Se connecter / S'enregistrer
Votre question

Lancement automatique d'un antivirus

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Février 2010 17:59:18

Bonjour,
J'ai un anti virus qui se lance automatiquement et me détecte des infections, alors que la veille j'avais AVAST.
Je ne peux même plus ouvrir un programme. L'antivirus s'appelle Antivirus XP 2010, les fenêtres m'invite à acheter l'antivirus. Comment faire pour m'en débarrasser, car je pense que c'est un leurre !

Merci

Autres pages sur : lancement automatique antivirus

a c 295 8 Sécurité
14 Février 2010 18:07:25

Bonjour,

Oui, c'est un rogue.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.
    15 Février 2010 17:56:37

    Bonjour voilà ce que ça donne.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Toon at 2010-02-15 17:43:44
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 7 GB (6%) free of 108 GB
    Total RAM: 1023 MB (47% free)


    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]
    PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6a7400d6-6615-4a06-a4d1-48979fa6e868}]
    IMBooster4web-en Toolbar - C:\Program Files\iminent-en\tbimi0.dll [2009-11-06 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
    Iminent.BHO.NavigationError - C:\Program Files\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll [2010-01-25 111768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
    Ask Search Assistant BHO - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL [2008-12-26 57344]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
    IMinent WebBooster (BHO) - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll [2009-11-17 179952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}]
    LinkToContent Class - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll [2010-01-28 105960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]
    Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaz1.dll [2009-11-11 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-01 812528]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
    FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-02-27 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-18 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-18 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ec69794b-60b3-44fe-a0b1-1efebfc131eb}]
    Nova-FR Toolbar - C:\Program Files\Nova-FR\tbNova.dll [2009-12-31 2349080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
    free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre0.dll [2009-11-06 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
    SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
    Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-10-09 282112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
    Fast Browser Search Toolbar Helper - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
    Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2008-12-26 245760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
    {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2008-12-26 245760]
    {ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre0.dll [2009-11-06 2166296]
    {6a7400d6-6615-4a06-a4d1-48979fa6e868} - IMBooster4web-en Toolbar - C:\Program Files\iminent-en\tbimi0.dll [2009-11-06 2166296]
    {66886C4D-B307-4ECA-A228-52CA9B9851A4}
    {1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080]
    {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Fast Browser Search Toolbar - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]
    {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaz1.dll [2009-11-11 2166296]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
    {ec69794b-60b3-44fe-a0b1-1efebfc131eb} - Nova-FR Toolbar - C:\Program Files\Nova-FR\tbNova.dll [2009-12-31 2349080]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-04-24 54784]
    "ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
    "ATIPTA"=C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-06-19 335872]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-18 148888]
    "VCSPlayer"=C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe [2002-06-07 299008]
    "NovaNet-WEB Tray Control"=C:\Program Files\Packard Bell EverSafe\TrayControl.exe [2002-07-31 762368]
    "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088]
    "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2003-08-22 151597]
    "CleanEasyImg"=c:\apps\easydvd\cleanall.exe []
    "MULTIMEDIA KEYBOARD"=C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe [2001-11-08 147456]
    "MPTBox"=C:\Program Files\Canon\MultiPASS4\MPTBox.exe [2002-11-27 172032]
    "Host Process"=C:\WINDOWS\Fonts\svchost.exe []
    "QuickFinder Scheduler"=c:\Corel\Office7\Shared\QFinder7\QFSCHED.EXE [1996-06-28 46080]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
    "ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe -scheduler []
    "ISUSPM Startup"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe -startup []
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
    "SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
    "IMBooster"=C:\Program Files\Iminent\IMBooster\imbooster.exe [2010-01-28 1334248]
    "Iminent.Notifier"=C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe [2010-02-08 510200]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe []
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "msnmsgr"=~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
    "Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-02-27 3399727]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-13 323392]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-05 39408]
    "Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2009-11-02 2923192]
    "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-11-11 289072]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
    "WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-11-14 88304]
    "xirbmw"=c:\documents and settings\toon\local settings\application data\xirbmw.exe [2010-02-13 385024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Iminent.Notifier Install"=C:\DOCUME~1\Toon\LOCALS~1\Temp\NotifierSetup.exe [2010-02-09 1480064]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Packard Bell EverSafe Tray Control.lnk - C:\Program Files\Packard Bell EverSafe\TrayControl.exe

