Fin de démarrage de XP trop lente !

illico · le 25 janvier 2009

Bonjours et merci,

Je joins les deux rapports, ce matin j'ai eu la main une fois les icones installés aprés deux minutes et 30s, c'est en progrés !!

info.txt logfile of random's system information tool 1.05 2009-01-25 11:08:28

======Uninstall list======

-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\setup.exe" -l0x40c anything

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x40c

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

ACDSee 3.1 (SR-1) Standard-->MsiExec.exe /I{930EAE5E-436E-40C4-AFFC-F73D550C0E51}

Adobe Acrobat 8 Professional - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000003}

Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}

Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}

Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}

Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}

adsl TV-->C:\Program Files\adslTV\Uninstal.exe

All Day Battery Life Configuration-->MsiExec.exe /X{2220CF3A-EBD6-4070-94D0-0C7337B537A7}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

AutoCAD 2008 - Français SP1-->Msiexec.exe /uninstall {1C500B62-B044-4216-8011-604640F4F925} /package {5783F2D7-6001-040C-0002-0060B0CE6BBA} /qb

AutoCAD 2008 - Français-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-040C-0002-0060B0CE6BBA} /M ACAD

Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

BioAPI Framework-->MsiExec.exe /X{AF7E4468-E364-4991-BC2A-6E8293E1055B}

biolsp patch-->MsiExec.exe /I{9593C6E5-205E-45C3-B785-05CF146CA76A}

Broadcom Management Programs-->MsiExec.exe /I{7BB045C3-D5E4-4620-B536-DC11AACD5942}

Broadcom USH Host Components-->MsiExec.exe /I{066D25F6-8B8B-433C-88B4-EDF41D604E7E}

Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

DCP32MMWrapper-->MsiExec.exe /I{9E25AB4C-71E0-4B43-B44F-108BE18DC531}

Dell Control Point-->MsiExec.exe /I{FDE4BEC4-2D7E-4799-A9BA-2BD23512CC7B}

Dell ControlPoint Connection Manager-->MsiExec.exe /I{4D523D94-C637-4C49-89FD-5B8FFB071D76}

Dell ControlPoint Security Manager-->"C:\Program Files\InstallShield Installation Information\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}\setup.exe" -runfromtemp -l0x040c -removeonly

Dell ControlPoint System Manager-->MsiExec.exe /I{F74B95DF-A68C-4A99-98AA-E98698341F21}

Dell Embassy Trust Suite by Wave Systems-->C:\WINDOWS\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\Installer.exe

Dell Security Device Driver Pack-->C:\Program Files\InstallShield Installation Information\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}\setup.exe -runfromtemp -l0x040c -removeonly

Dell Webcam Central-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x40c /remove

Document Manager Lite-->C:\Program Files\InstallShield Installation Information\{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}\setup.exe -runfromtemp -l0x040c

Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"

EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly

EMBASSY Security Center-->C:\Program Files\InstallShield Installation Information\{EEAFE1E5-076B-430A-96D9-B567792AFA88}\setup.exe -runfromtemp -l0x040c

EMBASSY Security Setup-->C:\Program Files\InstallShield Installation Information\{53333479-6A52-4816-8497-5C52B67ED339}\setup.exe -runfromtemp -l0x040c

ESC Home Page Plugin-->C:\Program Files\InstallShield Installation Information\{E738A392-F690-4A9D-808E-7BAF80E0B398}\setup.exe -runfromtemp -l0x040c

Full Pack Codecs-->C:\Program Files\Full Pack Codecs\uninst.exe

Gemalto-->MsiExec.exe /I{BC52E419-B185-488F-9973-049A88E5DCBE}

Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Intel PROSet Wireless-->Intel PROSet Wireless

Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall

Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

K-Lite Codec Pack 4.4.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}

Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}

Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Standard 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL

Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe

Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

NTRU TCG Software Stack-->MsiExec.exe /I{8361A088-1A86-425B-968E-034555992392}

NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI

Objective Tarot-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-Objective Tarot.dat

Package de pilotes Windows - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\pbadrv_D8D224CEC214CACEA7B42A3CB4D1B2E57B753A54\pbadrv.inf

PicaView32-->C:\PROGRA~1\PICAVI~1\UNWISE.EXE C:\PROGRA~1\PICAVI~1\INSTALL.LOG

Pool 'm Up-->C:\PROGRA~1\POOL'M~1\UNINSTALL\UNINSTALL.EXE C:\PROGRA~1\POOL'M~1\UNINSTALL\INSTALL.LOG

Porcher Catalogue 2005-->"C:\Program Files\Porcher_2005\Uninst.exe"

PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x40c -cluninstall

PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}

Preboot Manager-->MsiExec.exe /I{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}

Private Information Manager-->C:\Program Files\InstallShield Installation Information\{0B0A2153-58A6-4244-B458-25EDF5FCD809}\setup.exe -runfromtemp -l0x040c

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

RICOH R5C841/842 Flash Media Controller Driver Ver.2.15 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD4F051C-1A2B-4A91-B187-B093C597418C}\setup.exe" -l0x40c anything

Secure Update-->C:\Program Files\InstallShield Installation Information\{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}\setup.exe -runfromtemp -l0x040c

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Wizards-->C:\Program Files\InstallShield Installation Information\{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}\setup.exe -runfromtemp -l0x040c

Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}

Spyware Doctor 5.5-->C:\Program Files\Spyware Doctor\unins000.exe /LOG

Trusted Drive Manager-->MsiExec.exe /I{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}

tsp patch-->MsiExec.exe /I{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}

VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Wave Infrastructure Installer-->MsiExec.exe /I{D43C8156-C238-4FE1-9CEA-C39E3B8A3530}

