infection winupgro.exe

[Alex36]

voila bon soir je crois etre infecté par se truc quii le lance au démarrage de la machine :

 

aucun moyen de faire quoi que ce soit tout les logiciels de protection a-v ne fonctionnenet pas et par consequent je ne peut pas affichier de rapport

 

hijackthis me dit : ce fichier doit etre ouvert avec un lien donc bon SVP aidez MOI

 

EDIT : il n'y a guerre que celog qui marche

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by Alexandre at 2008-12-21 21:36:51

Microsoft Windows XP Professionnel Service Pack 2

System drive C: has 12 GB (44%) free of 28 GB

Total RAM: 3071 MB (86% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:27:19, on 21/12/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Alexandre\Bureau\RSIT.exe

C:\Program Files\trend micro\Alexandre.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{64EF3655-A2E7-48DC-BA1B-2DDD5069C58B}: NameServer = 192.168.1.1

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

 

--

End of file - 5782 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-12-12 1372160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-20 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-20 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-20 73728]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"C6501Sound"=RunDll32 c6501.cpl []

"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-25 339968]

"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-03-12 81920]

"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe [2003-04-01 270336]

"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe [2006-01-22 823304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]

C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2007-12-25 937984]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2008-12-18 155648]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-20 136600]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Bonjour Service"=2

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLUA"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\GigaByte\VGA Utility Manager\G-vga.exe"="C:\Program Files\GigaByte\VGA Utility Manager\G-vga.exe:*:Enabled:Menu"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"I:\Program Files\uTorrent\uTorrent.exe"="I:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"

"I:\Program Files\TmNationsForever\TmForever.exe"="I:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"I:\Bacups\BACKUP\Program Files\LimeWire\LimeWire.exe"="I:\Bacups\BACKUP\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Documents and Settings\Alexandre\Mes documents\Downloads\PC_Flatout.2 -multi5-+-.direct.play.rip.-ToeD\Flatout2\flatout2.exe"="C:\Documents and Settings\Alexandre\Mes documents\Downloads\PC_Flatout.2 -multi5-+-.direct.play.rip.-ToeD\Flatout2\flatout2.exe:*:Enabled:flatout2"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

======List of files/folders created in the last 1 months======

 

2008-12-21 21:32:20 ----HD---- C:\Documents and Settings\Alexandre\Application Data\m

2008-12-21 21:31:30 ----A---- C:\WINDOWS\system32\ban_list.txt

2008-12-21 21:27:16 ----D---- C:\Program Files\trend micro

2008-12-21 21:27:15 ----D---- C:\rsit

2008-12-21 20:57:51 ----A---- C:\InfoSat.txt

2008-12-21 20:10:17 ----D---- C:\Program Files\PDF2Image v2.0

2008-12-21 19:41:49 ----D---- C:\Documents and Settings\Alexandre\Application Data\fltk.org

2008-12-21 19:37:13 ----HD---- C:\Documents and Settings\Alexandre\Application Data\drivers

2008-12-21 19:32:43 ----D---- C:\Program Files\VeryPDF PDF2Image v2.1

2008-12-21 19:27:25 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll

2008-12-21 19:27:24 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL

2008-12-21 19:27:23 ----D---- C:\Program Files\PDFCreator

2008-12-21 19:27:23 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL

2008-12-21 19:27:23 ----A---- C:\WINDOWS\system32\MSCC2FR.DLL

2008-12-21 19:10:09 ----D---- C:\Documents and Settings\Alexandre\Application Data\AdobeUM

2008-12-21 17:12:34 ----D---- C:\WINDOWS\Minidump

2008-12-21 15:59:25 ----A---- C:\WINDOWS\ntbtlog.txt

2008-12-21 14:45:56 ----A---- C:\WINDOWS\system32\megastore.ini

2008-12-21 14:43:38 ----D---- C:\WINDOWS\system32\JVeffect

2008-12-21 14:43:38 ----D---- C:\Program Files\MegaWorld

2008-12-20 17:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2008-12-20 17:16:55 ----A---- C:\WINDOWS\system32\wmpns.dll

2008-12-20 17:16:49 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$

2008-12-20 14:03:08 ----D---- C:\Documents and Settings\Alexandre\Application Data\Malwarebytes

2008-12-20 14:03:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-12-20 14:03:04 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-12-20 13:49:13 ----A---- C:\WINDOWS\TemplateWizard.INI

2008-12-20 13:41:08 ----A---- C:\WINDOWS\system32\muweb.dll

2008-12-20 13:41:08 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2008-12-20 13:41:08 ----A---- C:\WINDOWS\system32\mucltui.dll

2008-12-20 12:35:16 ----D---- C:\Program Files\Namo

2008-12-20 09:20:31 ----D---- C:\Documents and Settings\Alexandre\Application Data\LimeWire

2008-12-20 09:14:54 ----A---- C:\WINDOWS\system32\javaws.exe

2008-12-20 09:14:54 ----A---- C:\WINDOWS\system32\javaw.exe

2008-12-20 09:14:54 ----A---- C:\WINDOWS\system32\java.exe

2008-12-20 09:14:54 ----A---- C:\WINDOWS\system32\deploytk.dll

2008-12-20 09:14:49 ----D---- C:\Program Files\illiminable

2008-12-20 09:14:36 ----D---- C:\Program Files\Java

2008-12-20 09:12:29 ----D---- C:\Documents and Settings\Alexandre\Application Data\Sun

2008-12-20 09:10:17 ----D---- C:\Program Files\Notepad++

2008-12-20 09:10:17 ----D---- C:\Documents and Settings\Alexandre\Application Data\Notepad++

2008-12-19 23:42:35 ----D---- C:\Program Files\Trapcode

2008-12-19 23:42:35 ----A---- C:\Program Files\uninst-3DStroke.exe

2008-12-19 23:42:01 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-12-19 23:41:48 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-12-19 23:25:43 ----D---- C:\Program Files\Windows Live SkyDrive

2008-12-19 23:14:55 ----D---- C:\Program Files\Fichiers communs\Windows Live

2008-12-19 21:22:13 ----D---- C:\Python26

2008-12-19 21:20:05 ----D---- C:\Documents and Settings\Alexandre\Application Data\Blender Foundation

2008-12-19 18:57:42 ----D---- C:\Documents and Settings\Alexandre\Application Data\skypePM

2008-12-19 17:15:00 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania

2008-12-19 17:14:37 ----A---- C:\WINDOWS\system32\d3dx10_40.dll

2008-12-19 17:14:37 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll

2008-12-19 17:14:36 ----A---- C:\WINDOWS\system32\XAudio2_3.dll

2008-12-19 17:14:36 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll

2008-12-19 17:14:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll

2008-12-19 17:14:36 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll

2008-12-19 17:14:36 ----A---- C:\WINDOWS\system32\D3DX9_40.dll

2008-12-19 17:14:35 ----A---- C:\WINDOWS\system32\XAudio2_2.dll

2008-12-19 17:14:35 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll

2008-12-19 17:14:35 ----A---- C:\WINDOWS\system32\xactengine3_2.dll

2008-12-19 17:14:35 ----A---- C:\WINDOWS\system32\D3DX9_39.dll

2008-12-19 17:14:35 ----A---- C:\WINDOWS\system32\d3dx10_39.dll

2008-12-19 17:14:35 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll

2008-12-19 17:14:34 ----A---- C:\WINDOWS\system32\XAudio2_1.dll

2008-12-19 17:14:34 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll

2008-12-19 17:14:34 ----A---- C:\WINDOWS\system32\xactengine3_1.dll

2008-12-19 17:14:34 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll

2008-12-19 17:14:34 ----A---- C:\WINDOWS\system32\d3dx10_38.dll

2008-12-19 17:14:34 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll

2008-12-19 17:14:33 ----A---- C:\WINDOWS\system32\XAudio2_0.dll

2008-12-19 17:14:33 ----A---- C:\WINDOWS\system32\xactengine3_0.dll

2008-12-19 17:14:33 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll

2008-12-19 17:14:33 ----A---- C:\WINDOWS\system32\D3DX9_38.dll

2008-12-19 17:14:32 ----A---- C:\WINDOWS\system32\xactengine2_10.dll

2008-12-19 17:14:32 ----A---- C:\WINDOWS\system32\D3DX9_37.dll

2008-12-19 17:14:32 ----A---- C:\WINDOWS\system32\d3dx10_37.dll

2008-12-19 17:14:32 ----A---- C:\WINDOWS\system32\d3dx10_36.dll

2008-12-19 17:14:32 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll

2008-12-19 17:14:32 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll

2008-12-19 17:14:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll

2008-12-19 17:14:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll

2008-12-19 17:14:31 ----A---- C:\WINDOWS\system32\d3dx9_36.dll

2008-12-19 17:14:31 ----A---- C:\WINDOWS\system32\d3dx9_35.dll

2008-12-19 17:14:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll

2008-12-19 17:14:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\xinput1_3.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\xactengine2_7.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\d3dx9_34.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\d3dx10_33.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll

2008-12-19 17:14:30 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll

2008-12-19 17:14:26 ----A---- C:\WINDOWS\system32\d3dx9_33.dll

2008-12-19 17:14:25 ----A---- C:\WINDOWS\system32\xactengine2_6.dll

2008-12-19 17:14:25 ----A---- C:\WINDOWS\system32\xactengine2_5.dll

2008-12-19 17:14:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll

2008-12-19 17:14:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll

2008-12-19 17:14:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2008-12-19 17:14:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll

2008-12-19 17:14:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll

2008-12-19 17:14:24 ----A---- C:\WINDOWS\system32\xinput1_1.dll

2008-12-19 17:14:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll

2008-12-19 17:14:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll

2008-12-19 17:14:23 ----A---- C:\WINDOWS\system32\xactengine2_1.dll

2008-12-19 17:14:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll

2008-12-19 17:14:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll

2008-12-19 17:14:13 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2008-12-19 17:14:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll

2008-12-19 17:14:12 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll

2008-12-19 17:14:12 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2008-12-19 17:14:12 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

2008-12-19 17:14:11 ----A---- C:\WINDOWS\system32\d3dx9_26.dll

2008-12-19 17:14:11 ----A---- C:\WINDOWS\system32\d3dx9_25.dll

2008-12-19 17:14:10 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

2008-12-19 17:14:01 ----D---- C:\WINDOWS\Logs

2008-12-19 16:55:36 ----D---- C:\Documents and Settings\Alexandre\Application Data\Skype

2008-12-19 16:06:36 ----D---- C:\WINDOWS\system32\CatRoot_bak

2008-12-18 22:48:46 ----A---- C:\WINDOWS\NeroDigital.ini

2008-12-18 22:47:03 ----D---- C:\Documents and Settings\Alexandre\Application Data\Apple Computer

2008-12-18 22:43:59 ----D---- C:\Program Files\SuperCopier2

2008-12-18 22:30:03 ----D---- C:\Documents and Settings\Alexandre\Application Data\Ahead

2008-12-18 22:29:05 ----D---- C:\Program Files\Nero

2008-12-18 22:29:05 ----D---- C:\Program Files\Fichiers communs\Ahead

2008-12-18 22:27:13 ----D---- C:\Program Files\MSn CoLoR Dégradé

2008-12-18 22:27:03 ----N---- C:\WINDOWS\Setup1.exe

2008-12-18 22:27:00 ----A---- C:\WINDOWS\ST6UNST.EXE

2008-12-18 22:23:54 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!

2008-12-18 22:03:41 ----D---- C:\Program Files\Windows Live

2008-12-18 22:03:36 ----D---- C:\Program Files\Messenger Plus! Live

2008-12-18 22:00:22 ----D---- C:\Documents and Settings\Alexandre\Application Data\Macromedia

2008-12-18 21:56:51 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll

2008-12-18 21:56:51 ----N---- C:\WINDOWS\system32\dbmsgnet.dll

2008-12-18 21:56:24 ----D---- C:\Program Files\Microsoft SQL Server

2008-12-18 21:56:13 ----D---- C:\Documents and Settings\Alexandre\Application Data\Sony

2008-12-18 21:55:27 ----D---- C:\Program Files\ASIO4ALL v2

2008-12-18 21:54:43 ----D---- C:\Program Files\Vstplugins

2008-12-18 21:54:22 ----D---- C:\Documents and Settings\All Users\Application Data\Sony

2008-12-18 21:52:33 ----D---- C:\Program Files\ThiWeb Live 2

2008-12-18 21:52:25 ----D---- C:\Program Files\Unlocker

2008-12-18 21:47:15 ----D---- C:\Documents and Settings\Alexandre\Application Data\Juce VST Host

2008-12-18 21:39:16 ----D---- C:\Program Files\DAMN NFO Viewer

2008-12-18 21:35:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2008-12-18 21:27:24 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet

2008-12-18 21:02:57 ----D---- C:\Documents and Settings\All Users\Application Data\DynDNS

2008-12-18 21:02:32 ----D---- C:\Program Files\DynDNS Updater

2008-12-18 20:59:06 ----D---- C:\Program Files\Bonjour

2008-12-18 20:55:56 ----D---- C:\Documents and Settings\Alexandre\Application Data\Adobe

2008-12-18 20:08:02 ----D---- C:\Program Files\eMule

2008-12-18 19:53:36 ----D---- C:\Program Files\FileZilla Server

2008-12-18 19:48:03 ----D---- C:\Program Files\Elaborate Bytes

2008-12-18 19:47:47 ----D---- C:\Program Files\SlySoft

2008-12-18 19:47:13 ----D---- C:\Documents and Settings\Alexandre\Application Data\Sony Setup

2008-12-18 19:46:39 ----D---- C:\Program Files\Sony Setup

2008-12-18 19:45:57 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared

2008-12-18 19:45:04 ----D---- C:\Documents and Settings\Alexandre\Application Data\WinRAR

2008-12-18 19:25:09 ----A---- C:\WINDOWS\system32\ativvaxx.dll

2008-12-18 19:25:09 ----A---- C:\WINDOWS\system32\ati3duag.dll

2008-12-18 19:25:04 ----A---- C:\WINDOWS\system32\ati2dvag.dll

2008-12-18 19:25:03 ----A---- C:\WINDOWS\system32\ati2cqag.dll

2008-12-18 19:23:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-12-18 19:23:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-12-18 19:23:04 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-12-18 19:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-12-18 19:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$

2008-12-18 19:22:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$

2008-12-18 19:22:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2008-12-18 19:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-12-18 19:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-12-18 19:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-12-18 19:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-12-18 19:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-12-18 19:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-12-18 19:22:07 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2008-12-18 19:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-12-18 19:21:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-12-18 19:21:54 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-12-18 19:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$

2008-12-18 19:20:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-12-18 19:20:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2008-12-18 19:20:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2008-12-18 19:20:08 ----A---- C:\WINDOWS\system32\rewire.dll

2008-12-18 19:20:07 ----D---- C:\Program Files\Image-Line

2008-12-18 19:19:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

2008-12-18 19:17:57 ----D---- C:\Program Files\Steinberg

2008-12-18 19:16:04 ----D---- C:\Documents and Settings\Alexandre\Application Data\uTorrent

2008-12-18 19:16:00 ----D---- C:\WINDOWS\ie7updates

2008-12-18 19:15:33 ----D---- C:\WINDOWS\WBEM

2008-12-18 19:15:32 ----D---- C:\WINDOWS\system32\fr-fr

2008-12-18 19:15:14 ----A---- C:\WINDOWS\system32\gdiplus.dll

2008-12-18 19:15:06 ----HDC---- C:\WINDOWS\ie7

2008-12-18 19:14:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2008-12-18 19:14:32 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2008-12-18 19:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$

2008-12-18 19:14:11 ----N---- C:\WINDOWS\system32\xmllite.dll

2008-12-18 19:12:50 ----A---- C:\WINDOWS\system32\MRT.exe

2008-12-18 19:12:47 ----D---- C:\WINDOWS\network diagnostic

2008-12-18 19:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$

2008-12-18 19:12:40 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$

2008-12-18 19:06:51 ----D---- C:\Documents and Settings\Alexandre\Application Data\Mozilla

2008-12-18 19:04:42 ----D---- C:\WINDOWS\pss

2008-12-18 19:04:22 ----D---- C:\Documents and Settings\Alexandre\Application Data\Identities

2008-12-18 19:04:15 ----ASH---- C:\Documents and Settings\Alexandre\Application Data\desktop.ini

2008-12-18 19:04:14 ----SD---- C:\Documents and Settings\Alexandre\Application Data\Microsoft

2008-12-18 19:01:24 ----A---- C:\WINDOWS\system32\pthreadGC2.dll

2008-12-18 19:01:24 ----A---- C:\WINDOWS\system32\msvcr71.dll

2008-12-18 19:01:24 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2008-12-18 19:01:24 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2008-12-18 19:01:23 ----D---- C:\Program Files\ffdshow

2008-12-18 19:01:23 ----A---- C:\WINDOWS\system32\msvcp71.dll

2008-12-18 19:00:13 ----D---- C:\Program Files\QuickTime

2008-12-18 18:59:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-12-18 18:55:55 ----D---- C:\Program Files\Mozilla Firefox

2008-12-18 18:54:52 ----SHD---- C:\RECYCLER

2008-12-18 18:52:34 ----D---- C:\WINDOWS\RegisteredPackages

2008-12-18 18:52:22 ----A---- C:\WINDOWS\IE4 Error Log.txt

2008-12-18 18:51:14 ----A---- C:\WINDOWS\system32\h323log.txt

2008-12-18 18:48:52 ----D---- C:\Program Files\Fichiers communs\Adobe

2008-12-18 18:48:52 ----D---- C:\Program Files\Adobe

2008-12-18 18:46:40 ----A---- C:\WINDOWS\IsUn040c.exe

2008-12-18 18:46:25 ----A---- C:\WINDOWS\ODBC.INI

2008-12-18 18:46:20 ----A---- C:\WINDOWS\system32\mdimon.dll

2008-12-18 18:45:01 ----D---- C:\Program Files\Fichiers communs\DESIGNER

2008-12-18 18:44:59 ----D---- C:\Program Files\Microsoft Works

2008-12-18 18:44:51 ----D---- C:\Program Files\Microsoft Visual Studio

2008-12-18 18:44:38 ----D---- C:\WINDOWS\SHELLNEW

2008-12-18 18:44:31 ----D---- C:\Program Files\Microsoft.NET

2008-12-18 18:44:31 ----D---- C:\Program Files\Microsoft Office

2008-12-18 18:40:02 ----A---- C:\WINDOWS\WININIT.INI

2008-12-18 18:38:44 ----D---- C:\WINDOWS\system32\PreInstall

2008-12-18 18:38:43 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-12-18 18:38:43 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2008-12-18 18:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2008-12-18 18:38:42 ----HD---- C:\WINDOWS\$hf_mig$

2008-12-18 18:32:55 ----D---- C:\Program Files\Skype

2008-12-18 18:32:55 ----D---- C:\Program Files\Fichiers communs\Skype

2008-12-18 18:32:32 ----D---- C:\Program Files\D-Tools

2008-12-18 18:31:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2008-12-18 18:31:52 ----D---- C:\Program Files\MSN Messenger

2008-12-18 18:30:20 ----A---- C:\WINDOWS\system32\ati3d1ag.dll

2008-12-18 18:30:02 ----A---- C:\WINDOWS\system32\ksuser.dll

2008-12-18 18:29:55 ----A---- C:\WINDOWS\system32\usbui.dll

2008-12-18 18:28:59 ----A---- C:\WINDOWS\imsins.BAK

2008-12-18 18:28:56 ----SHD---- C:\WINDOWS\Installer

2008-12-18 18:28:56 ----D---- C:\Program Files\Fichiers communs\ODBC

2008-12-18 18:28:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-12-18 18:28:56 ----A---- C:\WINDOWS\ODBCINST.INI

2008-12-18 18:28:53 ----D---- C:\Program Files\Fichiers communs\SpeechEngines

2008-12-18 18:28:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2008-12-18 18:28:52 ----RD---- C:\Program Files

2008-12-18 18:28:52 ----D---- C:\Program Files\Fichiers communs

2008-12-18 18:28:50 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2008-12-18 18:28:50 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2008-12-18 18:28:50 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdur.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdru.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2008-12-18 18:28:48 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2008-12-18 18:28:46 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2008-12-18 18:28:45 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2008-12-18 18:28:45 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2008-12-18 18:28:45 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2008-12-18 18:28:45 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2008-12-18 18:28:45 ----RA---- C:\WINDOWS\system32\kbdest.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdro.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2008-12-18 18:28:43 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2008-12-18 18:28:41 ----A---- C:\WINDOWS\system32\irclass.dll

2008-12-18 18:28:40 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-12-18 18:28:40 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2008-12-18 18:28:40 ----A---- C:\WINDOWS\system32\dgsetup.dll

2008-12-18 18:28:40 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2008-12-18 18:28:38 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2008-12-18 18:28:38 ----A---- C:\WINDOWS\TASKMAN.EXE

2008-12-18 18:28:37 ----A---- C:\WINDOWS\system32\batt.dll

2008-12-18 18:28:37 ----A---- C:\WINDOWS\NOTEPAD.EXE

2008-12-18 18:28:36 ----A---- C:\WINDOWS\system32\storprop.dll

2008-12-18 18:28:29 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2008-12-18 18:28:25 ----RA---- C:\WINDOWS\SET8.tmp

2008-12-18 18:28:23 ----RA---- C:\WINDOWS\SET4.tmp

2008-12-18 18:28:22 ----RA---- C:\WINDOWS\SET3.tmp

2008-12-18 18:28:17 ----D---- C:\WINDOWS\system32\CatRoot2

2008-12-18 18:28:17 ----D---- C:\WINDOWS\system32\CatRoot

2008-12-18 18:28:11 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-12-18 18:27:55 ----A---- C:\WINDOWS\setuplog.txt

2008-12-18 18:27:51 ----D---- C:\Documents and Settings

2008-12-18 18:26:57 ----RSH---- C:\boot.ini

2008-12-18 18:24:23 ----D---- C:\WINDOWS\system32\NtmsData

2008-12-18 18:23:45 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-12-18 18:23:45 ----RSD---- C:\WINDOWS\Fonts

2008-12-18 18:23:45 ----RD---- C:\WINDOWS\Web

2008-12-18 18:23:45 ----HD---- C:\WINDOWS\inf

2008-12-18 18:23:45 ----D---- C:\WINDOWS\WinSxS

2008-12-18 18:23:45 ----D---- C:\WINDOWS\twain_32

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Temp

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\wins

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\wbem

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\usmt

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\spool

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\ShellExt

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\Setup

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\ras

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\oobe

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\npp

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\mui

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\inetsrv

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\IME

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\icsxml

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\ias

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\export

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\drivers

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\dhcp

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\config

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\3com_dmi

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\3076

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\2052

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1054

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1042

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1041

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1037

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1036

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1033

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1031

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1028

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32\1025

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system32

2008-12-18 18:23:45 ----D---- C:\WINDOWS\system

2008-12-18 18:23:45 ----D---- C:\WINDOWS\security

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Resources

2008-12-18 18:23:45 ----D---- C:\WINDOWS\repair

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Provisioning

2008-12-18 18:23:45 ----D---- C:\WINDOWS\PeerNet

2008-12-18 18:23:45 ----D---- C:\WINDOWS\pchealth

2008-12-18 18:23:45 ----D---- C:\WINDOWS\mui

2008-12-18 18:23:45 ----D---- C:\WINDOWS\msapps

2008-12-18 18:23:45 ----D---- C:\WINDOWS\msagent

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Media

2008-12-18 18:23:45 ----D---- C:\WINDOWS\java

2008-12-18 18:23:45 ----D---- C:\WINDOWS\ime

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Help

2008-12-18 18:23:45 ----D---- C:\WINDOWS\ehome

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Driver Cache

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Debug

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Cursors

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Connection Wizard

2008-12-18 18:23:45 ----D---- C:\WINDOWS\Config

2008-12-18 18:23:45 ----D---- C:\WINDOWS\AppPatch

2008-12-18 18:23:45 ----D---- C:\WINDOWS\addins

2008-12-18 18:23:45 ----D---- C:\WINDOWS

2008-12-18 18:22:44 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2008-12-18 18:19:47 ----A---- C:\WINDOWS\system32\WLANUTL.dll

2008-12-18 18:19:47 ----A---- C:\WINDOWS\system32\W32N50.dll

2008-12-18 18:19:47 ----A---- C:\WINDOWS\system32\ssleay32.dll

2008-12-18 18:19:47 ----A---- C:\WINDOWS\system32\libeay32.dll

2008-12-18 18:19:47 ----A---- C:\WINDOWS\system32\AegisE5.dll

2008-12-18 18:19:46 ----D---- C:\Program Files\SAGEM Wi-Fi USB 802.11g

2008-12-18 18:19:39 ----D---- C:\Program Files\SAGEM

2008-12-18 18:19:39 ----A---- C:\WINDOWS\UninstWiFi.exe

2008-12-18 18:12:28 ----A---- C:\WINDOWS\IsUninst.exe

2008-12-18 18:11:11 ----RSD---- C:\WINDOWS\assembly

2008-12-18 18:11:11 ----D---- C:\WINDOWS\Microsoft.NET

2008-12-18 18:11:10 ----D---- C:\WINDOWS\system32\URTTemp

2008-12-18 18:10:35 ----RA---- C:\WINDOWS\system32\atiiiexx.dll

2008-12-18 18:10:34 ----RA---- C:\WINDOWS\system32\ATIDEMGR.dll

2008-12-18 18:10:20 ----D---- C:\Program Files\ATI Technologies

2008-12-18 18:10:16 ----HD---- C:\Program Files\InstallShield Installation Information

2008-12-18 18:09:47 ----D---- C:\Program Files\Lavalys

2008-12-18 18:09:16 ----D---- C:\Program Files\WinRAR

2008-12-18 18:05:49 ----D---- C:\Program Files\DIFX

2008-12-18 18:05:47 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-12-18 18:05:31 ----RA---- C:\WINDOWS\system32\nvuide.exe

2008-12-18 18:05:30 ----RA---- C:\WINDOWS\system32\idecoi.dll

2008-12-18 18:05:03 ----RA---- C:\WINDOWS\system32\c6501rm.exe

2008-12-18 18:05:03 ----RA---- C:\WINDOWS\system32\c6501rm.dll

2008-12-18 18:05:03 ----RA---- C:\WINDOWS\system32\c6501p.dll

2008-12-18 18:05:03 ----RA---- C:\WINDOWS\system32\c6501a3d.dll

2008-12-18 18:05:03 ----RA---- C:\WINDOWS\system32\a3d.dll

2008-12-18 18:04:57 ----R---- C:\WINDOWS\Cmi6501Uninstall.exe

2008-12-18 18:04:56 ----RA---- C:\WINDOWS\system32\fdco1ins.dll

2008-12-18 18:04:55 ----RA---- C:\WINDOWS\system32\fdco1.dll

2008-12-18 18:04:51 ----D---- C:\Program Files\C-Media 6501 Sound

2008-12-18 18:04:50 ----A---- C:\WINDOWS\system32\nvunrm.exe

2008-12-18 18:04:49 ----RA---- C:\WINDOWS\system32\nvconrm.dll

2008-12-18 18:04:49 ----RA---- C:\WINDOWS\system32\bdco1ins.dll

2008-12-18 18:04:49 ----RA---- C:\WINDOWS\system32\bdco1.dll

2008-12-18 18:04:48 ----RA---- C:\WINDOWS\system32\nvusmb.exe

2008-12-18 18:04:48 ----RA---- C:\WINDOWS\system32\NVUNINST.EXE

2008-12-18 18:04:46 ----RA---- C:\WINDOWS\system32\nvugart.exe

2008-12-18 18:04:46 ----RA---- C:\WINDOWS\system32\NVCOG.DLL

2008-12-18 18:04:46 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-12-18 18:04:46 ----D---- C:\WINDOWS\NV18681700.TMP

2008-12-18 18:04:24 ----D---- C:\Program Files\Fichiers communs\InstallShield

2008-12-18 18:03:21 ----A---- C:\WINDOWS\Ascd_tmp.ini

2008-12-18 18:00:51 ----HD---- C:\Program Files\Uninstall Information

2008-12-18 17:59:40 ----D---- C:\WINDOWS\SoftwareDistribution

2008-12-18 17:59:38 ----SD---- C:\WINDOWS\system32\Microsoft

2008-12-18 17:59:38 ----D---- C:\WINDOWS\Prefetch

2008-12-18 17:59:38 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-12-18 17:57:02 ----D---- C:\WINDOWS\system32\xircom

2008-12-18 17:57:02 ----D---- C:\Program Files\xerox

2008-12-18 17:57:02 ----D---- C:\Program Files\microsoft frontpage

2008-12-18 17:56:46 ----A---- C:\WINDOWS\control.ini

2008-12-18 17:56:46 ----A---- C:\AUTOEXEC.BAT

2008-12-18 17:56:32 ----A---- C:\WINDOWS\OEWABLog.txt

2008-12-18 17:56:28 ----A---- C:\WINDOWS\system32\mapi32.dll

2008-12-18 17:55:42 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-12-18 17:55:42 ----RD---- C:\WINDOWS\Offline Web Pages

2008-12-18 17:55:42 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-12-18 17:55:37 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-12-18 17:55:32 ----HD---- C:\Program Files\WindowsUpdate

2008-12-18 17:55:29 ----D---- C:\Program Files\Services en ligne

2008-12-18 17:55:17 ----D---- C:\WINDOWS\system32\DirectX

2008-12-18 17:55:01 ----A---- C:\WINDOWS\system32\atrace.dll

2008-12-18 17:54:59 ----A---- C:\WINDOWS\system32\desktop.ini

2008-12-18 17:54:59 ----A---- C:\WINDOWS\desktop.ini

2008-12-18 17:54:53 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2008-12-18 17:54:52 ----A---- C:\WINDOWS\system32\acctres.dll

2008-12-18 17:54:51 ----D---- C:\Program Files\Fichiers communs\Services

2008-12-18 17:54:49 ----SD---- C:\WINDOWS\Tasks

2008-12-18 17:54:49 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2008-12-18 17:54:48 ----D---- C:\Program Files\Fichiers communs\MSSoap

2008-12-18 17:54:45 ----D---- C:\WINDOWS\srchasst

2008-12-18 17:54:44 ----D---- C:\WINDOWS\system32\Macromed

2008-12-18 17:54:42 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-12-18 17:54:42 ----A---- C:\WINDOWS\system32\wups.dll

2008-12-18 17:54:42 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-12-18 17:54:42 ----A---- C:\WINDOWS\system32\wuauserv.dll

2008-12-18 17:54:42 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2008-12-18 17:54:42 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\qmgr.dll

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2008-12-18 17:54:41 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2008-12-18 17:54:38 ----D---- C:\Program Files\Movie Maker

2008-12-18 17:54:35 ----A---- C:\WINDOWS\system32\safrslv.dll

2008-12-18 17:54:35 ----A---- C:\WINDOWS\system32\safrdm.dll

2008-12-18 17:54:35 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2008-12-18 17:54:35 ----A---- C:\WINDOWS\system32\racpldlg.dll

2008-12-18 17:54:32 ----D---- C:\WINDOWS\system32\Restore

2008-12-18 17:54:32 ----A---- C:\WINDOWS\system32\srrstr.dll

2008-12-18 17:54:32 ----A---- C:\WINDOWS\system32\fltMc.exe

2008-12-18 17:54:32 ----A---- C:\WINDOWS\system32\fltlib.dll

2008-12-18 17:54:31 ----A---- C:\WINDOWS\system32\srsvc.dll

2008-12-18 17:54:31 ----A---- C:\WINDOWS\system32\srclient.dll

2008-12-18 17:54:31 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2008-12-18 17:54:31 ----A---- C:\WINDOWS\system32\mnmdd.dll

2008-12-18 17:54:31 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2008-12-18 17:54:31 ----A---- C:\WINDOWS\system32\ils.dll

2008-12-18 17:54:30 ----A---- C:\WINDOWS\system32\msconf.dll

2008-12-18 17:54:30 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2008-12-18 17:54:28 ----D---- C:\Program Files\NetMeeting

2008-12-18 17:54:28 ----A---- C:\WINDOWS\system32\msoert2.dll

2008-12-18 17:54:28 ----A---- C:\WINDOWS\system32\msoeacct.dll

2008-12-18 17:54:27 ----A---- C:\WINDOWS\system32\inetres.dll

2008-12-18 17:54:27 ----A---- C:\WINDOWS\system32\inetcomm.dll

2008-12-18 17:54:26 ----D---- C:\Program Files\Outlook Express

2008-12-18 17:54:26 ----A---- C:\WINDOWS\system32\schedsvc.dll

2008-12-18 17:54:26 ----A---- C:\WINDOWS\system32\mstinit.exe

2008-12-18 17:54:26 ----A---- C:\WINDOWS\system32\mstask.dll

2008-12-18 17:54:25 ----A---- C:\WINDOWS\system32\isign32.dll

2008-12-18 17:54:25 ----A---- C:\WINDOWS\system32\inetcfg.dll

2008-12-18 17:54:25 ----A---- C:\WINDOWS\system32\icwphbk.dll

2008-12-18 17:54:25 ----A---- C:\WINDOWS\system32\icwdial.dll

2008-12-18 17:54:21 ----D---- C:\Program Files\Fichiers communs\System

2008-12-18 17:54:18 ----D---- C:\Program Files\Internet Explorer

2008-12-18 17:53:52 ----D---- C:\Program Files\ComPlus Applications

2008-12-18 17:53:50 ----A---- C:\WINDOWS\vbaddin.ini

2008-12-18 17:53:50 ----A---- C:\WINDOWS\vb.ini

2008-12-18 17:53:46 ----D---- C:\WINDOWS\Registration

2008-12-18 17:53:39 ----D---- C:\Program Files\Windows Media Player

2008-12-18 17:53:39 ----D---- C:\Program Files\Online Services

2008-12-18 17:53:34 ----D---- C:\Program Files\Messenger

2008-12-18 17:53:30 ----D---- C:\Program Files\MSN Gaming Zone

2008-12-18 17:53:30 ----A---- C:\WINDOWS\system32\write.exe

2008-12-18 17:53:24 ----A---- C:\WINDOWS\system32\sndvol32.exe

2008-12-18 17:53:23 ----A---- C:\WINDOWS\system32\winchat.exe

2008-12-18 17:53:23 ----A---- C:\WINDOWS\system32\hticons.dll

2008-12-18 17:53:23 ----A---- C:\WINDOWS\system32\avwav.dll

2008-12-18 17:53:23 ----A---- C:\WINDOWS\system32\avtapi.dll

2008-12-18 17:53:23 ----A---- C:\WINDOWS\system32\avmeter.dll

2008-12-18 17:53:17 ----A---- C:\WINDOWS\system32\sol.exe

2008-12-18 17:53:17 ----A---- C:\WINDOWS\system32\getuname.dll

2008-12-18 17:53:17 ----A---- C:\WINDOWS\system32\charmap.exe

2008-12-18 17:53:17 ----A---- C:\WINDOWS\system32\calc.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\winmine.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\tslabels.ini

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\tskill.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\tscon.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\reset.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\mshearts.exe

2008-12-18 17:53:16 ----A---- C:\WINDOWS\system32\freecell.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\shadow.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\rwinsta.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\regini.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\qwinsta.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\qappsrv.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\msg.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\logoff.exe

2008-12-18 17:53:15 ----A---- C:\WINDOWS\system32\cdmodem.dll

2008-12-18 17:53:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2008-12-18 17:53:14 ----A---- C:\WINDOWS\system32\mtxex.dll

2008-12-18 17:53:14 ----A---- C:\WINDOWS\system32\mtxdm.dll

2008-12-18 17:53:14 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2008-12-18 17:53:14 ----A---- C:\WINDOWS\system32\comrepl.dll

2008-12-18 17:53:14 ----A---- C:\WINDOWS\system32\comaddin.dll

2008-12-18 17:53:13 ----A---- C:\WINDOWS\system32\stclient.dll

2008-12-18 17:53:13 ----A---- C:\WINDOWS\system32\comsnap.dll

2008-12-18 17:53:09 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2008-12-18 17:53:03 ----D---- C:\Program Files\MSN

2008-12-18 17:53:02 ----A---- C:\WINDOWS\system32\accwiz.exe

2008-12-18 17:53:01 ----D---- C:\Program Files\Windows NT

2008-12-18 17:53:01 ----A---- C:\WINDOWS\system32\sndrec32.exe

2008-12-18 17:53:01 ----A---- C:\WINDOWS\system32\mspaint.exe

2008-12-18 17:53:01 ----A---- C:\WINDOWS\system32\mplay32.exe

2008-12-18 17:53:01 ----A---- C:\WINDOWS\system32\hypertrm.dll

2008-12-18 17:53:01 ----A---- C:\WINDOWS\system32\clipbrd.exe

2008-12-18 17:53:00 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2008-12-18 17:53:00 ----A---- C:\WINDOWS\system32\spider.exe

2008-12-18 17:53:00 ----A---- C:\WINDOWS\system32\mstscax.dll

2008-12-18 17:53:00 ----A---- C:\WINDOWS\system32\mstsc.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\tscupgrd.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\termsrv.dll

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\sessmgr.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\remotepg.dll

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\rdshost.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\rdpclip.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\rdchost.dll

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\qprocess.exe

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\icaapi.dll

2008-12-18 17:52:59 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2008-12-18 17:52:58 ----D---- C:\WINDOWS\system32\MsDtc

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\xolehlp.dll

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\mtxoci.dll

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\msdtctm.dll

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\msdtclog.dll

2008-12-18 17:52:58 ----A---- C:\WINDOWS\system32\msdtc.exe

2008-12-18 17:52:57 ----D---- C:\WINDOWS\system32\Com

2008-12-18 17:52:57 ----A---- C:\WINDOWS\system32\colbact.dll

2008-12-18 17:52:57 ----A---- C:\WINDOWS\system32\clbcatex.dll

2008-12-18 17:52:57 ----A---- C:\WINDOWS\system32\catsrvps.dll

2008-12-18 17:52:56 ----A---- C:\WINDOWS\system32\comuid.dll

2008-12-18 17:52:56 ----A---- C:\WINDOWS\system32\comsvcs.dll

2008-12-18 17:52:56 ----A---- C:\WINDOWS\system32\clbcatq.dll

2008-12-18 17:52:56 ----A---- C:\WINDOWS\system32\catsrvut.dll

2008-12-18 17:52:56 ----A---- C:\WINDOWS\system32\catsrv.dll

2008-12-18 17:52:51 ----A---- C:\WINDOWS\system32\servdeps.dll

2008-12-18 17:52:51 ----A---- C:\WINDOWS\system32\mmfutil.dll

2008-12-18 17:52:51 ----A---- C:\WINDOWS\system32\licwmi.dll

2008-12-18 17:52:50 ----A---- C:\WINDOWS\system32\cmprops.dll

2008-12-17 19:32:45 ----SHD---- C:\System Volume Information

2008-12-04 16:52:20 ----A---- C:\WINDOWS\system32\python26.dll

 

======List of files/folders modified in the last 1 months======

 

2008-12-21 21:08:39 ----A---- C:\WINDOWS\win.ini

2008-12-21 21:08:39 ----A---- C:\WINDOWS\system.ini

2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520]

R1 sK9Ou0s;sK9Ou0s; \??\C:\Documents and Settings\Alexandre\Application Data\drivers\srosa2.sys []

R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]

R2 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]

R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-07-22 15781]

R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2006-05-01 19200]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-04 701440]

R3 cm102u32;C-Media CM6501 Like Sound Interface; C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 1419968]

R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]

R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]

R3 es1969;Pilote audio ESS Solo (WDM); C:\WINDOWS\system32\drivers\es1969.sys [2001-08-17 72192]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2002-09-07 9600]

R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]

R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-08-13 379456]

S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332]

S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]

S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]

S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2007-12-25 586240]

R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; I:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR []

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-20 152984]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-18 654848]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; I:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR []

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]

 

-----------------EOF-----------------

Modifié le 21 décembre 2008 par Alex36

[Thanos]

salut

 

Ton pc est infecté par Bagle! Inutile de tenter d'installer un antivirus pour le moment car Bagle le détruira automatiquement!

 

N'utilise pas ce pc pour surfer pour le moment car il est très vulnérable n'étant plus protégé.

 

• Fais un clic sur le bouton droit de ta souris ICI
  
• Choisis Enregistrer la cible (du lien) sous > une fenêtre s'ouvre >>
  
• Dans le champs à droite de "Nom du Fichier" en bas de page, modifie le nom présent (ComboFix.exe) et met ceci >> Alex36.exe
  
• Enregistre-le fichier sur le Bureau: pour cela clique sur le bouton Enregistrer.
   
  Attention!! N'oublie surtout pas de renommer le fichier avant de le télécharger sur le Bureau, sinon il sera détruit par Bagle!
   
   
  
• Assure toi que tous les programmes soient fermés avant de lancer le fix!
  
• Fait un double clique sur Alex36.exe.
  
• Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  
• Tape sur la touche Y (Yes) pour démarrer le scan.
  
• Le pc va certainement redémarrer pour terminer le nettoyage: poste le contenu du rapport qui sera généré au redémarrage dans ton prochain message.
  
• Si tu ne vois pas le rapport, tu le trouveras ici > C:\ComboFix.txt
  

[Apollo]

Bonsoir,

 

Quand on joue avec le feu, on se brûle: tu as téléchargé un crack et tu as chopé Bagle, c'est quasi inévitable en ces temps...

 

ComboFix ne doit pas être utilisé comme un outil de diagnostic, il ne doit être employé que sur demande expresse d'un conseiller formé à cet outil et sous son contrôle. Cet outil peut être dangereux!

 

Connecter les supports amovibles (clé usb et autres) avant de procéder.

 

TUTO Officiel

 

Fais un clic droit ICI

• Dans le menu qui se déroule, choisis "Enregistrer la cible du lien sous" (si tu utilises Firefox) et "Enregistrer la cible sous" (si tu utilises Internet Explorer)
  
• Une fenêtre va s'ouvrir: dans le champs Nom du fichier (en bas ), tape ceci > Alex36-CF
  
• On va enregistrer ce fichier sur le Bureau: pour cela, sur le panneau de gauche, clique sur le Bureau.
   
  
• Clique enfin sur le bouton Enregistrer en bas de page à droite.
  
• Assure toi que tous les programmes sont fermés avant de lancer le fix!
  
• Fait un double clique sur combofix.exe. SOUS VISTA: clic droit, exécuter en temps qu'administrateur.
  
• Si la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepte!
  
• Clique sur Oui au message de Limitation de Garantie qui s'affiche.
  
• Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sure: accepte!
  
• Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  
• Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.
  

 

Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.

 

@++

 

 

 

 

 

 

Hop, j'ai rien dit: continue avec Thanos.

 

Salut Thanos

[Alex36]

Bonsoir,

 

Quand on joue avec le feu, on se brûle: tu as téléchargé un crack et tu as chopé Bagle, c'est quasi inévitable en ces temps...

 

waou t'est devin xD comment tu as su ??!

oui je sais , mais on vadire que ce n'est que la 10ème fois sur 6mois que j'ai un baggle , Aussi je trouve que avira8 est moins performant qu'avira 7 (moins d'alerte ,mais j'ai pourtant bien configuré mon avira)

 

il veut que j'installe la console de recup! oui ou non ?

>> j'ai mis oui .

 

ComboFix 08-12-21.04 - Alexandre 2008-12-22 8:53:22.1 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.3071.2749 [GMT 1:00]

Lancé depuis: c:\documents and settings\Alexandre\Bureau\alex36.exe

* Un nouveau point de restauration a été créé

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Alexandre\Application Data\drivers\downld

c:\documents and settings\Alexandre\Application Data\drivers\downld\125125.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\125859.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\126156.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\150609.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\249671.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\250328.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\262250.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\263562.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\263968.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\264609.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\265390.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\265937.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\329187.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\329750.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\330031.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\44843.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\46234.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\53515.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\56859.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\57187.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\57218.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\64703.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\69687.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\71375.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\72062.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\74140.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\76187.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\76500.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\8847421.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\8847812.exe

c:\documents and settings\Alexandre\Application Data\drivers\downld\8847953.exe

c:\documents and settings\Alexandre\Application Data\drivers\srosa.sys

c:\documents and settings\Alexandre\Application Data\drivers\srosa2.sys

c:\documents and settings\Alexandre\Application Data\drivers\winupgro.exe

c:\documents and settings\Alexandre\Application Data\m

c:\documents and settings\Alexandre\Application Data\m\data.oct

c:\documents and settings\Alexandre\Application Data\m\flec006.exe

c:\documents and settings\Alexandre\Application Data\m\list.oct

c:\documents and settings\Alexandre\Application Data\m\shared\3D Valentine Fireworks 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\4Musics MP3 to WAV Converter 4.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\A to Z.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Abbey 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\ABC Amber PDF Converter 4.01.zip

c:\documents and settings\Alexandre\Application Data\m\shared\ABCUpload ASP 4.6.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Alligator Snap 1.4.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\AntiVir.Personal.Edition.Premium_6.31.00.03_Deutsch_Inc.Key.Murph.zip

c:\documents and settings\Alexandre\Application Data\m\shared\antivir_dos_en.zip

c:\documents and settings\Alexandre\Application Data\m\shared\AnyWhere Pro 6.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Apex Video to MP3 WMA WAV Converter 4.64.zip

c:\documents and settings\Alexandre\Application Data\m\shared\AtPresent Recorder Pro 3.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Avast.Pro.v4.7.871.Incl.Keymaker-CORE.czip.zip

c:\documents and settings\Alexandre\Application Data\m\shared\AVG.Anti-Virus.7.344.Build.618.pro.zip

c:\documents and settings\Alexandre\Application Data\m\shared\BackTrax USA toolbar for IE 4.5.127.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Banner Generator Pro 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\BillSniff 1.0.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Bitdefender.9.standard.+.crack.2006.(fr).zip

c:\documents and settings\Alexandre\Application Data\m\shared\Bitdefender.v10.Fr.Internet.Security.Crack.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Bling Clock 2.01.zip

c:\documents and settings\Alexandre\Application Data\m\shared\cIRCulation 0.4.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\ckdWallet 1.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Clockness Binary Clock Screensaver 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\COTCollector 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Cyber Fire 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Data Questor 1.40.zip

c:\documents and settings\Alexandre\Application Data\m\shared\DBConvert for FoxPro & MSSQL 3.0.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Dr. Hardware 2008 9.5.0e.zip

c:\documents and settings\Alexandre\Application Data\m\shared\DreamenSysInfo library 1.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\DreaMule 3.2.zip

c:\documents and settings\Alexandre\Application Data\m\shared\EasyEx Projectplanner 1.05.zip

c:\documents and settings\Alexandre\Application Data\m\shared\EFSDump 1.02.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Email and MIME parser 1.8.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Encript 2.0.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\enzschlüssel.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Eset_NOD32_Antivirus_v2.000.6.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Eyeball Chat 2.2.zip

c:\documents and settings\Alexandre\Application Data\m\shared\EZShellExtensions.Net 2008 Build 582108.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Flashback 1.5.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Florida's Beautiful Reefs Screensaver.zip

c:\documents and settings\Alexandre\Application Data\m\shared\FLV Flash Video Source Filter 1.0.0.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Fontastic 2.40.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Form Pilot Pro 2.20.zip

c:\documents and settings\Alexandre\Application Data\m\shared\General Rowfilter 1.0a.zip

c:\documents and settings\Alexandre\Application Data\m\shared\GeorgiaDoppler! 1.4.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Greenhouse Gas 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\GrocWin Shopping List Utility 4.1.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Hosted Gmail Client 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Hot 108 Jamz Gadget 1.0.0.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Howie's Quick Music Player 1.0.4.zip

c:\documents and settings\Alexandre\Application Data\m\shared\HyperText Studio (Professional Edition) 5.0.0.48.zip

c:\documents and settings\Alexandre\Application Data\m\shared\iClock for Windows 1.0.3.6.zip

c:\documents and settings\Alexandre\Application Data\m\shared\IconDeveloper 2.1.0.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\ike-scan 1.9.zip

c:\documents and settings\Alexandre\Application Data\m\shared\inspiration 1.0.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\ITA.AntiVirus.-.McAfee.Viruscan.8.0.professional.(+firewall.+.spam.killer).zip

c:\documents and settings\Alexandre\Application Data\m\shared\iTunes to Zune Playlist Converter 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\iuVCS 0.9.0.2 Beta.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Ivan Video Spliter 1.11.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Jessica Simpson Screensaver1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Kids Icons.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Laetitia Casta Sexy Screensaver 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Learning Mobile Author 4.3.97.zip

c:\documents and settings\Alexandre\Application Data\m\shared\LingvoSoft Dictionary 2008 English - Bosnian 4.1.29.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Link Popularity 1.11.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MagForms for .NET 1.5.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Magical Jelly Bean Dictionary 1.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MB Free Heart Desire Number 1.10.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MCE Outlook 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MONOGRAM GraphStudio 0.3.0.0 Beta.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MP3Utility 1.72 Build 1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MS Word to HTML Batch Convert Multiple Documents Software 7.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MSSQLLMViewer 1.5.0.2.zip

c:\documents and settings\Alexandre\Application Data\m\shared\MyDeezer 0.5.zip

c:\documents and settings\Alexandre\Application Data\m\shared\NOD32.Anti-Virus.System.Personal.v2.51.30.Spanish..Crack.NOD.Fix.v2.1_DnGnMsTr.zip

c:\documents and settings\Alexandre\Application Data\m\shared\OfficeTalk 4.1.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Password Keeper Expert 1.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Perfect Process 1.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Performance Center 2.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Portable AutoIt 3.2.12.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\PowerExif Professional 1.2.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Presentation Aide 2.03.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Presenter 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Pretty Printer for Visual Basic 6.0.134.zip

c:\documents and settings\Alexandre\Application Data\m\shared\ProLingo German Japanese Dictionary 1.4.8.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Property Boulevard 8.018.zip

c:\documents and settings\Alexandre\Application Data\m\shared\PropertyNet 2.18.zip

c:\documents and settings\Alexandre\Application Data\m\shared\QuickPHP Web Server 1.4.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\QuickRipper 1.3.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Response Mailer Professional 3.6.2.5.zip

c:\documents and settings\Alexandre\Application Data\m\shared\School Guitar Learning Software 2.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Shuangs Audio Joiner 1.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Sienna Miller Screensaver2.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Simnor Web Search 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Simply Backup CDRW 1.0.0.11 beta.zip

c:\documents and settings\Alexandre\Application Data\m\shared\SocketTools .NET Edition 6.0 Build 6000.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Sophos.Antivirus.v3.92.Win9XME.Multilang-DWP.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Soritong 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Spamcontainer 3.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Spinach AntiSpyware 1.58.zip

c:\documents and settings\Alexandre\Application Data\m\shared\StyleBuilder 2.02 beta.zip

c:\documents and settings\Alexandre\Application Data\m\shared\SunRav BookOffice 3.3.1.500.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Symantec Mail Security License 1165464.7 Slf(1).zip

c:\documents and settings\Alexandre\Application Data\m\shared\Symantec.AntiVirus.Corporate.Edition.v10.2.199.WinVista64-TBE.zip

c:\documents and settings\Alexandre\Application Data\m\shared\symantec_winfax_pro_10.2.zip

c:\documents and settings\Alexandre\Application Data\m\shared\TestNet 1.1.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\TextConv 0.4.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Tile Map Exporter 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\TMagnify 2.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Ultralingua Grammatica Spelling and Grammar Checker - German 7.1.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Underpants 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\VIFoto 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Visual Basic .net Multi Threaded Windows Service WebServer Source Code 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\W32.Esbot Free Removal Tool 1.3.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Web Cruiser 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\WH WorldClock 3.1.26.zip

c:\documents and settings\Alexandre\Application Data\m\shared\Windows Mail to HTML Converter 1.0.zip

c:\documents and settings\Alexandre\Application Data\m\shared\WirelessNetConsole 1.00.zip

c:\documents and settings\Alexandre\Application Data\m\shared\XYPlotCS 2.0.2109.20715.zip

c:\documents and settings\Alexandre\Application Data\m\srvlist.oct

C:\InfoSat.txt

c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

c:\windows\IE4 Error Log.txt

c:\windows\system32\ban_list.txt

c:\windows\system32\mdelk.exe

c:\windows\system32\wintems.exe

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_SROSA

-------\Legacy_SROSA

-------\Legacy_SK9OU0S

-------\Service_sK9Ou0s

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-22 au 2008-12-22 ))))))))))))))))))))))))))))))))))))

.

 

2008-12-21 21:27 . 2008-12-21 21:27 <REP> d-------- C:\rsit

2008-12-21 21:27 . 2008-12-21 21:36 <REP> d-------- c:\program files\trend micro

2008-12-21 20:10 . 2008-12-21 20:10 <REP> d-------- c:\program files\PDF2Image v2.0

2008-12-21 19:41 . 2008-12-21 19:41 <REP> d-------- c:\documents and settings\Alexandre\Application Data\fltk.org

2008-12-21 19:37 . 2008-12-22 08:54 <REP> d--h----- c:\documents and settings\Alexandre\Application Data\drivers

2008-12-21 19:32 . 2008-12-21 19:32 <REP> d-------- c:\program files\VeryPDF PDF2Image v2.1

2008-12-21 19:32 . 2008-12-21 20:10 1,024 --a------ c:\windows\system32\PDF2IMG.dat

2008-12-21 19:27 . 2008-12-21 19:27 <REP> d-------- c:\program files\PDFCreator

2008-12-21 19:27 . 2004-03-09 01:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX

2008-12-21 19:27 . 1998-07-13 02:08 141,312 --a------ c:\windows\system32\MSCMCFR.DLL

2008-12-21 19:27 . 1998-06-24 01:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX

2008-12-21 19:27 . 2001-10-28 17:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll

2008-12-21 19:27 . 1998-07-13 02:08 59,904 --a------ c:\windows\system32\MSCC2FR.DLL

2008-12-21 19:27 . 1998-07-06 01:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL

2008-12-21 19:10 . 2008-12-21 19:10 <REP> d-------- c:\documents and settings\Alexandre\Application Data\AdobeUM

2008-12-21 16:01 . 2008-12-21 16:01 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Malwarebytes

2008-12-21 16:00 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau

2008-12-21 16:00 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression

2008-12-21 16:00 . 2008-12-18 17:53 <REP> d--h----- c:\documents and settings\Administrateur\Modèles

2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Mes documents

2008-12-21 16:00 . 2008-12-18 18:28 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer

2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Favoris

2008-12-21 16:00 . 2008-12-18 18:28 <REP> d-------- c:\documents and settings\Administrateur\Bureau

2008-12-21 16:00 . 2008-12-21 16:00 <REP> d-------- c:\documents and settings\Administrateur

2008-12-21 14:45 . 2008-12-21 14:45 0 --a------ c:\windows\system32\megastore.ini

2008-12-21 14:43 . 2008-12-21 14:43 <REP> d-------- c:\windows\system32\JVeffect

2008-12-21 14:43 . 2008-12-21 14:43 <REP> d-------- c:\program files\MegaWorld

2008-12-21 14:43 . 2004-08-04 00:45 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys

2008-12-21 14:43 . 2004-08-04 00:45 14,848 --a--c--- c:\windows\system32\dllcache\kbdhid.sys

2008-12-21 13:10 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys

2008-12-21 13:10 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys

2008-12-20 17:16 . 2004-08-03 23:54 221,184 --a------ c:\windows\system32\wmpns.dll

2008-12-20 17:03 . 2008-12-20 17:03 54,156 --ah----- c:\windows\QTFont.qfn

2008-12-20 17:03 . 2008-12-20 17:03 1,409 --a------ c:\windows\QTFont.for

2008-12-20 14:03 . 2008-12-20 14:04 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware

2008-12-20 14:03 . 2008-12-20 14:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2008-12-20 14:03 . 2008-12-20 14:03 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Malwarebytes

2008-12-20 14:03 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-20 14:03 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-12-20 13:49 . 2008-12-20 13:49 20 --a------ c:\windows\TemplateWizard.INI

2008-12-20 13:41 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll

2008-12-20 13:41 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll

2008-12-20 13:41 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

2008-12-20 12:35 . 2008-12-20 12:35 <REP> d-------- c:\program files\Namo

2008-12-20 09:20 . 2008-12-20 09:20 <REP> d-------- c:\documents and settings\Alexandre\Shared

2008-12-20 09:20 . 2008-12-20 09:48 <REP> d-------- c:\documents and settings\Alexandre\Incomplete

2008-12-20 09:20 . 2008-12-20 09:48 <REP> d-------- c:\documents and settings\Alexandre\Application Data\LimeWire

2008-12-20 09:14 . 2008-12-20 09:14 <REP> d-------- c:\program files\Java

2008-12-20 09:14 . 2008-12-20 09:14 <REP> d-------- c:\program files\illiminable

2008-12-20 09:14 . 2008-12-20 09:14 410,984 --a------ c:\windows\system32\deploytk.dll

2008-12-20 09:14 . 2008-12-20 09:14 73,728 --a------ c:\windows\system32\javacpl.cpl

2008-12-20 09:10 . 2008-12-20 09:10 <REP> d-------- c:\program files\Notepad++

2008-12-20 09:10 . 2008-12-20 11:56 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Notepad++

2008-12-19 23:42 . 2008-12-19 23:42 <REP> d-------- c:\program files\Trapcode

2008-12-19 23:42 . 2008-12-19 23:44 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller

2008-12-19 23:42 . 2008-12-19 23:42 36,868 --a------ c:\program files\uninst-3DStroke.exe

2008-12-19 23:41 . 2008-12-19 23:41 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller

2008-12-19 23:25 . 2008-12-19 23:25 <REP> d-------- c:\program files\Windows Live SkyDrive

2008-12-19 23:14 . 2008-12-19 23:14 <REP> d-------- c:\program files\Fichiers communs\Windows Live

2008-12-19 21:22 . 2008-12-19 21:22 <REP> d-------- C:\Python26

2008-12-19 21:20 . 2008-12-19 21:20 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Blender Foundation

2008-12-19 18:57 . 2008-12-21 20:54 <REP> d-------- c:\documents and settings\Alexandre\Application Data\skypePM

2008-12-19 18:57 . 2008-12-19 18:57 32 --a------ c:\documents and settings\All Users\Application Data\ezsid.dat

2008-12-19 17:15 . 2008-12-21 14:57 <REP> d-------- c:\documents and settings\All Users\Application Data\TrackMania

2008-12-19 16:55 . 2008-12-21 21:02 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Skype

2008-12-19 16:06 . 2008-12-20 14:16 <REP> d-------- c:\windows\system32\CatRoot_bak

2008-12-18 22:48 . 2008-12-18 22:51 116 --a------ c:\windows\NeroDigital.ini

2008-12-18 22:47 . 2008-12-18 22:47 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Apple Computer

2008-12-18 22:43 . 2008-12-21 21:04 <REP> d-------- c:\program files\SuperCopier2

2008-12-18 22:30 . 2008-12-18 22:30 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Ahead

2008-12-18 22:29 . 2008-12-18 22:29 <REP> d-------- c:\program files\Nero

2008-12-18 22:29 . 2008-12-18 22:40 <REP> d-------- c:\program files\Fichiers communs\Ahead

2008-12-18 22:27 . 2008-12-18 22:27 <REP> d-------- c:\program files\MSn CoLoR Dégradé

2008-12-18 22:27 . 2008-12-18 22:27 290,816 --------- c:\windows\Setup1.exe

2008-12-18 22:27 . 2008-12-18 22:27 74,752 --a------ c:\windows\ST6UNST.EXE

2008-12-18 22:24 . 2008-12-19 16:49 <REP> d-------- c:\documents and settings\Alexandre\Contacts

2008-12-18 22:23 . 2008-12-21 20:00 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!

2008-12-18 22:03 . 2008-12-19 23:44 <REP> d-------- c:\program files\Windows Live

2008-12-18 22:03 . 2008-12-18 22:03 <REP> d-------- c:\program files\Messenger Plus! Live

2008-12-18 21:56 . 2008-12-18 21:56 <REP> d-------- c:\program files\Microsoft SQL Server

2008-12-18 21:56 . 2008-12-18 21:56 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Sony

2008-12-18 21:56 . 2002-12-17 17:23 33,340 --------- c:\windows\system32\dbmsqlgc.dll

2008-12-18 21:56 . 2002-10-20 15:01 24,576 --------- c:\windows\system32\dbmsgnet.dll

2008-12-18 21:55 . 2008-12-18 21:55 <REP> d-------- c:\program files\ASIO4ALL v2

2008-12-18 21:54 . 2008-12-18 21:54 <REP> d-------- c:\program files\Vstplugins

2008-12-18 21:54 . 2008-12-18 21:56 <REP> d-------- c:\documents and settings\All Users\Application Data\Sony

2008-12-18 21:52 . 2008-12-18 21:52 <REP> d-------- c:\program files\Unlocker

2008-12-18 21:52 . 2008-12-18 21:52 <REP> d-------- c:\program files\ThiWeb Live 2

2008-12-18 21:47 . 2008-12-18 21:47 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Juce VST Host

2008-12-18 21:39 . 2008-12-18 21:39 <REP> d-------- c:\program files\DAMN NFO Viewer

2008-12-18 21:27 . 2008-12-18 21:27 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet

2008-12-18 21:02 . 2008-12-18 21:02 <REP> d-------- c:\program files\DynDNS Updater

2008-12-18 21:02 . 2008-12-18 21:02 <REP> d-------- c:\documents and settings\All Users\Application Data\DynDNS

2008-12-18 20:59 . 2008-12-18 20:59 <REP> d-------- c:\program files\Bonjour

2008-12-18 20:08 . 2008-12-21 20:44 <REP> d-------- c:\program files\eMule

2008-12-18 19:53 . 2008-12-18 19:55 <REP> d-------- c:\program files\FileZilla Server

2008-12-18 19:48 . 2008-12-18 19:48 <REP> d-------- c:\program files\Elaborate Bytes

2008-12-18 19:47 . 2008-12-18 19:47 <REP> d-------- c:\program files\SlySoft

2008-12-18 19:47 . 2008-12-18 19:47 <REP> d-------- c:\documents and settings\Alexandre\Application Data\Sony Setup

2008-12-18 19:46 . 2008-12-18 19:46 <REP> d-------- c:\program files\Sony Setup

2008-12-18 19:45 . 2008-12-18 19:45 <REP> d-------- c:\program files\Fichiers communs\Macrovision Shared

2008-12-18 19:25 . 2004-08-04 00:54 1,888,992 --a--c--- c:\windows\system32\dllcache\ati3duag.dll

2008-12-18 19:25 . 2004-08-04 00:54 1,888,992 --a------ c:\windows\system32\ati3duag.dll

2008-12-18 19:25 . 2004-08-04 00:54 516,768 --a--c--- c:\windows\system32\dllcache\ativvaxx.dll

2008-12-18 19:25 . 2004-08-04 00:54 516,768 --a------ c:\windows\system32\ativvaxx.dll

2008-12-18 19:25 . 2004-08-04 00:54 229,376 --a--c--- c:\windows\system32\dllcache\ati2cqag.dll

2008-12-18 19:25 . 2004-08-04 00:54 229,376 --a------ c:\windows\system32\ati2cqag.dll

2008-12-18 19:25 . 2004-08-04 00:54 201,728 --a--c--- c:\windows\system32\dllcache\ati2dvag.dll

2008-12-18 19:25 . 2004-08-04 00:54 201,728 --a------ c:\windows\system32\ati2dvag.dll

2008-12-18 19:20 . 2008-12-18 19:20 <REP> d-------- c:\program files\Image-Line

2008-12-18 19:20 . 2002-07-08 00:14 1,294,336 --a------ c:\windows\system32\vorbis.acm

2008-12-18 19:20 . 2006-06-20 10:56 225,280 --a------ c:\windows\system32\rewire.dll

2008-12-18 19:17 . 2008-12-18 19:17 <REP> d-------- c:\program files\Steinberg

2008-12-18 19:16 . 2008-12-20 08:54 <REP> d-------- c:\documents and settings\Alexandre\Application Data\uTorrent

2008-12-18 19:15 . 2008-12-18 19:16 <REP> d-------- c:\windows\system32\fr-fr

2008-12-18 19:15 . 2003-06-20 13:28 1,777,664 --a------ c:\windows\system32\gdiplus.dll

2008-12-18 19:04 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Alexandre\Voisinage réseau

2008-12-18 19:04 . 2008-12-18 18:28 <REP> d--h----- c:\documents and settings\Alexandre\Voisinage d'impression

2008-12-18 19:04 . 2008-12-18 21:05 <REP> d--h----- c:\documents and settings\Alexandre\Modèles

2008-12-18 19:04 . 2008-12-21 19:29 <REP> dr------- c:\documents and settings\Alexandre\Mes documents

2008-12-18 19:04 . 2008-12-18 19:16 <REP> dr------- c:\documents and settings\Alexandre\Menu Démarrer

2008-12-18 19:04 . 2008-12-18 19:24 <REP> dr------- c:\documents and settings\Alexandre\Favoris

2008-12-18 19:04 . 2008-12-22 08:40 <REP> d-------- c:\documents and settings\Alexandre\Bureau

2008-12-18 19:04 . 2008-12-21 17:06 <REP> d-------- c:\documents and settings\Alexandre

2008-12-18 19:01 . 2008-12-18 19:01 <REP> d-------- c:\program files\ffdshow

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-21 13:43 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-20 16:19 --------- d-----w c:\program files\Microsoft Works

2008-12-19 22:40 --------- d-----w c:\program files\MSN Messenger

2008-12-18 20:05 --------- d-----w c:\program files\Fichiers communs\Adobe

2008-12-18 17:59 --------- d-----w c:\program files\Fichiers communs\InstallShield

2008-12-18 17:59 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer

2008-12-18 17:44 --------- d-----w c:\program files\Microsoft.NET

2008-12-18 17:32 --------- d-----w c:\program files\Skype

2008-12-18 17:32 --------- d-----w c:\program files\Fichiers communs\Skype

2008-12-18 17:32 --------- d-----w c:\program files\D-Tools

2008-12-18 17:31 --------- d-----w c:\documents and settings\All Users\Application Data\Skype

2008-12-18 17:19 --------- d-----w c:\program files\SAGEM Wi-Fi USB 802.11g

2008-12-18 17:19 --------- d-----w c:\program files\SAGEM

2008-12-18 17:12 --------- d-----w c:\program files\ATI Technologies

2008-12-18 17:09 --------- d-----w c:\program files\Lavalys

2008-12-18 17:05 --------- d-----w c:\program files\DIFX

2008-12-18 17:04 --------- d-----w c:\program files\C-Media 6501 Sound

2008-12-18 16:57 --------- d-----w c:\program files\microsoft frontpage

2008-12-18 16:55 --------- d-----w c:\program files\Services en ligne

2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]

"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]

"HydraVisionDesktopManager"="c:\program files\ATI Technologies\ATI HydraVision\HydraDM.exe" [2003-04-01 270336]

"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-18 110592]

Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - c:\program files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2008-12-18 667648]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.avis"= ff_acm.acm

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk

backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]

--a------ 2007-12-25 22:25 937984 c:\program files\FileZilla Server\FileZilla Server Interface.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2006-01-12 15:40 155648 c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-12-18 19:00 155648 c:\program files\QuickTime\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-12-20 09:14 136600 c:\program files\Java\jre6\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Bonjour Service"=2 (0x2)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"i:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=

"i:\\Program Files\\TmNationsForever\\TmForever.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

"i:\\Bacups\\BACKUP\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Namo\\WebEditor 5 Trial\\bin\\WebEditor.exe"=

 

R0 d346bus;d346bus;c:\windows\system32\DRIVERS\d346bus.sys [2008-12-18 156800]

R0 d346prt;d346prt;c:\windows\system32\Drivers\d346prt.sys [2008-12-18 5248]

R3 es1969;Pilote audio ESS Solo (WDM);c:\windows\system32\drivers\es1969.sys [2008-12-18 72192]

S1 hidfltr;HID Filter Driver;c:\windows\system32\drivers\MWhid.sys [2004-11-03 13332]

S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\DRIVERS\WlanUIG.sys [2008-12-18 379456]

 

*Newly Created Service* - PCANDIS5

.

- - - - ORPHELINS SUPPRIMES - - - -

 

HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

HKLM-Run-C6501Sound - c6501.cpl

SafeBoot-sglfb.sys

SafeBoot-tga.sys

SafeBoot-wd.sys

SafeBoot-sacsvr

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://google.fr/

uInternet Settings,ProxyOverride = *.local

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: {64EF3655-A2E7-48DC-BA1B-2DDD5069C58B} = 192.168.1.1

FF - ProfilePath - c:\documents and settings\Alexandre\Application Data\Mozilla\Firefox\Profiles\gx661ahd.default\

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-22 08:56:58

Windows 5.1.2600 Service Pack 2 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\FileZilla Server\FileZilla server.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

i:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Heure de fin: 2008-12-22 9:00:23 - La machine a redémarré

ComboFix-quarantined-files.txt 2008-12-22 08:00:21

 

Avant-CF: 12,874,682,368 octets libres

Après-CF: 12,957,638,656 octets libres

 

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

 

432 --- E O F --- 2008-12-20 16:22:00

 

mais le pire dans tout sa c'est que dans le dossier \shared\m\

ya qu un sel truc qu j'avais téléchargé : pdf2image

tout le reste sa c DL auto . moi j'ai rien touché !

Modifié le 22 décembre 2008 par Alex36

[Falkra]

Bonjour

 

oui je sais , mais on vadire que ce n'est que la 10ème fois sur 6mois que j'ai un baggle

j'ai aussi désinfecté ta machine pour ça. Tu n'en as pas marre ?

Non parce que nous on va se demander à quoi ça sert, puisque de toute façon dans quelques jours tu vas la réinfecter.

Fais-toi un ghost quand la machine est clean.

[Alex36]

Non parce que nous on va se demander à quoi ça sert, puisque de toute façon dans quelques jours tu vas la réinfecter.

bin comme ça j'aurais la procedure a suivre

 

bin si mais bon tant pis .

 

euh ce n'est pas pour autanr que ma machine est réparée . je ne peut pas lancer hijackthis.

motif: cen'est pas un appli de win32 valide

Modifié le 22 décembre 2008 par Alex36

[angelique]

waou t'est devin xD comment tu as su ??!

oui je sais , mais on vadire que ce n'est que la 10ème fois sur 6mois que j'ai un baggle , Aussi je trouve que avira8 est moins performant qu'avira 7 (moins d'alerte ,mais j'ai pourtant bien configuré mon avira)

 

et bien c'est une fois de trop!! tu fais perdre le temps au helpers , rien que pour ça je ferme!ça t'apprendra.