    C:\Documents and Settings\Toon\Menu Démarrer\Programmes\Démarrage
    DAD (gestionnaire des applications du bureau) de Corel .LNK - C:\Corel\Office7\Dad7\QUICK.EXE
    Lanceur Pointsoft.lnk - C:\pointsoft\lanceur.exe
    Notification de cadeaux MSN.lnk - C:\Documents and Settings\Toon\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    PerfectPrint.LNK - C:\Corel\Office7\Shared\PFit7\PFPPOP70.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=B1000000

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=
    "NoDriveAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorateur Windows"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\EA GAMES\MOHDA\MOHAA.exe"="C:\Program Files\EA GAMES\MOHDA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
    "C:\Program Files\EA GAMES\MOHDA\+set ui_console 1 +set cheats 1 +set thereisnomonkey 1.exe"="C:\Program Files\EA GAMES\MOHDA\+set ui_console 1 +set cheats 1 +set thereisnomonkey 1.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
    "C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Chaos Theory\System\splintercell3.exe"="C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Chaos Theory\System\splintercell3.exe:*:Enabled:splintercell3"
    "C:\Program Files\Maxis\SimCity 3000 World Edition\Apps\Updater\UPDATER.EXE"="C:\Program Files\Maxis\SimCity 3000 World Edition\Apps\Updater\UPDATER.EXE:*:Enabled:SC3UpdaterMFC"
    "C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe:*:D isabled:Medal of Honor Pacific Assault(tm)"
    "C:\Documents and Settings\Toon\Bureau\MI\UnrealGold\System\Unreal.exe"="C:\Documents and Settings\Toon\Bureau\MI\UnrealGold\System\Unreal.exe:*:Enabled:Unreal"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
    "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
    "C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Documents and Settings\Toon\Bureau\MI\UT2004\System\UT2004.exe"="C:\Documents and Settings\Toon\Bureau\MI\UT2004\System\UT2004.exe:*:Enabled:UT2004"
    "C:\Program Files\Ubisoft\XIII\system\XIII.exe"="C:\Program Files\Ubisoft\XIII\system\XIII.exe:*:Enabled:XIII"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:p ando Media Booster"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
    "C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
    "C:\Program Files\EA GAMES\Medal of Honor Allied Assault Breakthrough Demo\moh_breakthrough_demo.exe"="C:\Program Files\EA GAMES\Medal of Honor Allied Assault Breakthrough Demo\moh_breakthrough_demo.exe:*:Enabled:Medal of Honor Allied Assault(tm) Breakthrough Demo"
    "C:\DOCUME~1\Toon\LOCALS~1\Temp\IXP000.TMP\gfhrtrt.exe"="C:\DOCUME~1\Toon\LOCALS~1\Temp\IXP000.TMP\gfhrtrt.exe:*:Enabled:Firevall Administrating"
    "C:\Program Files\Metin2_France\metin2client.bin"="C:\Program Files\Metin2_France\metin2client.bin:*:Enabled:metin2client"
    "C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:D isabled:Worms 4 Mayhem"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{155fb788-664c-11dd-a639-000c7644803e}]
    shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
    shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d290f4c-c4bc-11db-8f71-000d3c20b1d1}]
    shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
    shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d49bfab2-aafe-11db-8f69-000c7644803e}]
    shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
    shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4c5458a-cae4-11dd-a682-000c7644803e}]
    shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
    shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe


    ======File associations======

    .exe - open - "C:\Documents and Settings\Toon\Local Settings\Application Data\av.exe" /START "%1" %*