Wave Support Software-->C:\Program Files\InstallShield Installation Information\{07D618CD-B016-438A-ADC9-A75BD23F85CE}\setup.exe -runfromtemp -l0x040c

WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}

Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}

WinKey-->C:\WINDOWS\uninst.exe -f"C:\Program Files\WinKey\DeIsL1.isu" -c"C:\Program Files\WinKey\_ISREG32.DLL"

xp-AntiSpy 3.96-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe

======Security center information======

AV: AVG Anti-Virus Free (disabled)

AV: Avira AntiVir PersonalEdition Classic

System event log

Computer Name: MANDARIN

Event Code: 26

Message: Application popup : : \SystemRoot\System32\ATMFD.DLL failed to load

Record Number: 1384

Source Name: Application Popup

Time Written: 20090113120828.000000+060

Event Type: Informations

User:

Computer Name: MANDARIN

Event Code: 9

Message: Broadcom NetXtreme 57xx Gigabit Controller: Network controller configured for 100Mb full-duplex link.

Record Number: 1383

Source Name: b57w2k

Time Written: 20090113120828.000000+060

Event Type: Informations

User:

Computer Name: MANDARIN

Event Code: 15

Message: Broadcom NetXtreme 57xx Gigabit Controller: Driver initialized successfully.

Record Number: 1382

Source Name: b57w2k

Time Written: 20090113120828.000000+060

Event Type: Informations

User:

Computer Name: MANDARIN

Event Code: 7036

Message: Le service est entré dans l'état : Intel® WiFi Link 5100 AGN.

Record Number: 1381

Source Name: NETw5x32

Time Written: 20090113120828.000000+060

Event Type: Informations

User:

Computer Name: MANDARIN

Event Code: 6005

Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 1380

Source Name: EventLog

Time Written: 20090113120817.000000+060

Event Type: Informations

User:

Application event log

Computer Name: MANDARIN

Event Code: 4099

Message: Échec de l'ouverture de services.

Record Number: 156

Source Name: WmiAdapter

Time Written: 20090118011031.000000+060

Event Type: erreur

User: BUILTIN\Administrateurs

Computer Name: MANDARIN

Event Code: 4099

Message: Échec de l'ouverture de services.

Record Number: 155

Source Name: WmiAdapter

Time Written: 20090118011027.000000+060

Event Type: erreur

User: BUILTIN\Administrateurs

Computer Name: MANDARIN

Event Code: 1

Message:

Record Number: 154

Source Name: avg8emc

Time Written: 20090118011025.000000+060

Event Type: Informations

User:

Computer Name: MANDARIN

Event Code: 0

Message: Le service a démarré avec succès.

Record Number: 153

Source Name: TdmService

Time Written: 20090118011023.000000+060

Event Type: Informations

User:

Computer Name: MANDARIN

Event Code: 0

Message:

Record Number: 152

Source Name: RegSrvc

Time Written: 20090118011021.000000+060

Event Type: Informations

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin;C:\Program Files\Wave Systems Corp\Gemalto\Access Client\v5;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\Fichiers communs\Roxio Shared\9.0\DLLShared;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Intel\WiFi\bin;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel

"PROCESSOR_REVISION"=1706

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Logfile of random's system information tool 1.05 (written by random/random)

Run by Jeff at 2009-01-25 11:08:18

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 54 GB (77%) free of 70 GB

Total RAM: 3572 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:08:25, on 2009-01-25

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\drivers\audio\r201108\stacsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtTray.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

C:\Program Files\Intel\WiFi\bin\WLKeeper.exe

F:\Utilitaires\RSIT.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\Jeff.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe /T:NTRU12

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe

O23 - Service: Smith Micro Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\drivers\audio\r201108\stacsv.exe

O23 - Service: NTRU TSS v1.2.1.28 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe

--

End of file - 9463 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job

C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job

C:\WINDOWS\tasks\Uniblue SpyEraser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-11 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-09 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-09 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-09 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]

CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-11 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{A057A204-BACC-4D26-9990-79A187E2698E}

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-09 251504]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-10-28 446563]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-24 13537280]

"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2008-09-24 184320]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-22 620152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]

C:\WINDOWS\system32\AESTFltr.exe [2008-10-28 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]

C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [2008-10-17 442536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellConnectionManager]

C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [2008-10-01 1454080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellControlPoint]

C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [2008-08-18 598016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbassySecurityCheck]

C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2008-11-10 91448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-05 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-04 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]

C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]

C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-10-16 1191936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]

C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-10-16 1368064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]

C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2007-08-30 205480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]

C:\WINDOWS\system32\nvHotkey.dll [2008-09-24 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

C:\WINDOWS\system32\NvMcTray.dll [2008-09-24 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /installquiet []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2008-05-23 128296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster 2 d’Uniblue ]

C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecureUpgrade]

C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2008-11-10 656696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-11 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USCService]

C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2008-11-10 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WavXMgr]

C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2008-09-26 145408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth.lnk]

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-08-15 604776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Dell ControlPoint System Manager.lnk]

C:\PROGRA~1\Dell\DELLCO~2\SYSTEM~1\DCPSYS~1.EXE [2008-11-11 950048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]

C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2009-01-10 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinKey.lnk]

C:\PROGRA~1\WinKey\WinKey.exe [1999-07-04 99840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jeff^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]

C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

wvauth

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"

"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX"

"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"

"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"

"C:\Program Files\Spyware Doctor\drvctl.exe"="C:\Program Files\Spyware Doctor\drvctl.exe:*:Enabled:drvctl.exe"

"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe:*:Enabled:Démarrer Avira AntiVir Personal"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 months======

2009-01-25 11:08:18 ----D---- C:\rsit

2009-01-23 17:25:41 ----D---- C:\Program Files\QUAD Utilities

2009-01-23 12:04:46 ----A---- C:\WINDOWS\NeroDigital.ini

2009-01-23 11:37:44 ----D---- C:\WINDOWS\system32\windows media

2009-01-23 11:37:40 ----D---- C:\WINDOWS\RegisteredPackages

2009-01-23 11:37:39 ----HD---- C:\WINDOWS\msdownld.tmp

2009-01-23 11:37:38 ----D---- C:\Program Files\Windows Media Components

2009-01-23 10:12:37 ----D---- C:\Documents and Settings\Jeff\Application Data\Ahead

2009-01-23 10:08:30 ----A---- C:\WINDOWS\system32\TwnLib20.dll

2009-01-23 10:08:22 ----A---- C:\WINDOWS\system32\picn20.dll

2009-01-23 10:08:21 ----A---- C:\WINDOWS\system32\imagx5.dll

2009-01-23 10:08:21 ----A---- C:\WINDOWS\system32\imagr5.dll

2009-01-23 10:08:20 ----A---- C:\WINDOWS\system32\ImagXpr5.dll

2009-01-23 10:08:18 ----D---- C:\Program Files\Fichiers communs\Ahead

2009-01-23 10:08:18 ----A---- C:\WINDOWS\system32\NeroCheck.exe

2009-01-23 10:08:13 ----D---- C:\Program Files\Ahead

2009-01-22 14:48:26 ----D---- C:\Program Files\Uniblue

2009-01-22 13:58:57 ----D---- C:\Documents and Settings\Jeff\Application Data\Uniblue

2009-01-21 13:47:23 ----D---- C:\WINDOWS\system32\LogFiles

2009-01-21 10:39:50 ----D---- C:\Program Files\Microsoft Bootvis

2009-01-19 18:16:06 ----D---- C:\Documents and Settings\Jeff\Application Data\Apple Computer

2009-01-19 18:14:43 ----D---- C:\Program Files\Fichiers communs\Apple

2009-01-19 18:14:39 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer

2009-01-19 18:14:28 ----D---- C:\Program Files\Apple Software Update

2009-01-19 18:14:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple

2009-01-19 17:05:01 ----D---- C:\Program Files\QuickTime

2009-01-19 12:30:20 ----D---- C:\Program Files\Avira

2009-01-19 12:30:20 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2009-01-19 12:18:59 ----D---- C:\Documents and Settings\Jeff\Application Data\Yahoo!

2009-01-19 12:18:58 ----D---- C:\Program Files\Yahoo!

2009-01-19 12:18:56 ----D---- C:\Program Files\CCleaner

2009-01-18 22:03:33 ----D---- C:\WINDOWS\system32\appmgmt

2009-01-18 19:44:16 ----A---- C:\WINDOWS\system32\tmp.txt

2009-01-18 19:44:01 ----A---- C:\rapport.txt

2009-01-18 18:53:16 ----D---- C:\Program Files\Lavasoft

2009-01-18 18:53:16 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft

2009-01-18 18:50:17 ----D---- C:\Program Files\Trojan Remover

2009-01-18 18:50:17 ----D---- C:\Documents and Settings\Jeff\Application Data\Simply Super Software

2009-01-18 18:16:35 ----D---- C:\Program Files\Trend Micro

2009-01-18 15:32:39 ----D---- C:\Program Files\Spyware Doctor

2009-01-18 15:32:39 ----D---- C:\Documents and Settings\Jeff\Application Data\PC Tools

2009-01-18 14:58:03 ----A---- C:\WINDOWS\zip.exe

2009-01-18 14:58:03 ----A---- C:\WINDOWS\VFIND.exe

2009-01-18 14:58:03 ----A---- C:\WINDOWS\SWSC.exe

2009-01-18 14:58:03 ----A---- C:\WINDOWS\SWREG.exe

2009-01-18 14:58:03 ----A---- C:\WINDOWS\NIRCMD.exe

2009-01-18 14:58:03 ----A---- C:\WINDOWS\grep.exe

2009-01-18 14:58:03 ----A---- C:\WINDOWS\fdsv.exe

2009-01-18 14:58:01 ----D---- C:\WINDOWS\ERDNT

2009-01-18 14:58:01 ----D---- C:\Qoobox

2009-01-18 14:58:00 ----A---- C:\WINDOWS\system32\CF24113.exe

2009-01-18 11:53:35 ----HD---- C:\$AVG8.VAULT$

2009-01-17 15:41:59 ----D---- C:\Program Files\WinKey

2009-01-17 15:40:33 ----A---- C:\WINDOWS\uninst.exe

2009-01-17 14:03:19 ----A---- C:\WINDOWS\system32\CSVer.dll

2009-01-17 14:00:39 ----D---- C:\Program Files\Fichiers communs\Intel

2009-01-17 13:58:36 ----D---- C:\Program Files\Microsoft IntelliPoint

2009-01-17 13:51:20 ----A---- C:\WINDOWS\system32\snymsico.dll

2009-01-17 13:28:10 ----D---- C:\Mises à jour Drivers

2009-01-17 13:18:25 ----D---- C:\Program Files\Driver-Soft

2009-01-16 21:46:28 ----A---- C:\WINDOWS\system32\XceedZip.dll

2009-01-16 19:00:25 ----D---- C:\Program Files\adslTV

2009-01-15 10:24:09 ----D---- C:\WINDOWS\system32\NtmsData

2009-01-14 16:21:34 ----A---- C:\TOMBPATH.TXT

2009-01-14 12:08:51 ----D---- C:\Program Files\WinRAR

2009-01-13 16:37:08 ----D---- C:\Program Files\Porcher_2005

2009-01-13 13:40:44 ----D---- C:\Program Files\SafeSoft

2009-01-13 10:48:51 ----D---- C:\WINDOWS\pss

2009-01-12 14:29:59 ----D---- C:\Program Files\Fichiers communs\ODBC

2009-01-12 13:49:32 ----D---- C:\Program Files\ToniArts

2009-01-12 12:22:20 ----D---- C:\Documents and Settings\All Users\Application Data\Emjysoft

2009-01-12 11:13:07 ----D---- C:\Program Files\Dell Webcam

2009-01-11 15:00:52 ----A---- C:\WINDOWS\system32\deploytk.dll

2009-01-11 14:41:43 ----D---- C:\Program Files\xp-AntiSpy

2009-01-11 11:44:47 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles

2009-01-10 18:59:05 ----D---- C:\Documents and Settings\Jeff\Application Data\Media Player Classic

2009-01-10 18:52:07 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink

2009-01-10 18:45:24 ----A---- C:\WINDOWS\system32\unrar.dll

2009-01-10 18:45:23 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2009-01-10 18:45:22 ----A---- C:\WINDOWS\system32\xvidvfw.dll

2009-01-10 18:45:22 ----A---- C:\WINDOWS\system32\xvidcore.dll

2009-01-10 18:45:22 ----A---- C:\WINDOWS\system32\qt-dx331.dll

2009-01-10 18:45:22 ----A---- C:\WINDOWS\system32\dpl100.dll

2009-01-10 18:45:22 ----A---- C:\WINDOWS\system32\divx.dll

2009-01-10 18:45:21 ----D---- C:\Program Files\K-Lite Codec Pack

2009-01-10 18:45:21 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest

2009-01-10 18:45:21 ----A---- C:\WINDOWS\system32\ff_vfw.dll

2009-01-10 18:43:16 ----D---- C:\Program Files\Full Pack Codecs

2009-01-10 18:18:27 ----D---- C:\WINDOWS\ie7updates

2009-01-10 18:18:16 ----D---- C:\WINDOWS\WBEM

2009-01-10 18:18:05 ----HD---- C:\WINDOWS\ie7

2009-01-10 18:16:42 ----A---- C:\WINDOWS\system32\MRT.exe

2009-01-10 17:54:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2009-01-10 16:48:01 ----D---- C:\Documents and Settings\All Users\Application Data\Creative

2009-01-10 16:47:22 ----D---- C:\Documents and Settings\Jeff\Application Data\Creative

2009-01-10 16:46:15 ----D---- C:\Documents and Settings\Jeff\Application Data\BACS.exe

2009-01-10 16:14:43 ----D---- C:\Documents and Settings\Jeff\Application Data\ACD Systems

2009-01-10 16:14:33 ----D---- C:\Program Files\ACD Systems

2009-01-10 15:36:25 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet

2009-01-10 15:36:21 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared

2009-01-09 19:47:58 ----D---- C:\Program Files\PicaView32

2009-01-09 19:20:50 ----D---- C:\Program Files\Pool 'm Up

2009-01-09 19:20:50 ----A---- C:\WINDOWS\Poolemup.ini

2009-01-09 19:20:12 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe

2009-01-09 19:20:11 ----D---- C:\Program Files\Objective Tarot

2009-01-09 18:47:18 ----D---- C:\Documents and Settings\Jeff\Application Data\dvdcss

2009-01-09 18:13:24 ----A---- C:\WINDOWS\ModemLog_Modem Bluetooth.txt

2009-01-09 14:09:59 ----D---- C:\Undo

2009-01-09 14:09:00 ----A---- C:\Options.ini

2009-01-09 14:08:38 ----A---- C:\EasyClea.exe

2009-01-09 13:49:56 ----D---- C:\Documents and Settings\Jeff\Application Data\Help

2009-01-09 12:11:34 ----D---- C:\Documents and Settings\Jeff\Application Data\Macromedia

2009-01-09 12:09:36 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2009-01-09 12:09:23 ----D---- C:\WINDOWS\system32\PreInstall

2009-01-09 12:07:41 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2009-01-08 17:25:25 ----D---- C:\Documents and Settings\Jeff\Application Data\Adobe

2009-01-08 17:13:09 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems

2009-01-08 17:13:05 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared

2009-01-08 17:11:56 ----D---- C:\Program Files\Fichiers communs\Adobe

2009-01-08 17:11:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2009-01-08 17:11:45 ----D---- C:\Program Files\Adobe

2009-01-08 16:55:41 ----D---- C:\Documents and Settings\Jeff\Application Data\Roxio

2009-01-08 16:36:42 ----D---- C:\Program Files\Microsoft Works

2009-01-08 16:36:34 ----D---- C:\Program Files\Microsoft Visual Studio

2009-01-08 16:36:18 ----D---- C:\Program Files\Microsoft.NET

2009-01-08 16:34:05 ----D---- C:\WINDOWS\SHELLNEW

2009-01-08 16:33:53 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2009-01-08 16:33:25 ----RHD---- C:\MSOCache

2009-01-08 15:59:05 ----D---- C:\Program Files\AutoCAD 2008

2009-01-08 15:59:05 ----D---- C:\Documents and Settings\Jeff\Application Data\Autodesk

2009-01-08 15:59:05 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk

2009-01-08 15:58:04 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared

2009-01-08 15:58:04 ----D---- C:\Program Files\Autodesk

2009-01-08 15:57:51 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2009-01-08 15:57:29 ----D---- C:\Program Files\Fichiers communs\Designer

2009-01-08 15:57:20 ----D---- C:\Program Files\Microsoft Office

2009-01-08 15:47:51 ----D---- C:\Documents and Settings\Jeff\Application Data\vlc

2009-01-08 15:44:07 ----D---- C:\Program Files\PowerQuest

2009-01-08 15:26:13 ----D---- C:\Program Files\VideoLAN

2009-01-08 15:23:31 ----D---- C:\Documents and Settings\Jeff\Application Data\Malwarebytes

2009-01-08 15:23:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-01-08 15:23:28 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2009-01-08 15:06:00 ----D---- C:\Documents and Settings\Jeff\Application Data\AVGTOOLBAR

2009-01-08 15:05:57 ----D---- C:\Documents and Settings\All Users\Application Data\avg8

2009-01-08 15:04:08 ----D---- C:\Documents and Settings\Jeff\Application Data\CyberLink

2009-01-08 12:52:33 ----D---- C:\Documents and Settings\Jeff\Application Data\Google

2009-01-08 12:50:51 ----A---- C:\WINDOWS\system32\wmpns.dll

2009-01-08 12:50:48 ----D---- C:\Documents and Settings\Jeff\Application Data\Intel

2009-01-08 12:50:48 ----D---- C:\Documents and Settings\Jeff\Application Data\InstallShield

2009-01-08 12:50:48 ----D---- C:\Documents and Settings\Jeff\Application Data\Identities

2009-01-08 12:50:48 ----D---- C:\Documents and Settings\Jeff\Application Data\Broadcom

2009-01-08 12:50:48 ----ASH---- C:\Documents and Settings\Jeff\Application Data\desktop.ini

2009-01-08 12:50:47 ----SD---- C:\Documents and Settings\Jeff\Application Data\Microsoft

2009-01-08 12:50:47 ----D---- C:\Documents and Settings\Jeff\Application Data\Wave Systems Corp

2009-01-08 12:50:47 ----D---- C:\Documents and Settings\Jeff\Application Data\Sun

2009-01-06 02:50:06 ----N---- C:\WINDOWS\system32\spmsg.dll

2009-01-06 02:49:03 ----D---- C:\WINDOWS\nview

2009-01-06 02:49:03 ----A---- C:\WINDOWS\system32\nvuninst.exe

2009-01-06 02:49:03 ----A---- C:\WINDOWS\system32\nvudisp.exe

2009-01-06 02:48:50 ----D---- C:\Program Files\IDT

2009-01-06 02:48:49 ----A---- C:\WINDOWS\system32\stlang.dll

2009-01-06 02:48:49 ----A---- C:\WINDOWS\system32\AESTFltr.exe

2009-01-06 02:48:40 ----D---- C:\WINDOWS\system32\ReinstallBackups

2009-01-06 02:48:14 ----A---- C:\WINDOWS\system32\vfwwdm32.dll

2009-01-06 02:48:14 ----A---- C:\WINDOWS\system32\ksuser.dll

2009-01-05 22:45:07 ----SHD---- C:\System Volume Information

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nwiz.exe

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwssr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwss.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrszht.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrszhc.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsru.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsptb.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrspl.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsko.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsja.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsit.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsfr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsesm.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrses.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwrsde.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwimg.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvwddi.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvvitvsr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvvitvs.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvsvc32.exe

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvshell.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrszht.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrszhc.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsru.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsptb.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrspl.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsko.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsja.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsit.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsfr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsesm.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrses.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvrsde.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvoglnt.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmoblsr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmobls.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmctray.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmccssr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmccss.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmccsrs.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvmccs.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nview.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvhotkey.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvgamesr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvgames.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvexpbar.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvdspsch.exe

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvdispsr.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvdisps.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcuda.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcpluir.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcplui.exe

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcpl.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcolor.exe

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcodins.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvcod.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvappbar.exe

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nvapi.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\nv4_disp.dll

2009-01-05 22:44:15 ----A---- C:\WINDOWS\system32\keystone.exe

2009-01-05 22:43:57 ----N---- C:\WINDOWS\system32\WdfCoInstaller01005.dll

2009-01-05 22:43:18 ----A---- C:\WINDOWS\system32\rixdicon.dll

2009-01-05 22:43:16 ----A---- C:\WINDOWS\system32\stacapi.dll

2009-01-05 22:43:16 ----A---- C:\WINDOWS\system32\st326087.dll

2009-01-05 22:43:06 ----D---- C:\drivers

2009-01-05 22:43:06 ----A---- C:\WINDOWS\system32\NETw5r32.dll

2009-01-05 22:43:06 ----A---- C:\WINDOWS\system32\NETw5c32.dll

2009-01-05 22:41:13 ----A---- C:\WINDOWS\system32\OEMINFO.INI

2009-01-05 22:41:08 ----D---- C:\DELL

2009-01-05 15:29:03 ----SHD---- C:\RECYCLER

2009-01-05 15:28:57 ----A---- C:\WINDOWS\smscfg.ini

2009-01-05 15:26:38 ----D---- C:\Program Files\CyberLink

2009-01-05 15:24:00 ----D---- C:\Program Files\Google

2009-01-05 15:24:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google

2009-01-05 15:23:51 ----A---- C:\WINDOWS\wininit.ini

2009-01-05 15:23:45 ----D---- C:\Program Files\Sonic

2009-01-05 15:23:35 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield

2009-01-05 15:23:15 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic

2009-01-05 15:23:11 ----D---- C:\Program Files\Fichiers communs\Sonic Shared

2009-01-05 15:23:11 ----D---- C:\Program Files\Fichiers communs\Roxio Shared

2009-01-05 15:21:18 ----A---- C:\WINDOWS\system32\btw_ci.dll

2009-01-05 15:21:15 ----D---- C:\Program Files\WIDCOMM

2009-01-05 15:21:08 ----D---- C:\WINDOWS\system32\FRA

2009-01-05 15:21:07 ----D---- C:\WINDOWS\system32\Lang

2009-01-05 15:21:07 ----A---- C:\WINDOWS\system32\imsmudlg.exe

2009-01-05 15:21:07 ----A---- C:\WINDOWS\system32\difxapi.dll

2009-01-05 15:21:02 ----D---- C:\Intel

2009-01-05 15:17:13 ----D---- C:\Program Files\Broadcom

2009-01-05 15:16:34 ----D---- C:\Program Files\Intel

2009-01-05 15:16:34 ----D---- C:\Documents and Settings\All Users\Application Data\Intel

2009-01-05 15:16:07 ----D---- C:\Program Files\Telespree

2009-01-05 15:16:07 ----D---- C:\Program Files\Fichiers communs\Telespree

2009-01-05 15:16:03 ----D---- C:\Program Files\AT&T

2009-01-05 15:16:03 ----D---- C:\Documents and Settings\All Users\Application Data\AT&T

2009-01-05 15:15:33 ----D---- C:\Program Files\MSXML 6.0

2009-01-05 15:13:51 ----D---- C:\Documents and Settings\All Users\Application Data\Dell

2009-01-05 15:10:17 ----D---- C:\Program Files\Fichiers communs\InstallShield

2009-01-05 15:10:13 ----D---- C:\Program Files\Wave Systems Corp

2009-01-05 15:10:07 ----D---- C:\WINDOWS\system32\Test

2009-01-05 15:10:06 ----D---- C:\WINDOWS\Downloaded Installations

2009-01-05 15:10:06 ----D---- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp

2009-01-05 15:09:48 ----D---- C:\Program Files\NTRU Cryptosystems

2009-01-05 15:09:48 ----D---- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems

2009-01-05 15:09:37 ----A---- C:\WINDOWS\system32\brcmbsp_log.txt

2009-01-05 15:09:37 ----A---- C:\WINDOWS\system32\brcmbsp.dll

2009-01-05 15:09:07 ----D---- C:\Program Files\Broadcom Corporation

2009-01-05 15:08:33 ----D---- C:\Program Files\DIFX

2009-01-05 15:08:17 ----A---- C:\WINDOWS\system32\pbadrvdll.dll

2009-01-05 15:03:30 ----DC---- C:\WINDOWS\system32\DRVSTORE

2009-01-05 15:02:44 ----D---- C:\WINDOWS\system32\BioAPIFFDB

2009-01-05 15:02:33 ----HD---- C:\Program Files\InstallShield Installation Information

2009-01-05 15:02:33 ----D---- C:\Program Files\Dell

2009-01-05 15:00:03 ----A---- C:\WINDOWS\system32\javaws.exe

2009-01-05 15:00:03 ----A---- C:\WINDOWS\system32\javaw.exe

2009-01-05 15:00:03 ----A---- C:\WINDOWS\system32\java.exe

2009-01-05 14:59:51 ----D---- C:\Program Files\Java

2009-01-05 14:59:50 ----D---- C:\Program Files\Fichiers communs\Java

2009-01-05 14:54:38 ----HD---- C:\WINDOWS\$hf_mig$

======List of files/folders modified in the last 1 months======

2009-01-25 11:07:43 ----D---- C:\WINDOWS\Temp

2009-01-25 11:07:24 ----D---- C:\WINDOWS\Registration

2009-01-25 00:52:12 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-01-25 00:14:47 ----AD---- C:\WINDOWS\system32

2009-01-25 00:14:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-01-24 17:35:15 ----D---- C:\WINDOWS\system32\CatRoot2

2009-01-24 17:04:35 ----AD---- C:\WINDOWS

2009-01-24 17:03:49 ----D---- C:\WINDOWS\Prefetch

2009-01-24 12:59:49 ----A---- C:\WINDOWS\win.ini

2009-01-24 12:55:57 ----SHD---- C:\WINDOWS\Installer

2009-01-23 23:27:38 ----D---- C:\WINDOWS\system32\config

2009-01-23 22:22:00 ----D---- C:\Program Files\Fichiers communs

2009-01-23 22:21:56 ----D---- C:\WINDOWS\system32\drivers

2009-01-23 18:54:06 ----D---- C:\WINDOWS\Debug

2009-01-23 18:09:50 ----D---- C:\WINDOWS\system32\Restore

2009-01-23 17:25:41 ----RD---- C:\Program Files

2009-01-23 14:31:35 ----A---- C:\AUTOEXEC.BAT

2009-01-23 11:37:46 ----RSHD---- C:\WINDOWS\system32\dllcache

2009-01-23 11:37:44 ----HD---- C:\WINDOWS\inf

2009-01-23 11:29:41 ----RASH---- C:\boot.ini

2009-01-23 11:29:41 ----A---- C:\WINDOWS\system.ini

2009-01-22 15:21:44 ----SD---- C:\WINDOWS\Downloaded Program Files

2009-01-22 15:19:17 ----SD---- C:\WINDOWS\Tasks

2009-01-22 14:48:27 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2009-01-21 09:45:33 ----D---- C:\WINDOWS\system32\CatRoot

2009-01-20 11:08:46 ----D---- C:\WINDOWS\system32\wbem

2009-01-19 18:14:55 ----D---- C:\Program Files\Internet Explorer

2009-01-18 14:58:55 ----D---- C:\WINDOWS\AppPatch

2009-01-17 13:56:25 ----RSD---- C:\WINDOWS\Fonts

2009-01-13 12:41:55 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-01-12 11:13:01 ----D---- C:\Program Files\Windows Media Player

2009-01-12 10:34:00 ----D---- C:\Program Files\NetMeeting

2009-01-11 18:43:01 ----D---- C:\WINDOWS\Microsoft.NET

2009-01-11 18:43:00 ----RSD---- C:\WINDOWS\assembly

2009-01-11 14:27:48 ----D---- C:\Documents and Settings

2009-01-10 18:23:01 ----D---- C:\WINDOWS\Help

2009-01-10 18:20:24 ----D---- C:\WINDOWS\WinSxS

2009-01-10 18:19:41 ----D---- C:\WINDOWS\system32\en-us

2009-01-10 18:19:40 ----D---- C:\WINDOWS\system32\XPSViewer

2009-01-10 18:18:33 ----D---- C:\WINDOWS\system32\fr-fr

2009-01-10 18:18:14 ----D---- C:\WINDOWS\Media

2009-01-10 15:36:18 ----D---- C:\WINDOWS\system32\FxsTmp

2009-01-09 14:10:41 ----D---- C:\WINDOWS\repair

2009-01-09 12:08:00 ----D---- C:\WINDOWS\SoftwareDistribution

2009-01-08 16:34:13 ----D---- C:\Program Files\Fichiers communs\System

2009-01-08 15:57:52 ----D---- C:\WINDOWS\system32\DirectX

2009-01-08 12:58:59 ----D---- C:\WINDOWS\security

2009-01-05 14:58:59 ----D---- C:\Program Files\Messenger

2009-01-05 14:54:43 ----D---- C:\I386

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]

R2 BASFND;BASFND; \??\C:\Program Files\Broadcom\BACS\BASFND.sys []

R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360]

R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848]

R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9136]

R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752]

R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216]

R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304]

R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448]

R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552]

R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000]

R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]

R2 WavxDMgr;WavxDMgr; C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys [2008-11-10 208824]

R3 AESTAud;AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2008-10-28 112128]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-08-13 176640]

R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-08-18 37160]

R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-18 991016]

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]

R3 cvusbdrv;Broadcom USH CV; C:\WINDOWS\System32\Drivers\cvusbdrv.sys [2008-07-31 32808]

R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

R3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-24 6600160]

R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-06-10 31048]

R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]

R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-09-08 51328]

R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]

R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-10-28 1391418]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

R3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2008-07-22 28672]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]

R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-08-18 534440]

S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-08-18 156392]

S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-08-18 37032]

S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-18 47272]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]

S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2009-01-18 42376]

S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2007-12-10 66952]

S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2007-12-10 81288]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]

S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-11-28 27072]

S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]

S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]

S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]

S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]

S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]

S4 atapi;Contrôleur de disque dur IDE/ESDI standard; C:\WINDOWS\system32\DRIVERS\atapi.sys [2008-04-14 96512]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]

S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]

S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-04 354840]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]

R2 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2008-10-16 905216]

R2 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2008-09-25 638976]

R2 SMManager;Smith Micro Connection Manager Service; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2008-10-01 90112]

R2 STacSV;Audio Service; c:\drivers\audio\r201108\stacsv.exe [2008-10-28 237657]

R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2008-11-09 995328]

R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [2008-10-16 348160]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-08 72704]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-01-08 85096]

S3 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-08-15 342624]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2008-07-31 808296]

S3 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2008-07-31 21352]

S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-10 654848]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]

S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-05 30192]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-09 137200]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]

S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-11 152984]

S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

S3 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-24 159812]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-18 337800]

S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-18 1017224]

S3 tcsd_win32.exe;NTRU TSS v1.2.1.28 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-08-05 1249280]

S4 buttonsvc32;Dell ControlPoint Button Service; C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2008-09-04 406808]

S4 dcpsysmgrsvc;Dell ControlPoint System Manager; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2008-11-11 451872]

-----------------EOF-----------------

Falkra · le 25 janvier 2009

Va dans la console de services, Démarrer/Exécuter... (ou Windows+r), services.msc

Regarde l'état du service "Carte de performance WMI" (en double cliquant dessus), s'il est arrêté ou démarré, et note son type de démarrage (manuel/automatique/désactivé) stp.

Note la même chose pour le service "Extensions du pilote WMI"

Tu as utilisé Combofix dernièrement ?

illico · le 25 janvier 2009

La carte de performance VMI est arrétée et le type de démarrage est manuel.

Mème chose pour le type d'expension VMI : arrété et manuel.

Oui j'ai utilisé Combofix, sur un forum on m'avait conseillé de scaner avec ! mais il n'est plus installé sur ma machine.

Falkra · le 25 janvier 2009

Houla, mais ce n'est pas du tout un outil de scan, combofix, et utilisé sans supervision, ou conseillé au pif, ça peut faire des dégâts.

Poste le rapport c:\combofix.txt stp.

illico · le 25 janvier 2009

J'ai pas trouvé ce rapport, mais j'ai toujours combofix sur une clé et je peu l'éxécuter si c'est nécessaire !

Falkra · le 25 janvier 2009

Efface le combofix de ta clé, il ne faut pas le lancer depuis une clé, et il n'est plus à jour, c'est dangereux, utilisé comme ça !

Regarde ici pour des rapports combofix C:\Qoobox\ComboFixX.txt (où X est un chiffre).

illico · le 25 janvier 2009

J'ai fait un scan avec mon anti virus Avira antivir et il me signale toujours 3 avertissements, je ne sais pas à quoi ça correspond je joins le rapport:

Avira AntiVir Personal

Date de création du fichier de rapport : 2009-01-25 15:24

La recherche porte sur 1258209 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic

Numéro de série : 0000149996-ADJIE-0001

Plateforme : Windows XP

Version de Windows :(Service Pack 3) [5.1.2600]

Mode Boot : Démarré normalement

Identifiant : SYSTEM

Nom de l'ordinateur :MANDARIN

Informations de version :

BUILD.DAT : 8.2.0.52 16931 Bytes 2008-12-02 14:55:00

AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-18 08:21:00

AVSCAN.DLL : 8.1.4.1 49921 Bytes 2008-07-21 13:44:27

LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:16

LUKERES.DLL : 8.1.4.0 13057 Bytes 2008-07-04 07:30:27

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 11:30:36

ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 2009-01-14 11:31:18

ANTIVIR2.VDF : 7.1.1.148 440832 Bytes 2009-01-20 12:29:27

ANTIVIR3.VDF : 7.1.1.169 326656 Bytes 2009-01-23 08:40:09

Version du moteur: 8.2.0.60

AEVDF.DLL : 8.1.0.6 102772 Bytes 2008-10-14 10:05:56

AESCRIPT.DLL : 8.1.1.32 340347 Bytes 2009-01-23 08:40:13

AESCN.DLL : 8.1.1.5 123251 Bytes 2008-11-07 15:06:41

AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-04 13:58:38

AEPACK.DLL : 8.1.3.5 393588 Bytes 2009-01-19 11:31:28

AEOFFICE.DLL : 8.1.0.33 196987 Bytes 2009-01-19 11:31:27

AEHEUR.DLL : 8.1.0.86 1552759 Bytes 2009-01-23 08:40:12

AEHELP.DLL : 8.1.2.0 119159 Bytes 2009-01-19 11:31:23

AEGEN.DLL : 8.1.1.10 323957 Bytes 2009-01-19 11:31:22

AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-14 10:05:56

AECORE.DLL : 8.1.5.2 172405 Bytes 2009-01-19 11:31:21

AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-14 10:05:56

AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:02

AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:27:58

AVREP.DLL : 8.0.0.2 98344 Bytes 2008-07-31 12:02:15

AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:37

AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:19

AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:46

SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02

SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:36

NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:07

RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-07-04 07:23:16

RCTEXT.DLL : 8.0.52.1 86273 Bytes 2008-07-17 10:08:43

Configuration pour la recherche actuelle :

Nom de la tâche..................: Contrôle intégral du système

Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp

Documentation....................: bas

Action principale................: interactif

Action secondaire................: ignorer

Recherche sur les secteurs d'amorçage maître: marche

Recherche sur les secteurs d'amorçage: marche

Secteurs d'amorçage..............: C:, E:,

Recherche dans les programmes actifs: marche

Recherche en cours sur l'enregistrement: marche

Recherche de Rootkits............: arrêt

Fichier mode de recherche........: Tous les fichiers

Recherche sur les archives.......: marche

Limiter la profondeur de récursivité: 20

Archive Smart Extensions.........: marche

Heuristique de macrovirus........: marche

Heuristique fichier..............: moyen

Catégories de dangers divergentes: +APPL,+GAME,+JOKE,+PCK,+SPR,

Début de la recherche : 2009-01-25 15:24

La recherche sur les processus démarrés commence :

Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés

Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés

Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés

Processus de recherche 'WLKEEPER.exe' - '1' module(s) sont contrôlés

Processus de recherche 'TdmService.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'SecureStorageService.exe' - '1' module(s) sont contrôlés

Processus de recherche 'locator.exe' - '1' module(s) sont contrôlés

Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés

Processus de recherche 'IAANTmon.exe' - '1' module(s) sont contrôlés

Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés

Processus de recherche 'dllhost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés

Processus de recherche 'BTTray.exe' - '1' module(s) sont contrôlés

Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés

Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés

Processus de recherche 'sttray.exe' - '1' module(s) sont contrôlés

Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés

Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés

Processus de recherche 'SMManager.exe' - '1' module(s) sont contrôlés

Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés

Processus de recherche 'stacsv.exe' - '1' module(s) sont contrôlés

Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés

Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés

Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés

Processus de recherche 'services.exe' - '1' module(s) sont contrôlés

Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés

Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés

Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés

'36' processus ont été contrôlés avec '36' modules

La recherche sur les secteurs d'amorçage maître commence :

Secteur d'amorçage maître HD0

[iNFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :

Secteur d'amorçage 'C:\'

[iNFO] Aucun virus trouvé !

Secteur d'amorçage 'E:\'

[iNFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.

Le registre a été contrôlé ( '56' fichiers).

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\' <OS>

C:\hiberfil.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

Recherche débutant dans 'E:\' <Réserve>

E:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

Fin de la recherche : 2009-01-25 15:40

Temps nécessaire: 16:11 Minute(s)

La recherche a été effectuée intégralement

6887 Les répertoires ont été contrôlés

304440 Des fichiers ont été contrôlés

0 Des virus ou programmes indésirables ont été trouvés

0 Des fichiers ont été classés comme suspects

0 Des fichiers ont été supprimés

0 Des virus ou programmes indésirables ont été réparés

0 Les fichiers ont été déplacés dans la quarantaine

0 Les fichiers ont été renommés

3 Impossible de contrôler des fichiers

304437 Fichiers non infectés

7817 Les archives ont été contrôlées

3 Avertissements

0 Consignes

Falkra · le 25 janvier 2009

Pagefile.sys et Hyberfile.sys sont les fichiers d'échange et de veille prolongée, que windows utilise quand il n'y a plus assez de mémoire vive disponible, ou pour stocker les données de la mémoire vive en cas de veille prolongée, il est normal que les programe n'y accèdent pas, et ce n'est jamais infectieux.

Recherche débutant dans 'C:\' <OS>
C:\hiberfil.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

Recherche débutant dans 'E:\' <Réserve>

E:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

As-tu des périphériques USB branchés quand tu démarres la machine ?

illico · le 25 janvier 2009

Bonjour,

Non je branche mon USB qu'aprés, une fois que tout est en place.

Falkra · le 25 janvier 2009

Cela relève de software a priori : la machine n'est plus infectée.

Désinstalle combofix : entre combofix /u dans la boite exécuter du menu démarrer.

Après cela, efface ces dossiers s'ils existent encore.

C:\QooBox

C:\combofix

Connexion

Pas encore inscrit ?

Fin de démarrage de XP trop lente !

Messages recommandés

illico

Falkra

illico

Falkra

illico

Falkra

illico

Falkra

illico

Falkra

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer