch.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\IEDFix.C.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\404Fix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\WS2Fix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VCCLSID.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VACFix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\swxcacls.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\IEDFix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\dumphive.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swsc.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swreg.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\SrchSTS.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\Process.exe

2008-10-20 15:44:38 ----D---- C:\HJT

2008-10-20 10:28:54 ----D---- C:\Program Files\Windows Live Safety Center

2008-10-17 12:57:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\Logitech

2008-10-17 12:42:44 ----D---- C:\Program Files\MUSICMATCH

2008-10-17 12:41:37 ----R---- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe

2008-10-17 12:37:18 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-17 12:34:51 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-17 12:34:45 ----A---- C:\WINDOWS\system32\atl71.dll

2008-10-17 12:34:42 ----D---- C:\Program Files\Fichiers communs\Logitech

2008-10-17 12:34:10 ----D---- C:\Program Files\Logitech

2008-10-16 20:21:22 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-16 12:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-16 12:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-16 12:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-16 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-16 12:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-16 12:47:09 ----A---- C:\WINDOWS\imsins.BAK

2008-10-16 12:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-15 09:35:41 ----D---- C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus

2008-10-15 09:13:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\TmpRecentIcons

2008-10-15 09:12:31 ----A---- C:\WINDOWS\qrbgltos.dll

2008-10-15 09:12:29 ----A---- C:\WINDOWS\evsw.exe

2008-10-15 09:01:49 ----D---- C:\Program Files\Rapid Antivirus

2008-10-15 08:54:36 ----D---- C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]

2008-10-15 08:46:30 ----A---- C:\WINDOWS\system32\smwin32.dll

2008-10-15 08:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll

2008-10-14 16:24:28 ----A---- C:\WINDOWS\system32\msupdte.exe

2008-10-11 09:14:18 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse

2008-10-11 09:13:57 ----D---- C:\Documents and Settings\Sandrine\Application Data\PlayFirst

2008-10-11 09:12:16 ----D---- C:\Program Files\PlayFirst

2008-10-10 21:23:00 ----D---- C:\Documents and Settings\Sandrine\Application Data\Locktime

2008-10-10 21:22:41 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime

2008-10-06 12:35:22 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-05 20:36:10 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Search

2008-10-04 16:57:45 ----D---- C:\Program Files\PopCap Games

2008-10-04 16:57:07 ----D---- C:\Program Files\Zuma Deluxe

2008-10-04 16:54:38 ----D---- C:\Program Files\Taroteam

2008-10-04 12:58:37 ----D---- C:\Program Files\Microsoft Silverlight

2008-10-04 12:57:56 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search

2008-10-04 12:55:00 ----D---- C:\Program Files\Windows Desktop Search

2008-10-04 12:54:57 ----D---- C:\WINDOWS\system32\GroupPolicy

2008-10-04 12:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$

2008-10-04 12:35:47 ----D---- C:\WINDOWS\pss

2008-10-04 12:09:55 ----A---- C:\WINDOWS\system32\ChCfg.exe

2008-10-04 12:09:17 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-04 12:08:55 ----D---- C:\Program Files\Realtek AC97

2008-10-04 12:08:54 ----A---- C:\WINDOWS\system32\RTLCPL.exe

2008-10-04 12:08:52 ----A---- C:\WINDOWS\soundman.exe

2008-10-04 12:08:50 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll

2008-10-04 12:08:46 ----A---- C:\WINDOWS\alcupd.exe

2008-10-04 12:08:46 ----A---- C:\WINDOWS\Alcrmv.exe

2008-10-04 11:09:14 ----RA---- C:\WINDOWS\system32\VModes.exe

2008-10-04 11:08:55 ----D---- C:\Program Files\S3

2008-10-04 11:03:54 ----A---- C:\WINDOWS\system32\VTTrayp.exe

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTTimer.exe

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTovrlay.dll

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTInfo2.dll

2008-10-04 11:03:51 ----A---- C:\WINDOWS\system32\vticd.dll

2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTGamma2.dll

2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTDisply.dll

2008-10-04 11:03:49 ----A---- C:\WINDOWS\system32\vtdisp.dll

2008-10-04 11:00:43 ----D---- C:\pnp

2008-10-04 09:52:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2008-10-04 09:52:29 ----A---- C:\WINDOWS\system32\mucltui.dll

2008-10-03 22:31:35 ----HD---- C:\Program Files\InstallShield Installation Information

2008-10-03 22:30:12 ----D---- C:\Program Files\VIA

2008-10-03 22:29:16 ----D---- C:\Program Files\Fichiers communs\InstallShield

2008-10-03 22:17:06 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-03 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$

2008-10-03 22:15:15 ----D---- C:\Program Files\Windows Media Connect 2

2008-10-03 22:14:34 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$

2008-10-03 22:10:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$

2008-10-03 22:09:47 ----D---- C:\WINDOWS\system32\LogFiles

2008-10-03 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

2008-10-03 21:52:08 ----D---- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic

2008-10-03 20:30:33 ----D---- C:\Program Files\MSXML 4.0

2008-10-03 19:21:50 ----D---- C:\Documents and Settings\Sandrine\Application Data\Nero

2008-10-03 19:18:53 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-10-03 19:10:52 ----D---- C:\Program Files\Nero

2008-10-03 19:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Nero

2008-10-03 19:10:51 ----D---- C:\Program Files\Fichiers communs\Nero

2008-10-03 19:03:07 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-03 19:01:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-03 19:01:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-03 18:50:59 ----D---- C:\Documents and Settings\Sandrine\Application Data\Macromedia

2008-10-03 18:50:58 ----D---- C:\Documents and Settings\Sandrine\Application Data\Adobe

2008-10-03 18:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2008-10-03 18:13:37 ----RSD---- C:\WINDOWS\assembly

2008-10-03 18:13:37 ----D---- C:\WINDOWS\Microsoft.NET

2008-10-03 18:13:35 ----D---- C:\WINDOWS\system32\URTTemp

2008-10-03 18:12:08 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard

2008-10-03 18:10:48 ----RA---- C:\WINDOWS\system32\hpzids01.dll

2008-10-03 18:10:42 ----A---- C:\WINDOWS\system32\hpz3l3xu.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZisn12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipt12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipr12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipm12.exe

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZinw12.exe

2008-10-03 18:04:34 ----A---- C:\WINDOWS\system32\HPZidr12.dll

2008-10-03 18:04:34 ----A---- C:\WINDOWS\IsUninst.exe

2008-10-03 17:57:10 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-03 17:52:52 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-03 17:51:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-03 17:51:37 ----SHD---- C:\WINDOWS\Installer

2008-10-03 17:51:36 ----D---- C:\Program Files\Fichiers communs\ODBC

2008-10-03 17:51:36 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-03 17:51:33 ----D---- C:\Program Files\Fichiers communs\SpeechEngines

2008-10-03 17:51:32 ----RD---- C:\Program Files

2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-03 17:51:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-03 17:51:18 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-03 17:51:18 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-03 17:51:17 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-03 17:51:16 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-03 17:51:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2008-10-03 17:51:02 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-03 17:51:00 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-03 17:50:58 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-03 17:50:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-10-03 17:50:26 ----SHD---- C:\System Volume Information

2008-10-03 17:50:26 ----D---- C:\Documents and Settings

2008-10-03 17:49:33 ----SH---- C:\boot.ini

2008-10-03 17:43:33 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-03 17:43:33 ----RSD---- C:\WINDOWS\Fonts

2008-10-03 17:43:33 ----RD---- C:\WINDOWS\Web

2008-10-03 17:43:33 ----HD---- C:\WINDOWS\inf

2008-10-03 17:43:33 ----D---- C:\WINDOWS\WinSxS

2008-10-03 17:43:33 ----D---- C:\WINDOWS\twain_32

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Temp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wins

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wbem

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\usmt

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\spool

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\Setup

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ras

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\oobe

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\npp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\mui

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\IME

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\icsxml

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ias

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr-fr

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\export

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\drivers

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\dhcp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\config

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3076

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\2052

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1054

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1042

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1041

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1037

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1036

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1033

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1031

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1028

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1025

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system

2008-10-03 17:43:33 ----D---- C:\WINDOWS\security

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Resources

2008-10-03 17:43:33 ----D---- C:\WINDOWS\repair

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Provisioning

2008-10-03 17:43:33 ----D---- C:\WINDOWS\PeerNet

2008-10-03 17:43:33 ----D---- C:\WINDOWS\pchealth

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-03 17:43:33 ----D---- C:\WINDOWS\mui

2008-10-03 17:43:33 ----D---- C:\WINDOWS\msapps

2008-10-03 17:43:33 ----D---- C:\WINDOWS\msagent

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Media

2008-10-03 17:43:33 ----D---- C:\WINDOWS\L2Schemas

2008-10-03 17:43:33 ----D---- C:\WINDOWS\java

2008-10-03 17:43:33 ----D---- C:\WINDOWS\ime

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Help

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Driver Cache

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Debug

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Cursors

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Connection Wizard

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Config

2008-10-03 17:43:33 ----D---- C:\WINDOWS\AppPatch

2008-10-03 17:43:33 ----D---- C:\WINDOWS\addins

2008-10-03 17:43:33 ----D---- C:\WINDOWS

2008-10-03 17:39:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2008-10-03 17:38:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2008-10-03 17:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-03 17:24:25 ----D---- C:\Program Files\Microsoft Works

2008-10-03 17:24:14 ----D---- C:\Program Files\MSBuild

2008-10-03 17:23:06 ----D---- C:\Program Files\Microsoft Visual Studio

2008-10-03 17:23:05 ----D---- C:\Program Files\Fichiers communs\DESIGNER

2008-10-03 17:17:59 ----D---- C:\WINDOWS\SHELLNEW

2008-10-03 17:17:27 ----D---- C:\Program Files\Microsoft Office

2008-10-03 17:17:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-10-03 17:16:41 ----RHD---- C:\MSOCache

2008-10-03 17:15:02 ----D---- C:\Documents and Settings\Sandrine\Application Data\WinRAR

2008-10-03 17:06:52 ----D---- C:\Program Files\eMule

2008-10-03 17:05:08 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-10-03 17:04:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-03 17:04:32 ----D---- C:\Program Files\Windows Live

2008-10-03 17:04:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-03 17:04:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-10-03 17:02:05 ----A---- C:\WINDOWS\system32\unrar.dll

2008-10-03 17:02:04 ----A---- C:\WINDOWS\avisplitter.ini

2008-10-03 17:01:54 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2008-10-03 17:01:52 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-03 17:01:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-03 17:01:47 ----A---- C:\WINDOWS\system32\qt-dx331.dll

2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\dpl100.dll

2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2008-10-03 17:01:16 ----D---- C:\Program Files\K-Lite Codec Pack

2008-10-03 16:58:58 ----D---- C:\Program Files\Yahoo!

2008-10-03 16:58:28 ----D---- C:\Program Files\CCleaner

2008-10-03 16:57:29 ----D---- C:\Program Files\WinRAR

2008-10-03 16:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2008-10-03 16:52:00 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-10-03 16:52:00 ----D---- C:\Program Files\Adobe

2008-10-03 16:34:51 ----D---- C:\Documents and Settings\Sandrine\Application Data\Mozilla

2008-10-03 16:34:37 ----D---- C:\Program Files\Mozilla Firefox

2008-10-03 16:34:00 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-03 16:33:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-03 16:33:58 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-03 16:32:46 ----D---- C:\Program Files\HP

2008-10-03 16:31:19 ----HD---- C:\Config.Msi

2008-10-03 16:28:33 ----D---- C:\Documents and Settings\Sandrine\Application Data\HP

2008-10-03 16:26:38 ----D---- C:\Documents and Settings\Sandrine\Application Data\Bitdefender

2008-10-03 16:16:09 ----D---- C:\Program Files\Softwin

2008-10-03 16:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender

2008-10-03 16:15:09 ----D---- C:\Program Files\Fichiers communs\Softwin

2008-10-03 16:13:46 ----SHD---- C:\RECYCLER

2008-10-03 16:13:01 ----D---- C:\Documents and Settings\Sandrine\Application Data\Identities

2008-10-03 16:12:59 ----HD---- C:\Program Files\Uninstall Information

2008-10-03 16:12:53 ----ASH---- C:\Documents and Settings\Sandrine\Application Data\desktop.ini

2008-10-03 16:12:52 ----SD---- C:\Documents and Settings\Sandrine\Application Data\Microsoft

2008-10-03 16:12:31 ----A---- C:\WINDOWS\system32\wpa.bak

2008-10-03 16:11:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-03 16:10:38 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-03 16:10:29 ----D---- C:\WINDOWS\Prefetch

2008-10-03 16:10:28 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-03 16:10:28 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-03 16:07:13 ----D---- C:\WINDOWS\system32\xircom

2008-10-03 16:07:13 ----D---- C:\Program Files\xerox

2008-10-03 16:07:13 ----D---- C:\Program Files\microsoft frontpage

2008-10-03 16:07:00 ----A---- C:\WINDOWS\control.ini

2008-10-03 16:07:00 ----A---- C:\AUTOEXEC.BAT

2008-10-03 16:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-03 16:05:22 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-03 16:05:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-03 16:05:14 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-03 16:05:09 ----HD---- C:\Program Files\WindowsUpdate

2008-10-03 16:05:03 ----D---- C:\Program Files\Services en ligne

2008-10-03 16:04:46 ----D---- C:\WINDOWS\system32\DirectX

2008-10-03 16:04:42 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-03 16:04:40 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-03 16:04:40 ----A---- C:\WINDOWS\desktop.ini

2008-10-03 16:04:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-03 16:04:33 ----D---- C:\Program Files\Fichiers communs\Services

2008-10-03 16:04:33 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-03 16:04:31 ----SD---- C:\WINDOWS\Tasks

2008-10-03 16:04:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-03 16:04:30 ----D---- C:\Program Files\Fichiers communs\MSSoap

2008-10-03 16:04:27 ----D---- C:\WINDOWS\srchasst

2008-10-03 16:04:26 ----D---- C:\WINDOWS\system32\Macromed

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-03 16:04:20 ----D---- C:\Program Files\Movie Maker

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-03 16:04:02 ----D---- C:\WINDOWS\system32\Restore

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-03 16:03:59 ----D---- C:\Program Files\NetMeeting

2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-03 16:03:56 ----D---- C:\Program Files\Outlook Express

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-03 16:03:51 ----D---- C:\Program Files\Fichiers communs\System

2008-10-03 16:03:49 ----D---- C:\Program Files\Internet Explorer

2008-10-03 16:03:33 ----D---- C:\Program Files\ComPlus Applications

2008-10-03 16:03:30 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-03 16:03:30 ----A---- C:\WINDOWS\vb.ini

2008-10-03 16:03:24 ----D---- C:\WINDOWS\Registration

2008-10-03 16:02:40 ----D---- C:\Program Files\Windows Media Player

2008-10-03 16:02:40 ----D---- C:\Program Files\Online Services

2008-10-03 16:02:33 ----D---- C:\Program Files\Messenger

2008-10-03 16:02:30 ----D---- C:\Program Files\MSN Gaming Zone

2008-10-03 16:02:30 ----A---- C:\WINDOWS\system32\write.exe

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-03 16:02:21 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-03 16:02:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-03 16:02:02 ----D---- C:\Program Files\MSN

2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-03 16:02:00 ----D---- C:\Program Files\Windows NT

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-03 16:01:59 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-03 16:01:56 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-03 16:01:54 ----D---- C:\WINDOWS\system32\Com

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\cmprops.dll

 

======List of files/folders modified in the last 1 months======

 

2008-10-20 16:30:34 ----A---- C:\WINDOWS\win.ini

2008-10-16 12:50:36 ----A---- C:\WINDOWS\system.ini

2008-10-03 16:31:24 ----A---- C:\WINDOWS\system32\xreglib.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]

R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]

R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []

R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []

R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056]

R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528]

R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352]

R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-08-31 264704]

S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2008-10-03 81920]

R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-10-03 278528]

R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-10-03 462848]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]

S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

 

-----------------EOF-----------------

Logfile of random's system information tool 1.04 (written by random/random)

Run by Sandrine at 2008-10-20 17:28:06

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 52 GB (66%) free of 78 GB

Total RAM: 958 MB (66% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:28:20, on 20/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\WDQ7OXE7\RSIT[1].exe

C:\HJT\Sandrine.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

 

--

End of file - 5121 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-10-03 290816]

"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2008-10-03 69632]

"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2004-10-11 589824]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-17 32768]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft WinUpdate]

C:\WINDOWS\system32\msupdte.exe [2008-10-14 22330]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

C:\WINDOWS\system32\VTtrayp.exe [2006-08-30 180224]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]

C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sandrine^Menu Démarrer^Programmes^Démarrage^Rapid Antivirus.lnk]

C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WMPNetworkSvc"=3

"WLSetupSvc"=3

"usnjsvc"=3

"Pml Driver HPZ12"=2

"PLFlash DeviceIoControl Service"=2

"ose"=3

"odserv"=3

"Nero BackItUp Scheduler 3"=2

"NMIndexingService"=3

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="sockspy.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

 

======List of files/folders created in the last 1 months======

 

2008-10-20 17:28:06 ----D---- C:\rsit

2008-10-20 16:12:42 ----A---- C:\rapport.txt

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\o4Patch.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\IEDFix.C.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\404Fix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\WS2Fix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VCCLSID.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VACFix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\swxcacls.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\IEDFix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\dumphive.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swsc.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swreg.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\SrchSTS.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\Process.exe

2008-10-20 15:44:38 ----D---- C:\HJT

2008-10-20 10:28:54 ----D---- C:\Program Files\Windows Live Safety Center

2008-10-17 12:57:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\Logitech

2008-10-17 12:42:44 ----D---- C:\Program Files\MUSICMATCH

2008-10-17 12:41:37 ----R---- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe

2008-10-17 12:37:18 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-17 12:34:51 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-17 12:34:45 ----A---- C:\WINDOWS\system32\atl71.dll

2008-10-17 12:34:42 ----D---- C:\Program Files\Fichiers communs\Logitech

2008-10-17 12:34:10 ----D---- C:\Program Files\Logitech

2008-10-16 20:21:22 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-16 12:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-16 12:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-16 12:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-16 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-16 12:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-16 12:47:09 ----A---- C:\WINDOWS\imsins.BAK

2008-10-16 12:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-15 09:35:41 ----D---- C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus

2008-10-15 09:13:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\TmpRecentIcons

2008-10-15 09:12:31 ----A---- C:\WINDOWS\qrbgltos.dll

2008-10-15 09:12:29 ----A---- C:\WINDOWS\evsw.exe

2008-10-15 09:01:49 ----D---- C:\Program Files\Rapid Antivirus

2008-10-15 08:54:36 ----D---- C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]

2008-10-15 08:46:30 ----A---- C:\WINDOWS\system32\smwin32.dll

2008-10-15 08:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll

2008-10-14 16:24:28 ----A---- C:\WINDOWS\system32\msupdte.exe

2008-10-11 09:14:18 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse

2008-10-11 09:13:57 ----D---- C:\Documents and Settings\Sandrine\Application Data\PlayFirst

2008-10-11 09:12:16 ----D---- C:\Program Files\PlayFirst

2008-10-10 21:23:00 ----D---- C:\Documents and Settings\Sandrine\Application Data\Locktime

2008-10-10 21:22:41 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime

2008-10-06 12:35:22 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-05 20:36:10 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Search

2008-10-04 16:57:45 ----D---- C:\Program Files\PopCap Games

2008-10-04 16:57:07 ----D---- C:\Program Files\Zuma Deluxe

2008-10-04 16:54:38 ----D---- C:\Program Files\Taroteam

2008-10-04 12:58:37 ----D---- C:\Program Files\Microsoft Silverlight

2008-10-04 12:57:56 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search

2008-10-04 12:55:00 ----D---- C:\Program Files\Windows Desktop Search

2008-10-04 12:54:57 ----D---- C:\WINDOWS\system32\GroupPolicy

2008-10-04 12:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$

2008-10-04 12:35:47 ----D---- C:\WINDOWS\pss

2008-10-04 12:09:55 ----A---- C:\WINDOWS\system32\ChCfg.exe

2008-10-04 12:09:17 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-04 12:08:55 ----D---- C:\Program Files\Realtek AC97

2008-10-04 12:08:54 ----A---- C:\WINDOWS\system32\RTLCPL.exe

2008-10-04 12:08:52 ----A---- C:\WINDOWS\soundman.exe

2008-10-04 12:08:50 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll

2008-10-04 12:08:46 ----A---- C:\WINDOWS\alcupd.exe

2008-10-04 12:08:46 ----A---- C:\WINDOWS\Alcrmv.exe

2008-10-04 11:09:14 ----RA---- C:\WINDOWS\system32\VModes.exe

2008-10-04 11:08:55 ----D---- C:\Program Files\S3

2008-10-04 11:03:54 ----A---- C:\WINDOWS\system32\VTTrayp.exe

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTTimer.exe

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTovrlay.dll

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTInfo2.dll

2008-10-04 11:03:51 ----A---- C:\WINDOWS\system32\vticd.dll

2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTGamma2.dll

2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTDisply.dll

2008-10-04 11:03:49 ----A---- C:\WINDOWS\system32\vtdisp.dll

2008-10-04 11:00:43 ----D---- C:\pnp

2008-10-04 09:52:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2008-10-04 09:52:29 ----A---- C:\WINDOWS\system32\mucltui.dll

2008-10-03 22:31:35 ----HD---- C:\Program Files\InstallShield Installation Information

2008-10-03 22:30:12 ----D---- C:\Program Files\VIA

2008-10-03 22:29:16 ----D---- C:\Program Files\Fichiers communs\InstallShield

2008-10-03 22:17:06 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-03 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$

2008-10-03 22:15:15 ----D---- C:\Program Files\Windows Media Connect 2

2008-10-03 22:14:34 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$

2008-10-03 22:10:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$

2008-10-03 22:09:47 ----D---- C:\WINDOWS\system32\LogFiles

2008-10-03 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

2008-10-03 21:52:08 ----D---- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic

2008-10-03 20:30:33 ----D---- C:\Program Files\MSXML 4.0

2008-10-03 19:21:50 ----D---- C:\Documents and Settings\Sandrine\Application Data\Nero

2008-10-03 19:18:53 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-10-03 19:10:52 ----D---- C:\Program Files\Nero

2008-10-03 19:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Nero

2008-10-03 19:10:51 ----D---- C:\Program Files\Fichiers communs\Nero

2008-10-03 19:03:07 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-03 19:01:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-03 19:01:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-03 18:50:59 ----D---- C:\Documents and Settings\Sandrine\Application Data\Macromedia

2008-10-03 18:50:58 ----D---- C:\Documents and Settings\Sandrine\Application Data\Adobe

2008-10-03 18:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2008-10-03 18:13:37 ----RSD---- C:\WINDOWS\assembly

2008-10-03 18:13:37 ----D---- C:\WINDOWS\Microsoft.NET

2008-10-03 18:13:35 ----D---- C:\WINDOWS\system32\URTTemp

2008-10-03 18:12:08 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard

2008-10-03 18:10:48 ----RA---- C:\WINDOWS\system32\hpzids01.dll

2008-10-03 18:10:42 ----A---- C:\WINDOWS\system32\hpz3l3xu.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZisn12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipt12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipr12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipm12.exe

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZinw12.exe

2008-10-03 18:04:34 ----A---- C:\WINDOWS\system32\HPZidr12.dll

2008-10-03 18:04:34 ----A---- C:\WINDOWS\IsUninst.exe

2008-10-03 17:57:10 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-03 17:52:52 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-03 17:51:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-03 17:51:37 ----SHD---- C:\WINDOWS\Installer

2008-10-03 17:51:36 ----D---- C:\Program Files\Fichiers communs\ODBC

2008-10-03 17:51:36 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-03 17:51:33 ----D---- C:\Program Files\Fichiers communs\SpeechEngines

2008-10-03 17:51:32 ----RD---- C:\Program Files

2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-03 17:51:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-03 17:51:18 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-03 17:51:18 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-03 17:51:17 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-03 17:51:16 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-03 17:51:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2008-10-03 17:51:02 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-03 17:51:00 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-03 17:50:58 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-03 17:50:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-10-03 17:50:26 ----SHD---- C:\System Volume Information

2008-10-03 17:50:26 ----D---- C:\Documents and Settings

2008-10-03 17:49:33 ----SH---- C:\boot.ini

2008-10-03 17:43:33 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-03 17:43:33 ----RSD---- C:\WINDOWS\Fonts

2008-10-03 17:43:33 ----RD---- C:\WINDOWS\Web

2008-10-03 17:43:33 ----HD---- C:\WINDOWS\inf

2008-10-03 17:43:33 ----D---- C:\WINDOWS\WinSxS

2008-10-03 17:43:33 ----D---- C:\WINDOWS\twain_32

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Temp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wins

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wbem

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\usmt

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\spool

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\Setup

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ras

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\oobe

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\npp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\mui

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\IME

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\icsxml

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ias

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr-fr

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\export

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\drivers

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\dhcp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\config

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3076

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\2052

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1054

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1042

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1041

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1037

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1036

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1033

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1031

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1028

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1025

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system

2008-10-03 17:43:33 ----D---- C:\WINDOWS\security

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Resources

2008-10-03 17:43:33 ----D---- C:\WINDOWS\repair

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Provisioning

2008-10-03 17:43:33 ----D---- C:\WINDOWS\PeerNet

2008-10-03 17:43:33 ----D---- C:\WINDOWS\pchealth

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-03 17:43:33 ----D---- C:\WINDOWS\mui

2008-10-03 17:43:33 ----D---- C:\WINDOWS\msapps

2008-10-03 17:43:33 ----D---- C:\WINDOWS\msagent

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Media

2008-10-03 17:43:33 ----D---- C:\WINDOWS\L2Schemas

2008-10-03 17:43:33 ----D---- C:\WINDOWS\java

2008-10-03 17:43:33 ----D---- C:\WINDOWS\ime

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Help

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Driver Cache

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Debug

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Cursors

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Connection Wizard

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Config

2008-10-03 17:43:33 ----D---- C:\WINDOWS\AppPatch

2008-10-03 17:43:33 ----D---- C:\WINDOWS\addins

2008-10-03 17:43:33 ----D---- C:\WINDOWS

2008-10-03 17:39:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2008-10-03 17:38:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2008-10-03 17:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-03 17:24:25 ----D---- C:\Program Files\Microsoft Works

2008-10-03 17:24:14 ----D---- C:\Program Files\MSBuild

2008-10-03 17:23:06 ----D---- C:\Program Files\Microsoft Visual Studio

2008-10-03 17:23:05 ----D---- C:\Program Files\Fichiers communs\DESIGNER

2008-10-03 17:17:59 ----D---- C:\WINDOWS\SHELLNEW

2008-10-03 17:17:27 ----D---- C:\Program Files\Microsoft Office

2008-10-03 17:17:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-10-03 17:16:41 ----RHD---- C:\MSOCache

2008-10-03 17:15:02 ----D---- C:\Documents and Settings\Sandrine\Application Data\WinRAR

2008-10-03 17:06:52 ----D---- C:\Program Files\eMule

2008-10-03 17:05:08 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-10-03 17:04:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-03 17:04:32 ----D---- C:\Program Files\Windows Live

2008-10-03 17:04:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-03 17:04:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-10-03 17:02:05 ----A---- C:\WINDOWS\system32\unrar.dll

2008-10-03 17:02:04 ----A---- C:\WINDOWS\avisplitter.ini

2008-10-03 17:01:54 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2008-10-03 17:01:52 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-03 17:01:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-03 17:01:47 ----A---- C:\WINDOWS\system32\qt-dx331.dll

2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\dpl100.dll

2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2008-10-03 17:01:16 ----D---- C:\Program Files\K-Lite Codec Pack

2008-10-03 16:58:58 ----D---- C:\Program Files\Yahoo!

2008-10-03 16:58:28 ----D---- C:\Program Files\CCleaner

2008-10-03 16:57:29 ----D---- C:\Program Files\WinRAR

2008-10-03 16:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2008-10-03 16:52:00 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-10-03 16:52:00 ----D---- C:\Program Files\Adobe

2008-10-03 16:34:51 ----D---- C:\Documents and Settings\Sandrine\Application Data\Mozilla

2008-10-03 16:34:37 ----D---- C:\Program Files\Mozilla Firefox

2008-10-03 16:34:00 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-03 16:33:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-03 16:33:58 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-03 16:32:46 ----D---- C:\Program Files\HP

2008-10-03 16:31:19 ----HD---- C:\Config.Msi

2008-10-03 16:28:33 ----D---- C:\Documents and Settings\Sandrine\Application Data\HP

2008-10-03 16:26:38 ----D---- C:\Documents and Settings\Sandrine\Application Data\Bitdefender

2008-10-03 16:16:09 ----D---- C:\Program Files\Softwin

2008-10-03 16:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender

2008-10-03 16:15:09 ----D---- C:\Program Files\Fichiers communs\Softwin

2008-10-03 16:13:46 ----SHD---- C:\RECYCLER

2008-10-03 16:13:01 ----D---- C:\Documents and Settings\Sandrine\Application Data\Identities

2008-10-03 16:12:59 ----HD---- C:\Program Files\Uninstall Information

2008-10-03 16:12:53 ----ASH---- C:\Documents and Settings\Sandrine\Application Data\desktop.ini

2008-10-03 16:12:52 ----SD---- C:\Documents and Settings\Sandrine\Application Data\Microsoft

2008-10-03 16:12:31 ----A---- C:\WINDOWS\system32\wpa.bak

2008-10-03 16:11:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-03 16:10:38 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-03 16:10:29 ----D---- C:\WINDOWS\Prefetch

2008-10-03 16:10:28 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-03 16:10:28 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-03 16:07:13 ----D---- C:\WINDOWS\system32\xircom

2008-10-03 16:07:13 ----D---- C:\Program Files\xerox

2008-10-03 16:07:13 ----D---- C:\Program Files\microsoft frontpage

2008-10-03 16:07:00 ----A---- C:\WINDOWS\control.ini

2008-10-03 16:07:00 ----A---- C:\AUTOEXEC.BAT

2008-10-03 16:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-03 16:05:22 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-03 16:05:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-03 16:05:14 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-03 16:05:09 ----HD---- C:\Program Files\WindowsUpdate

2008-10-03 16:05:03 ----D---- C:\Program Files\Services en ligne

2008-10-03 16:04:46 ----D---- C:\WINDOWS\system32\DirectX

2008-10-03 16:04:42 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-03 16:04:40 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-03 16:04:40 ----A---- C:\WINDOWS\desktop.ini

2008-10-03 16:04:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-03 16:04:33 ----D---- C:\Program Files\Fichiers communs\Services

2008-10-03 16:04:33 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-03 16:04:31 ----SD---- C:\WINDOWS\Tasks

2008-10-03 16:04:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-03 16:04:30 ----D---- C:\Program Files\Fichiers communs\MSSoap

2008-10-03 16:04:27 ----D---- C:\WINDOWS\srchasst

2008-10-03 16:04:26 ----D---- C:\WINDOWS\system32\Macromed

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-03 16:04:20 ----D---- C:\Program Files\Movie Maker

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-03 16:04:02 ----D---- C:\WINDOWS\system32\Restore

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-03 16:03:59 ----D---- C:\Program Files\NetMeeting

2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-03 16:03:56 ----D---- C:\Program Files\Outlook Express

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-03 16:03:51 ----D---- C:\Program Files\Fichiers communs\System

2008-10-03 16:03:49 ----D---- C:\Program Files\Internet Explorer

2008-10-03 16:03:33 ----D---- C:\Program Files\ComPlus Applications

2008-10-03 16:03:30 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-03 16:03:30 ----A---- C:\WINDOWS\vb.ini

2008-10-03 16:03:24 ----D---- C:\WINDOWS\Registration

2008-10-03 16:02:40 ----D---- C:\Program Files\Windows Media Player

2008-10-03 16:02:40 ----D---- C:\Program Files\Online Services

2008-10-03 16:02:33 ----D---- C:\Program Files\Messenger

2008-10-03 16:02:30 ----D---- C:\Program Files\MSN Gaming Zone

2008-10-03 16:02:30 ----A---- C:\WINDOWS\system32\write.exe

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-03 16:02:21 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-03 16:02:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-03 16:02:02 ----D---- C:\Program Files\MSN

2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-03 16:02:00 ----D---- C:\Program Files\Windows NT

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-03 16:01:59 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-03 16:01:56 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-03 16:01:54 ----D---- C:\WINDOWS\system32\Com

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\cmprops.dll

 

======List of files/folders modified in the last 1 months======

 

2008-10-20 16:30:34 ----A---- C:\WINDOWS\win.ini

2008-10-16 12:50:36 ----A---- C:\WINDOWS\system.ini

2008-10-03 16:31:24 ----A---- C:\WINDOWS\system32\xreglib.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]

R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]

R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []

R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []

R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056]

R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528]

R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352]

R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-08-31 264704]

S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2008-10-03 81920]

R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-10-03 278528]

R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-10-03 462848]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]

S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

 

-----------------EOF-----------------

 

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by Sandrine at 2008-10-20 17:28:06

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 52 GB (66%) free of 78 GB

Total RAM: 958 MB (66% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:28:20, on 20/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\Program Files\VIA\RAID\raid_tool.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Sandrine\Local Settings\Temporary Internet Files\Content.IE5\WDQ7OXE7\RSIT[1].exe

C:\HJT\Sandrine.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223048211078

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {49F70326-1923-4116-9532-0A453A6C3D30} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

 

--

End of file - 5121 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-10-03 290816]

"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2008-10-03 69632]

"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2004-10-11 589824]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-10-17 32768]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft WinUpdate]

C:\WINDOWS\system32\msupdte.exe [2008-10-14 22330]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

C:\WINDOWS\system32\VTtrayp.exe [2006-08-30 180224]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]

C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Sandrine^Menu Démarrer^Programmes^Démarrage^Rapid Antivirus.lnk]

C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WMPNetworkSvc"=3

"WLSetupSvc"=3

"usnjsvc"=3

"Pml Driver HPZ12"=2

"PLFlash DeviceIoControl Service"=2

"ose"=3

"odserv"=3

"Nero BackItUp Scheduler 3"=2

"NMIndexingService"=3

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="sockspy.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

 

======List of files/folders created in the last 1 months======

 

2008-10-20 17:28:06 ----D---- C:\rsit

2008-10-20 16:12:42 ----A---- C:\rapport.txt

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\o4Patch.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\IEDFix.C.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe

2008-10-20 16:07:43 ----A---- C:\WINDOWS\system32\404Fix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\WS2Fix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VCCLSID.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\VACFix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\swxcacls.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\IEDFix.exe

2008-10-20 16:07:42 ----A---- C:\WINDOWS\system32\dumphive.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swsc.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\swreg.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\SrchSTS.exe

2008-10-20 16:07:41 ----A---- C:\WINDOWS\system32\Process.exe

2008-10-20 15:44:38 ----D---- C:\HJT

2008-10-20 10:28:54 ----D---- C:\Program Files\Windows Live Safety Center

2008-10-17 12:57:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\Logitech

2008-10-17 12:42:44 ----D---- C:\Program Files\MUSICMATCH

2008-10-17 12:41:37 ----R---- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe

2008-10-17 12:37:18 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-10-17 12:34:51 ----A---- C:\WINDOWS\system32\unicows.dll

2008-10-17 12:34:45 ----A---- C:\WINDOWS\system32\atl71.dll

2008-10-17 12:34:42 ----D---- C:\Program Files\Fichiers communs\Logitech

2008-10-17 12:34:10 ----D---- C:\Program Files\Logitech

2008-10-16 20:21:22 ----A---- C:\WINDOWS\system32\MRT.exe

2008-10-16 12:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-10-16 12:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-10-16 12:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-10-16 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-10-16 12:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-10-16 12:47:09 ----A---- C:\WINDOWS\imsins.BAK

2008-10-16 12:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$

2008-10-15 09:35:41 ----D---- C:\Documents and Settings\Sandrine\Application Data\Rapid Antivirus

2008-10-15 09:13:15 ----D---- C:\Documents and Settings\Sandrine\Application Data\TmpRecentIcons

2008-10-15 09:12:31 ----A---- C:\WINDOWS\qrbgltos.dll

2008-10-15 09:12:29 ----A---- C:\WINDOWS\evsw.exe

2008-10-15 09:01:49 ----D---- C:\Program Files\Rapid Antivirus

2008-10-15 08:54:36 ----D---- C:\Documents and Settings\Sandrine\Application Data\install_5738_MHw0MXwwfHx8fHx8fHw_[1]

2008-10-15 08:46:30 ----A---- C:\WINDOWS\system32\smwin32.dll

2008-10-15 08:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll

2008-10-14 16:24:28 ----A---- C:\WINDOWS\system32\msupdte.exe

2008-10-11 09:14:18 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse

2008-10-11 09:13:57 ----D---- C:\Documents and Settings\Sandrine\Application Data\PlayFirst

2008-10-11 09:12:16 ----D---- C:\Program Files\PlayFirst

2008-10-10 21:23:00 ----D---- C:\Documents and Settings\Sandrine\Application Data\Locktime

2008-10-10 21:22:41 ----D---- C:\Documents and Settings\All Users\Application Data\Locktime

2008-10-06 12:35:22 ----A---- C:\WINDOWS\NeroDigital.ini

2008-10-05 20:36:10 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Search

2008-10-04 16:57:45 ----D---- C:\Program Files\PopCap Games

2008-10-04 16:57:07 ----D---- C:\Program Files\Zuma Deluxe

2008-10-04 16:54:38 ----D---- C:\Program Files\Taroteam

2008-10-04 12:58:37 ----D---- C:\Program Files\Microsoft Silverlight

2008-10-04 12:57:56 ----D---- C:\Documents and Settings\Sandrine\Application Data\Windows Desktop Search

2008-10-04 12:55:00 ----D---- C:\Program Files\Windows Desktop Search

2008-10-04 12:54:57 ----D---- C:\WINDOWS\system32\GroupPolicy

2008-10-04 12:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$

2008-10-04 12:35:47 ----D---- C:\WINDOWS\pss

2008-10-04 12:09:55 ----A---- C:\WINDOWS\system32\ChCfg.exe

2008-10-04 12:09:17 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-10-04 12:08:55 ----D---- C:\Program Files\Realtek AC97

2008-10-04 12:08:54 ----A---- C:\WINDOWS\system32\RTLCPL.exe

2008-10-04 12:08:52 ----A---- C:\WINDOWS\soundman.exe

2008-10-04 12:08:50 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll

2008-10-04 12:08:46 ----A---- C:\WINDOWS\alcupd.exe

2008-10-04 12:08:46 ----A---- C:\WINDOWS\Alcrmv.exe

2008-10-04 11:09:14 ----RA---- C:\WINDOWS\system32\VModes.exe

2008-10-04 11:08:55 ----D---- C:\Program Files\S3

2008-10-04 11:03:54 ----A---- C:\WINDOWS\system32\VTTrayp.exe

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTTimer.exe

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTovrlay.dll

2008-10-04 11:03:53 ----A---- C:\WINDOWS\system32\VTInfo2.dll

2008-10-04 11:03:51 ----A---- C:\WINDOWS\system32\vticd.dll

2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTGamma2.dll

2008-10-04 11:03:50 ----A---- C:\WINDOWS\system32\VTDisply.dll

2008-10-04 11:03:49 ----A---- C:\WINDOWS\system32\vtdisp.dll

2008-10-04 11:00:43 ----D---- C:\pnp

2008-10-04 09:52:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2008-10-04 09:52:29 ----A---- C:\WINDOWS\system32\mucltui.dll

2008-10-03 22:31:35 ----HD---- C:\Program Files\InstallShield Installation Information

2008-10-03 22:30:12 ----D---- C:\Program Files\VIA

2008-10-03 22:29:16 ----D---- C:\Program Files\Fichiers communs\InstallShield

2008-10-03 22:17:06 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-10-03 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$

2008-10-03 22:15:15 ----D---- C:\Program Files\Windows Media Connect 2

2008-10-03 22:14:34 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$

2008-10-03 22:10:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$

2008-10-03 22:09:47 ----D---- C:\WINDOWS\system32\LogFiles

2008-10-03 22:09:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

2008-10-03 21:52:08 ----D---- C:\Documents and Settings\Sandrine\Application Data\Media Player Classic

2008-10-03 20:30:33 ----D---- C:\Program Files\MSXML 4.0

2008-10-03 19:21:50 ----D---- C:\Documents and Settings\Sandrine\Application Data\Nero

2008-10-03 19:18:53 ----A---- C:\WINDOWS\system32\MsiExec.exe.log

2008-10-03 19:10:52 ----D---- C:\Program Files\Nero

2008-10-03 19:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\Nero

2008-10-03 19:10:51 ----D---- C:\Program Files\Fichiers communs\Nero

2008-10-03 19:03:07 ----D---- C:\WINDOWS\RegisteredPackages

2008-10-03 19:01:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-10-03 19:01:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-10-03 18:50:59 ----D---- C:\Documents and Settings\Sandrine\Application Data\Macromedia

2008-10-03 18:50:58 ----D---- C:\Documents and Settings\Sandrine\Application Data\Adobe

2008-10-03 18:17:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2008-10-03 18:13:37 ----RSD---- C:\WINDOWS\assembly

2008-10-03 18:13:37 ----D---- C:\WINDOWS\Microsoft.NET

2008-10-03 18:13:35 ----D---- C:\WINDOWS\system32\URTTemp

2008-10-03 18:12:08 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard

2008-10-03 18:10:48 ----RA---- C:\WINDOWS\system32\hpzids01.dll

2008-10-03 18:10:42 ----A---- C:\WINDOWS\system32\hpz3l3xu.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZisn12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipt12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipr12.dll

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZipm12.exe

2008-10-03 18:04:35 ----A---- C:\WINDOWS\system32\HPZinw12.exe

2008-10-03 18:04:34 ----A---- C:\WINDOWS\system32\HPZidr12.dll

2008-10-03 18:04:34 ----A---- C:\WINDOWS\IsUninst.exe

2008-10-03 17:57:10 ----A---- C:\WINDOWS\system32\h323log.txt

2008-10-03 17:52:52 ----A---- C:\WINDOWS\system32\usbui.dll

2008-10-03 17:51:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-10-03 17:51:37 ----SHD---- C:\WINDOWS\Installer

2008-10-03 17:51:36 ----D---- C:\Program Files\Fichiers communs\ODBC

2008-10-03 17:51:36 ----A---- C:\WINDOWS\ODBCINST.INI

2008-10-03 17:51:33 ----D---- C:\Program Files\Fichiers communs\SpeechEngines

2008-10-03 17:51:32 ----RD---- C:\Program Files

2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2008-10-03 17:51:32 ----D---- C:\Program Files\Fichiers communs

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-10-03 17:51:28 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-10-03 17:51:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-10-03 17:51:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-10-03 17:51:24 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-10-03 17:51:23 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\irclass.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-10-03 17:51:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-10-03 17:51:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-10-03 17:51:18 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-10-03 17:51:18 ----A---- C:\WINDOWS\system32\batt.dll

2008-10-03 17:51:17 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-10-03 17:51:16 ----A---- C:\WINDOWS\system32\storprop.dll

2008-10-03 17:51:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2008-10-03 17:51:02 ----RA---- C:\WINDOWS\SET8.tmp

2008-10-03 17:51:00 ----RA---- C:\WINDOWS\SET4.tmp

2008-10-03 17:50:58 ----RA---- C:\WINDOWS\SET3.tmp

2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot2

2008-10-03 17:50:52 ----D---- C:\WINDOWS\system32\CatRoot

2008-10-03 17:50:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-10-03 17:50:26 ----SHD---- C:\System Volume Information

2008-10-03 17:50:26 ----D---- C:\Documents and Settings

2008-10-03 17:49:33 ----SH---- C:\boot.ini

2008-10-03 17:43:33 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-10-03 17:43:33 ----RSD---- C:\WINDOWS\Fonts

2008-10-03 17:43:33 ----RD---- C:\WINDOWS\Web

2008-10-03 17:43:33 ----HD---- C:\WINDOWS\inf

2008-10-03 17:43:33 ----D---- C:\WINDOWS\WinSxS

2008-10-03 17:43:33 ----D---- C:\WINDOWS\twain_32

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Temp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wins

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\wbem

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\usmt

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\spool

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ShellExt

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\Setup

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ras

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\oobe

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\npp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\mui

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\inetsrv

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\IME

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\icsxml

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\ias

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr-fr

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\fr

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\export

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\drivers

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\dhcp

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\config

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3com_dmi

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\3076

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\2052

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1054

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1042

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1041

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1037

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1036

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1033

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1031

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1028

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32\1025

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system32

2008-10-03 17:43:33 ----D---- C:\WINDOWS\system

2008-10-03 17:43:33 ----D---- C:\WINDOWS\security

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Resources

2008-10-03 17:43:33 ----D---- C:\WINDOWS\repair

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Provisioning

2008-10-03 17:43:33 ----D---- C:\WINDOWS\PeerNet

2008-10-03 17:43:33 ----D---- C:\WINDOWS\pchealth

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Network Diagnostic

2008-10-03 17:43:33 ----D---- C:\WINDOWS\mui

2008-10-03 17:43:33 ----D---- C:\WINDOWS\msapps

2008-10-03 17:43:33 ----D---- C:\WINDOWS\msagent

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Media

2008-10-03 17:43:33 ----D---- C:\WINDOWS\L2Schemas

2008-10-03 17:43:33 ----D---- C:\WINDOWS\java

2008-10-03 17:43:33 ----D---- C:\WINDOWS\ime

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Help

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Driver Cache

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Debug

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Cursors

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Connection Wizard

2008-10-03 17:43:33 ----D---- C:\WINDOWS\Config

2008-10-03 17:43:33 ----D---- C:\WINDOWS\AppPatch

2008-10-03 17:43:33 ----D---- C:\WINDOWS\addins

2008-10-03 17:43:33 ----D---- C:\WINDOWS

2008-10-03 17:39:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2008-10-03 17:38:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2008-10-03 17:37:51 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-10-03 17:24:25 ----D---- C:\Program Files\Microsoft Works

2008-10-03 17:24:14 ----D---- C:\Program Files\MSBuild

2008-10-03 17:23:06 ----D---- C:\Program Files\Microsoft Visual Studio

2008-10-03 17:23:05 ----D---- C:\Program Files\Fichiers communs\DESIGNER

2008-10-03 17:17:59 ----D---- C:\WINDOWS\SHELLNEW

2008-10-03 17:17:27 ----D---- C:\Program Files\Microsoft Office

2008-10-03 17:17:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-10-03 17:16:41 ----RHD---- C:\MSOCache

2008-10-03 17:15:02 ----D---- C:\Documents and Settings\Sandrine\Application Data\WinRAR

2008-10-03 17:06:52 ----D---- C:\Program Files\eMule

2008-10-03 17:05:08 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-10-03 17:04:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-10-03 17:04:32 ----D---- C:\Program Files\Windows Live

2008-10-03 17:04:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-10-03 17:04:21 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-10-03 17:02:05 ----A---- C:\WINDOWS\system32\unrar.dll

2008-10-03 17:02:04 ----A---- C:\WINDOWS\avisplitter.ini

2008-10-03 17:01:54 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2008-10-03 17:01:52 ----A---- C:\WINDOWS\system32\xvidcore.dll

2008-10-03 17:01:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2008-10-03 17:01:47 ----A---- C:\WINDOWS\system32\qt-dx331.dll

2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\dpl100.dll

2008-10-03 17:01:46 ----A---- C:\WINDOWS\system32\divx.dll

2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2008-10-03 17:01:33 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2008-10-03 17:01:16 ----D---- C:\Program Files\K-Lite Codec Pack

2008-10-03 16:58:58 ----D---- C:\Program Files\Yahoo!

2008-10-03 16:58:28 ----D---- C:\Program Files\CCleaner

2008-10-03 16:57:29 ----D---- C:\Program Files\WinRAR

2008-10-03 16:53:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2008-10-03 16:52:00 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-10-03 16:52:00 ----D---- C:\Program Files\Adobe

2008-10-03 16:34:51 ----D---- C:\Documents and Settings\Sandrine\Application Data\Mozilla

2008-10-03 16:34:37 ----D---- C:\Program Files\Mozilla Firefox

2008-10-03 16:34:00 ----D---- C:\WINDOWS\system32\PreInstall

2008-10-03 16:33:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-10-03 16:33:58 ----HD---- C:\WINDOWS\$hf_mig$

2008-10-03 16:32:46 ----D---- C:\Program Files\HP

2008-10-03 16:31:19 ----HD---- C:\Config.Msi

2008-10-03 16:28:33 ----D---- C:\Documents and Settings\Sandrine\Application Data\HP

2008-10-03 16:26:38 ----D---- C:\Documents and Settings\Sandrine\Application Data\Bitdefender

2008-10-03 16:16:09 ----D---- C:\Program Files\Softwin

2008-10-03 16:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender

2008-10-03 16:15:09 ----D---- C:\Program Files\Fichiers communs\Softwin

2008-10-03 16:13:46 ----SHD---- C:\RECYCLER

2008-10-03 16:13:01 ----D---- C:\Documents and Settings\Sandrine\Application Data\Identities

2008-10-03 16:12:59 ----HD---- C:\Program Files\Uninstall Information

2008-10-03 16:12:53 ----ASH---- C:\Documents and Settings\Sandrine\Application Data\desktop.ini

2008-10-03 16:12:52 ----SD---- C:\Documents and Settings\Sandrine\Application Data\Microsoft

2008-10-03 16:12:31 ----A---- C:\WINDOWS\system32\wpa.bak

2008-10-03 16:11:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-10-03 16:10:38 ----D---- C:\WINDOWS\SoftwareDistribution

2008-10-03 16:10:29 ----D---- C:\WINDOWS\Prefetch

2008-10-03 16:10:28 ----SD---- C:\WINDOWS\system32\Microsoft

2008-10-03 16:10:28 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-10-03 16:07:13 ----D---- C:\WINDOWS\system32\xircom

2008-10-03 16:07:13 ----D---- C:\Program Files\xerox

2008-10-03 16:07:13 ----D---- C:\Program Files\microsoft frontpage

2008-10-03 16:07:00 ----A---- C:\WINDOWS\control.ini

2008-10-03 16:07:00 ----A---- C:\AUTOEXEC.BAT

2008-10-03 16:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-10-03 16:05:22 ----RD---- C:\WINDOWS\Offline Web Pages

2008-10-03 16:05:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-10-03 16:05:14 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-10-03 16:05:09 ----HD---- C:\Program Files\WindowsUpdate

2008-10-03 16:05:03 ----D---- C:\Program Files\Services en ligne

2008-10-03 16:04:46 ----D---- C:\WINDOWS\system32\DirectX

2008-10-03 16:04:42 ----A---- C:\WINDOWS\system32\atrace.dll

2008-10-03 16:04:40 ----A---- C:\WINDOWS\system32\desktop.ini

2008-10-03 16:04:40 ----A---- C:\WINDOWS\desktop.ini

2008-10-03 16:04:34 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-10-03 16:04:33 ----D---- C:\Program Files\Fichiers communs\Services

2008-10-03 16:04:33 ----A---- C:\WINDOWS\system32\acctres.dll

2008-10-03 16:04:31 ----SD---- C:\WINDOWS\Tasks

2008-10-03 16:04:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-10-03 16:04:30 ----D---- C:\Program Files\Fichiers communs\MSSoap

2008-10-03 16:04:27 ----D---- C:\WINDOWS\srchasst

2008-10-03 16:04:26 ----D---- C:\WINDOWS\system32\Macromed

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-10-03 16:04:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wups.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-10-03 16:04:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-10-03 16:04:20 ----D---- C:\Program Files\Movie Maker

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-10-03 16:04:06 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-10-03 16:04:03 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-10-03 16:04:02 ----D---- C:\WINDOWS\system32\Restore

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\srclient.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-10-03 16:04:02 ----A---- C:\WINDOWS\system32\ils.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\msconf.dll

2008-10-03 16:04:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-10-03 16:03:59 ----D---- C:\Program Files\NetMeeting

2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-10-03 16:03:59 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetres.dll

2008-10-03 16:03:58 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-10-03 16:03:56 ----D---- C:\Program Files\Outlook Express

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\mstask.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\isign32.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-10-03 16:03:56 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-10-03 16:03:51 ----D---- C:\Program Files\Fichiers communs\System

2008-10-03 16:03:49 ----D---- C:\Program Files\Internet Explorer

2008-10-03 16:03:33 ----D---- C:\Program Files\ComPlus Applications

2008-10-03 16:03:30 ----A---- C:\WINDOWS\vbaddin.ini

2008-10-03 16:03:30 ----A---- C:\WINDOWS\vb.ini

2008-10-03 16:03:24 ----D---- C:\WINDOWS\Registration

2008-10-03 16:02:40 ----D---- C:\Program Files\Windows Media Player

2008-10-03 16:02:40 ----D---- C:\Program Files\Online Services

2008-10-03 16:02:33 ----D---- C:\Program Files\Messenger

2008-10-03 16:02:30 ----D---- C:\Program Files\MSN Gaming Zone

2008-10-03 16:02:30 ----A---- C:\WINDOWS\system32\write.exe

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\hticons.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avwav.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-10-03 16:02:22 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-10-03 16:02:21 ----A---- C:\WINDOWS\system32\winchat.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\winmine.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\sol.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\getuname.dll

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\charmap.exe

2008-10-03 16:02:16 ----A---- C:\WINDOWS\system32\calc.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tskill.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\tscon.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\shadow.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\reset.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-10-03 16:02:15 ----A---- C:\WINDOWS\system32\freecell.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\regini.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msg.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\logoff.exe

2008-10-03 16:02:14 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-10-03 16:02:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-10-03 16:02:02 ----D---- C:\Program Files\MSN

2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-10-03 16:02:01 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-10-03 16:02:00 ----D---- C:\Program Files\Windows NT

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-10-03 16:02:00 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-10-03 16:01:59 ----A---- C:\WINDOWS\system32\spider.exe

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tsgqec.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-10-03 16:01:58 ----A---- C:\WINDOWS\system32\aaclient.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-10-03 16:01:57 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-10-03 16:01:56 ----D---- C:\WINDOWS\system32\MsDtc

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-10-03 16:01:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-10-03 16:01:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-10-03 16:01:54 ----D---- C:\WINDOWS\system32\Com

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\stclient.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\colbact.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-10-03 16:01:54 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comuid.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-10-03 16:01:53 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-10-03 16:01:48 ----A---- C:\WINDOWS\system32\cmprops.dll

 

======List of files/folders modified in the last 1 months======

 

2008-10-20 16:30:34 ----A---- C:\WINDOWS\win.ini

2008-10-16 12:50:36 ----A---- C:\WINDOWS\system.ini

2008-10-03 16:31:24 ----A---- C:\WINDOWS\system32\xreglib.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]

R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]

R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []

R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []

R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056]

R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528]

R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352]

R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-08-31 264704]

S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2008-10-03 81920]

R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-10-03 278528]

R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-10-03 462848]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]

S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]

S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

 

-----------------EOF-----------------

 

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...