    ======List of files/folders created in the last 3 months======

    2010-02-15 17:40:51 ----D---- C:\Program Files\trend micro
    2010-02-15 17:40:49 ----D---- C:\rsit
    2010-02-14 13:59:05 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2010-02-13 21:10:44 ----D---- C:\WINDOWS\Sun
    2010-02-10 22:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
    2010-02-10 22:06:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
    2010-02-10 22:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
    2010-02-10 22:06:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
    2010-02-10 22:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
    2010-02-10 22:05:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
    2010-02-10 22:05:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
    2010-02-10 22:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
    2010-02-10 22:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
    2010-02-09 17:54:52 ----HD---- C:\Documents and Settings\All Users\Application Data\{C8831C54-20C5-4438-9725-9E4A8BFFA66C}
    2010-02-04 19:47:25 ----HD---- C:\Documents and Settings\All Users\Application Data\{924B45CC-9477-41E9-808B-6F623B920F1E}
    2010-02-04 19:46:37 ----HD---- C:\Documents and Settings\All Users\Application Data\{DF3D7EF6-7048-48B8-BA35-8E517A744670}
    2010-01-28 17:12:24 ----D---- C:\Netts
    2010-01-27 15:39:08 ----D---- C:\Program Files\Codemasters
    2010-01-21 11:17:00 ----D---- C:\Program Files\Nova-FR
    2010-01-16 20:59:07 ----D---- C:\Documents and Settings\Toon\Application Data\Media Art
    2010-01-16 20:59:06 ----D---- C:\Program Files\Anuman Interactive
    2010-01-13 21:54:10 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
    2010-01-13 21:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
    2009-12-27 11:13:02 ----D---- C:\Documents and Settings\Toon\Application Data\Spore
    2009-12-18 22:25:39 ----D---- C:\Program Files\Metin2_France
    2009-12-09 21:44:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
    2009-12-09 21:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
    2009-12-09 21:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-12-09 21:42:24 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-12-09 21:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
    2009-12-09 21:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
    2009-12-09 21:41:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
    2009-12-07 18:01:46 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-12-07 18:01:40 ----D---- C:\Program Files\MSBuild
    2009-12-07 18:01:37 ----D---- C:\WINDOWS\system32\en-US
    2009-12-07 18:01:27 ----D---- C:\Program Files\Reference Assemblies
    2009-12-07 18:00:52 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-12-07 18:00:52 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-12-07 18:00:52 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-12-07 18:00:52 ----D---- C:\fcb4f6c5ebf68523b1a4e31629
    2009-12-05 22:16:46 ----D---- C:\Program Files\GameSpy Arcade
    2009-12-05 16:39:46 ----D---- C:\Program Files\MSXML 6.0
    2009-12-05 16:34:02 ----D---- C:\ca06438adbc109076a3bef
    2009-12-05 16:33:55 ----D---- C:\dbd4949109b4015f5f7a781e
    2009-12-04 22:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-12-04 22:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-12-04 16:58:41 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-12-04 15:52:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-12-04 15:52:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-12-04 15:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-12-04 15:52:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-12-04 15:52:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-12-04 15:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
    2009-12-04 15:50:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
    2009-12-04 15:48:25 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
    2009-12-04 15:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
    2009-12-04 15:46:10 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
    2009-12-04 15:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-12-04 15:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-12-04 15:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-12-04 15:41:30 ----D---- C:\WINDOWS\ie7updates
    2009-12-04 15:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-12-04 15:39:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-12-04 15:38:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-12-04 15:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
    2009-12-04 15:35:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-12-04 15:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-12-04 15:35:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-12-04 15:35:20 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-12-04 15:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-12-04 15:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-12-04 15:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-12-04 15:34:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-12-04 15:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
    2009-12-04 15:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-12-04 15:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-12-04 15:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
    2009-12-04 15:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-12-04 15:34:15 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-12-04 15:33:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
    2009-12-04 15:33:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-12-04 15:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-12-04 15:33:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-12-04 15:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-12-04 15:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-12-04 15:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-12-04 15:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-12-04 15:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-12-04 15:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-12-04 15:30:02 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-12-04 15:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-12-04 15:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-12-04 15:29:29 ----D---- C:\Program Files\MSXML 4.0
    2009-12-04 15:29:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
    2009-12-04 15:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-12-04 15:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-12-03 21:27:06 ----D---- C:\Program Files\SweetIM
    2009-12-03 21:27:06 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
    2009-12-03 17:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
    2009-12-03 17:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-12-03 17:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-12-03 17:08:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
    2009-12-03 17:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-12-03 17:08:23 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-12-03 17:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-12-03 17:07:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-12-02 21:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-12-02 20:33:28 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2009-12-02 20:33:28 ----A---- C:\WINDOWS\system32\mucltui.dll
    2009-12-02 20:32:59 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2009-12-02 20:32:59 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2009-12-02 20:32:59 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2009-12-01 15:28:18 ----D---- C:\Program Files\Call of Duty Modern Warfare 2
    2009-11-29 14:40:45 ----D---- C:\Program Files\MagicISO
    2009-11-29 14:20:13 ----D---- C:\LSW2
    2009-11-24 16:37:34 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-11-24 16:36:42 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-11-24 16:35:33 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-11-24 16:35:11 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-11-24 16:34:37 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-11-24 16:34:28 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-11-24 16:31:38 ----D---- C:\Program Files\Microsoft
    2009-11-22 11:48:18 ----D---- C:\Documents and Settings\Toon\Application Data\DassaultSystemes
    2009-11-22 11:48:18 ----D---- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
    2009-11-22 11:42:37 ----D---- C:\Program Files\Fichiers communs\eDrawings2010
    2009-11-19 18:22:27 ----D---- C:\Program Files\Dofus

    ======List of files/folders modified in the last 3 months======

    2010-02-15 17:43:19 ----D---- C:\Documents and Settings\Toon\Application Data\Free Download Manager
    2010-02-15 17:41:25 ----D---- C:\WINDOWS\Prefetch
    2010-02-15 17:40:51 ----RD---- C:\Program Files
    2010-02-15 17:39:46 ----D---- C:\Documents and Settings\Toon\Application Data\uTorrent
    2010-02-15 17:39:43 ----D---- C:\Documents and Settings\Toon\Application Data\DNA
    2010-02-15 16:51:14 ----D---- C:\WINDOWS\Temp
    2010-02-15 12:39:15 ----D---- C:\Program Files\Packard Bell EverSafe
    2010-02-15 12:39:10 ----D---- C:\Program Files\DNA
    2010-02-15 12:36:15 ----A---- C:\WINDOWS\SchedLgU.Txt
    2010-02-14 18:31:40 ----D---- C:\Downloads
    2010-02-14 13:59:24 ----D---- C:\WINDOWS\system32\drivers
    2010-02-14 13:59:21 ----D---- C:\WINDOWS\system32
    2010-02-14 13:57:30 ----A---- C:\WINDOWS\Msiosd.ini
    2010-02-14 13:39:45 ----D---- C:\WINDOWS
    2010-02-14 12:37:08 ----A---- C:\WINDOWS\imsins.BAK
    2010-02-13 23:04:44 ----D---- C:\WINDOWS\system32\CatRoot2
    2010-02-13 10:12:52 ----A---- C:\WINDOWS\MMKEYBD.INI
    2010-02-10 22:06:56 ----HD---- C:\WINDOWS\inf
    2010-02-10 22:06:53 ----HD---- C:\WINDOWS\$hf_mig$
    2010-02-10 22:06:51 ----SHD---- C:\WINDOWS\Installer
    2010-02-10 22:06:19 ----RSHD---- C:\WINDOWS\system32\dllcache
    2010-02-09 17:54:55 ----D---- C:\Program Files\Iminent
    2010-02-05 21:23:38 ----SD---- C:\Documents and Settings\Toon\Application Data\Microsoft
    2010-02-04 19:47:06 ----D---- C:\Documents and Settings\All Users\Application Data\Iminent
    2010-02-04 19:46:44 ----D---- C:\WINDOWS\WinSxS
    2010-02-04 19:46:29 ----RSD---- C:\WINDOWS\assembly
    2010-02-01 21:42:35 ----SD---- C:\WINDOWS\Tasks
    2010-02-01 21:42:25 ----D---- C:\Program Files\Google
    2010-01-27 15:38:58 ----HD---- C:\Program Files\InstallShield Installation Information
    2010-01-26 20:49:31 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-22 22:52:01 ----D---- C:\WINDOWS\system32\fr-fr
    2010-01-22 22:52:01 ----D---- C:\Program Files\Internet Explorer
    2010-01-21 17:38:56 ----D---- C:\Program Files\Microsoft Games
    2010-01-21 15:06:02 ----D---- C:\WINDOWS\system32\Restore
    2010-01-21 14:34:23 ----D---- C:\Program Files\Rockstar Games
    2010-01-21 14:10:02 ----D---- C:\Documents and Settings\Toon\Application Data\LimeWire
    2010-01-21 11:06:44 ----D---- C:\Program Files\PHPNukeFR
    2010-01-21 10:35:04 ----D---- C:\Program Files\Microsoft Silverlight
    2010-01-16 20:57:49 ----D---- C:\Program Files\WinZip
    2010-01-16 20:57:49 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
    2010-01-16 20:55:39 ----D---- C:\Program Files\Fichiers communs
    2010-01-16 20:55:39 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
    2010-01-16 20:55:03 ----D---- C:\Program Files\EA GAMES
    2010-01-14 16:45:23 ----D---- C:\WINDOWS\AppPatch
    2010-01-08 21:23:20 ----A---- C:\WINDOWS\clips.ini
    2010-01-05 10:56:14 ----A---- C:\WINDOWS\system32\wininet.dll
    2010-01-05 10:56:13 ----A---- C:\WINDOWS\system32\webcheck.dll
    2010-01-05 10:56:13 ----A---- C:\WINDOWS\system32\urlmon.dll
    2010-01-05 10:56:13 ----A---- C:\WINDOWS\system32\url.dll
    2010-01-05 10:56:13 ----A---- C:\WINDOWS\system32\pngfilt.dll
    2010-01-05 10:56:13 ----A---- C:\WINDOWS\system32\occache.dll
    2010-01-05 10:56:12 ----A---- C:\WINDOWS\system32\mstime.dll
    2010-01-05 10:56:12 ----A---- C:\WINDOWS\system32\msrating.dll
    2010-01-05 10:56:12 ----A---- C:\WINDOWS\system32\mshtmled.dll
    2010-01-05 10:56:12 ----A---- C:\WINDOWS\system32\mshtml.dll
    2010-01-05 10:56:10 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
    2010-01-05 10:56:10 ----A---- C:\WINDOWS\system32\msfeeds.dll
    2010-01-05 10:56:10 ----A---- C:\WINDOWS\system32\jsproxy.dll
    2010-01-05 10:56:10 ----A---- C:\WINDOWS\system32\iertutil.dll
    2010-01-05 10:56:09 ----A---- C:\WINDOWS\system32\iernonce.dll
    2010-01-05 10:56:09 ----A---- C:\WINDOWS\system32\iepeers.dll
    2010-01-05 10:56:09 ----A---- C:\WINDOWS\system32\ieframe.dll
    2010-01-05 10:56:08 ----A---- C:\WINDOWS\system32\ieencode.dll
    2010-01-05 10:56:08 ----A---- C:\WINDOWS\system32\iedkcs32.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\ieapfltr.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\ieaksie.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\ieakeng.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\icardie.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\extmgr.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\dxtrans.dll
    2010-01-05 10:56:07 ----A---- C:\WINDOWS\system32\dxtmsft.dll
    2010-01-05 10:56:06 ----A---- C:\WINDOWS\system32\corpol.dll
    2010-01-05 10:56:06 ----A---- C:\WINDOWS\system32\advpack.dll
    2009-12-31 16:33:54 ----A---- C:\WINDOWS\system32\ieudinit.exe
    2009-12-31 16:33:54 ----A---- C:\WINDOWS\system32\ie4uinit.exe
    2009-12-18 14:04:09 ----A---- C:\WINDOWS\system32\ieakui.dll
    2009-12-17 08:59:41 ----A---- C:\WINDOWS\system32\mspaint.exe
    2009-12-14 08:36:38 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-12-12 08:14:29 ----D---- C:\WINDOWS\Microsoft.NET
    2009-12-10 21:51:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-09 21:43:11 ----D---- C:\WINDOWS\system32\CatRoot
    2009-12-09 11:26:28 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-12-09 11:26:23 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-12-08 10:00:53 ----A---- C:\WINDOWS\system32\shlwapi.dll
    2009-12-07 18:01:35 ----RSD---- C:\WINDOWS\Fonts
    2009-12-07 18:01:06 ----D---- C:\WINDOWS\system32\spool
    2009-12-06 21:49:37 ----A---- C:\WINDOWS\win.ini
    2009-12-05 23:14:33 ----D---- C:\Program Files\Microsoft Works
    2009-12-05 23:14:17 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-12-05 23:11:25 ----D---- C:\Documents and Settings\Toon\Application Data\Azureus
    2009-12-04 16:58:41 ----D---- C:\WINDOWS\Debug
    2009-12-04 16:09:20 ----D---- C:\WINDOWS\system32\wbem
    2009-12-04 15:52:29 ----D---- C:\Program Files\Messenger
    2009-12-04 15:33:19 ----D---- C:\Program Files\Outlook Express
    2009-12-03 17:08:50 ----D---- C:\WINDOWS\ServicePackFiles
    2009-12-02 20:33:36 ----D---- C:\WINDOWS\Help
    2009-11-29 15:00:20 ----D---- C:\Documents and Settings\Toon\Application Data\DAEMON Tools Lite
    2009-11-29 12:33:34 ----D---- C:\Program Files\INCAInternet
    2009-11-29 12:33:31 ----D---- C:\Program Files\Fichiers communs\INCAInternet
    2009-11-29 12:29:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-11-29 10:35:44 ----D---- C:\Temp
    2009-11-27 18:34:49 ----A---- C:\WINDOWS\system32\quartz.dll
    2009-11-27 18:34:49 ----A---- C:\WINDOWS\system32\msyuv.dll
    2009-11-27 17:38:56 ----A---- C:\WINDOWS\system32\tsbyuv.dll
    2009-11-27 17:38:56 ----A---- C:\WINDOWS\system32\msvidc32.dll
    2009-11-27 17:38:56 ----A---- C:\WINDOWS\system32\msrle32.dll
    2009-11-27 17:38:56 ----A---- C:\WINDOWS\system32\iyuv_32.dll
    2009-11-27 17:38:56 ----A---- C:\WINDOWS\system32\avifil32.dll
    2009-11-24 16:37:35 ----D---- C:\Program Files\Fichiers communs\System
    2009-11-24 16:37:09 ----D---- C:\Program Files\Windows Live
    2009-11-24 16:36:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-11-24 16:35:36 ----D---- C:\WINDOWS\system32\DirectX
    2009-11-22 20:26:02 ----AT---- C:\WINDOWS\system32\SIntfNT.dll
    2009-11-22 20:26:02 ----AT---- C:\WINDOWS\system32\SIntf32.dll
    2009-11-22 20:26:01 ----AT---- C:\WINDOWS\system32\SIntf16.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 msikbd2k;Multimedia Keyboard Filter Driver; C:\WINDOWS\System32\DRIVERS\msikbd2k.sys [2001-10-15 6656]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R1 vcsmpdrv;vcsmpdrv; C:\WINDOWS\System32\DRIVERS\vcsmpdrv.sys [2002-06-07 49232]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
    R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-18 4736]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-24 730092]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-06-19 576512]
    R3 BT848;Studio WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.sys [2002-04-01 211936]
    R3 BTTUNER;Studio WDM TvTuner; C:\WINDOWS\system32\drivers\BTTUNER.sys [2002-04-01 10052]
    R3 BTXBAR;Studio WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.sys [2002-04-01 7778]
    R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-12-20 45568]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2004-04-01 126686]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
    R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2004-04-01 404990]
    R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2004-01-28 13240]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 atfu6p4h;atfu6p4h; C:\WINDOWS\system32\drivers\atfu6p4h.sys []
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
    S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2004-01-28 1309184]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2005-10-13 8704]
    S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
    S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2005-10-13 124928]
    S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2005-10-13 12800]
    S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
    S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2004-01-28 180360]
    S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
    S3 pnicml;pnicml; \??\C:\DOCUME~1\Toon\LOCALS~1\Temp\pnicml.sys []
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2004-01-28 95424]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 TKFsAc;TKFsAc; \??\C:\WINDOWS\system32\TKFsAc2k.sys []
    S3 TKFsAv;TKFsAv; \??\C:\WINDOWS\system32\TKFsAv2k.sys []
    S3 TKFsFt;TKFsFt; \??\C:\WINDOWS\system32\TKFsFt2k.sys []
    S3 TKRgAc;TKRgAc; \??\C:\WINDOWS\system32\TKRgAc2k.sys []
    S3 TKRgFt;TKRgFt; \??\C:\WINDOWS\system32\TKRgFtXp.sys []
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-18 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
    R2 MpService;MpService; C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE [2002-11-27 57344]
    R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
    R2 nhksrv;Netropa NHK Server; C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 28672]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 VCSSecS;Virtual CD v4 Security service (SDK - Version); C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe [2002-05-16 139264]
    R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-11-14 70896]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-06-19 114688]
    S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
    S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-01-08 73796]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-07 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-03 2862428]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-12-22 79360]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    Contenus similaires
    a c 295 8 Sécurité
    15 Février 2010 18:29:27

    Tu fais la collection de virus ?

  • Télécharge Ad-Remover (de C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour Français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    18 Février 2010 19:03:49

    Bonjour
    j ai le meme probleme la difference est que je ne peux pas aller sur internet et donc telecharger le lien comment je peux faire? aidez moi je suis une grosse nulle en informatique
    Anonyme
    2 Mars 2010 12:03:14

    djoule_93 a dit :
    Bonjour
    j ai le meme probleme la difference est que je ne peux pas aller sur internet et donc telecharger le lien comment je peux faire? aidez moi je suis une grosse nulle en informatique


    Bonjour, j'ai eu aussi antivirus xp 2010
    J'ai suivi les conseil de certains sur les forum, parce que moi j'y connais que dale, donc:
    -D'abord pour aller sur internet, je suis allé dans "gestionnaire des tâches" (clic droit dans la barre bleu en bas) puis dans l'onglet "processus" j'ai selectionné un truc qui s'appelle "AV.exe" et j'ai fait terminer le processus", voilà ça m'a permis d'aller sur internet.
    -Ensuite j'ai telecharger combofix.exe (puis selon où il a été installé, j'ai fait clic-droit "envoyer vers":"bureau") puis sur le bureau, un double clic sur l'icone combofix, et j'ai laissé s'executer le programme.
    -Par contre avant de lancer combofix, il faut s'assurer d'avoir desactiver son antivirus et son parefeu pour qu'il n'y ai pas de conflit dans l'execution du programme.
    VOILA, pour moi ça a marcher
    Et je remercie tout ceux qui, sur les forum, permettent aux autres de pouvoir s'en sortir
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS