Votre question

Virus Generic15.CKWE

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Décembre 2009 19:36:36

Bonjour, depuis ce matin, j'ai ce virus qui m'ennuie, comment peut on s'en débarasser, voici le rapport log de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:45, on 13/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 4519 bytes

Autres pages sur : virus generic15 ckwe

13 Décembre 2009 20:17:25

Bonsoir Bidule60,

télécharge RSIT (merci random/random) sur le Bureau : Ici

Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.

-Si HijackThis n' est pas présent/non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).

Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

Tuto : http://forum.pcastuces.com/randoms_system_information_t...

A+
14 Décembre 2009 08:16:22

Merci, voici log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Alexandre at 2009-12-14 08:14:52
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 449 GB (94%) free of 477 GB
Total RAM: 1791 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:14:54, on 14/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Alexandre\Mes documents\Logiciel\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Alexandre.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 4747 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-13 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-09-02 1107200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-09-02 1107200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-13 2043160]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-05 11952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8b72175-e088-11de-962c-806d6172696f}]
shell\AutoRun\command - D:\Run.exe


======List of files/folders created in the last 2 months======

2009-12-14 08:13:08 ----D---- C:\rsit
2009-12-13 19:29:36 ----D---- C:\Program Files\Trend Micro
2009-12-13 14:19:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2009-12-13 11:30:31 ----D---- C:\WINDOWS\NV3392412.TMP
2009-12-13 11:30:10 ----A---- C:\WINDOWS\system32\spmsg.dll
2009-12-13 11:30:09 ----DC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-12-13 11:29:53 ----D---- C:\Program Files\Windows Media Connect 2
2009-12-13 11:29:41 ----DC---- C:\WINDOWS\$NtUninstallwmp11$
2009-12-13 11:28:56 ----DC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-12-13 11:28:35 ----DC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-12-13 10:44:18 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-12-12 10:31:47 ----D---- C:\Documents and Settings\Alexandre\Application Data\Pegasys Inc
2009-12-12 10:27:50 ----D---- C:\Documents and Settings\Alexandre\Application Data\DivX
2009-12-12 10:26:31 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-12-12 10:26:31 ----D---- C:\Program Files\DivX
2009-12-06 18:35:57 ----D---- C:\Program Files\Lavalys
2009-12-06 17:37:53 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-06 17:37:49 ----D---- C:\Program Files\MSBuild
2009-12-06 17:37:46 ----D---- C:\WINDOWS\system32\en-US
2009-12-06 17:37:40 ----D---- C:\Program Files\Reference Assemblies
2009-12-06 17:37:18 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-12-06 17:37:18 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-06 17:37:18 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-06 17:37:17 ----D---- C:\af8fad2860d87493ab3c5ad3c607dc92
2009-12-06 14:01:49 ----D---- C:\Program Files\McDonaldsDragons
2009-12-06 14:00:52 ----SHD---- C:\WINDOWS\ftpcache
2009-12-06 10:03:36 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-12-06 10:03:36 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-12-05 19:41:24 ----D---- C:\Program Files\MSXML 4.0
2009-12-05 17:17:56 ----D---- C:\WINDOWS\Prefetch
2009-12-05 17:06:56 ----D---- C:\WINDOWS\system32\fr
2009-12-05 17:06:56 ----D---- C:\WINDOWS\l2schemas
2009-12-05 17:06:55 ----D---- C:\WINDOWS\system32\bits
2009-12-05 17:04:28 ----D---- C:\WINDOWS\network diagnostic
2009-12-05 17:03:32 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-05 17:03:32 ----D---- C:\WINDOWS\EHome
2009-12-05 16:29:15 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2009-12-05 16:29:15 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2009-12-05 16:29:14 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2009-12-05 16:29:13 ----A---- C:\WINDOWS\system32\msir3jp.dll
2009-12-05 16:28:53 ----A---- C:\WINDOWS\system32\c_g18030.dll
2009-12-05 16:28:52 ----A---- C:\WINDOWS\system32\kbd101a.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbdax2.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbd106n.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\kbd101.dll
2009-12-05 16:28:39 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2009-12-05 16:26:43 ----A---- C:\WINDOWS\system32\c_is2022.dll
2009-12-05 16:26:35 ----A---- C:\WINDOWS\system32\uniime.dll
2009-12-05 16:26:26 ----A---- C:\WINDOWS\system32\imjp81k.dll
2009-12-05 16:26:23 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-12-05 16:26:23 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-12-05 16:26:23 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-12-05 16:26:23 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-12-05 16:26:23 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-12-05 16:26:21 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2009-12-05 16:26:21 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2009-12-05 16:26:21 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2009-12-05 16:26:21 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2009-12-05 16:26:20 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2009-12-05 16:26:20 ----A---- C:\WINDOWS\system32\c_iscii.dll
2009-12-05 16:26:19 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbda3.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbda2.dll
2009-12-05 16:26:17 ----RA---- C:\WINDOWS\system32\kbda1.dll
2009-12-05 16:26:17 ----A---- C:\WINDOWS\system32\kbdusa.dll
2009-12-05 16:26:14 ----D---- C:\Program Files\SAGEM
2009-12-05 16:26:13 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2009-12-05 16:26:01 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2009-12-05 16:26:01 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2009-12-05 16:26:01 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2009-12-05 16:26:00 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2009-12-05 16:25:59 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2009-12-05 16:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\SmartCom
2009-12-05 16:19:26 ----A---- C:\WINDOWS\system32\SerialPortLib.dll
2009-12-05 16:19:26 ----A---- C:\WINDOWS\system32\DragnDropCopyHook.dll
2009-12-05 16:19:21 ----D---- C:\Program Files\SmartCom
2009-12-05 16:17:08 ----RSD---- C:\WINDOWS\assembly
2009-12-05 16:16:55 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-05 15:04:13 ----D---- C:\WINDOWS\ie8updates
2009-12-05 15:04:06 ----D---- C:\WINDOWS\WBEM
2009-12-05 15:03:55 ----HDC---- C:\WINDOWS\ie8
2009-12-05 15:03:55 ----D---- C:\WINDOWS\system32\fr-FR
2009-12-05 14:54:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-05 14:53:02 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-05 14:05:47 ----D---- C:\Program Files\DVD2one V2
2009-12-05 13:15:05 ----D---- C:\Documents and Settings\Alexandre\Application Data\dvdcss
2009-12-05 13:07:15 ----D---- C:\Documents and Settings\Alexandre\Application Data\WinRAR
2009-12-05 13:07:06 ----D---- C:\Program Files\WinRAR
2009-12-05 12:56:19 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-05 12:51:13 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2009-12-05 12:51:13 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2009-12-05 12:51:13 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2009-12-05 12:51:13 ----N---- C:\WINDOWS\system32\ImagX7.dll
2009-12-05 12:51:13 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2009-12-05 12:51:12 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-12-05 12:51:12 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2009-12-05 12:51:09 ----D---- C:\Program Files\Ahead
2009-12-05 12:33:08 ----D---- C:\Documents and Settings\Alexandre\Application Data\Ahead
2009-12-05 12:32:52 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-12-05 12:22:46 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-12-05 12:22:39 ----A---- C:\WINDOWS\unin040c.exe
2009-12-05 12:03:20 ----D---- C:\Documents and Settings\All Users\Application Data\SlySoft
2009-12-05 12:01:30 ----D---- C:\Program Files\uTorrent
2009-12-05 12:00:45 ----D---- C:\Program Files\SlySoft
2009-12-05 12:00:42 ----HD---- C:\$AVG8.VAULT$
2009-12-05 12:00:31 ----D---- C:\Documents and Settings\Alexandre\Application Data\uTorrent
2009-12-05 11:06:44 ----D---- C:\Documents and Settings\Alexandre\Application Data\vlc
2009-12-05 11:06:18 ----D---- C:\Program Files\VideoLAN
2009-12-05 10:59:42 ----D---- C:\Program Files\DVD Decrypter
2009-12-05 10:30:09 ----D---- C:\Documents and Settings\Alexandre\Application Data\Malwarebytes
2009-12-05 10:30:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-05 10:30:04 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-05 10:27:14 ----D---- C:\Program Files\CCleaner
2009-12-05 10:12:14 ----D---- C:\Program Files\Microsoft
2009-12-05 10:12:01 ----D---- C:\Program Files\Windows Live SkyDrive
2009-12-05 10:11:43 ----D---- C:\Program Files\Windows Live
2009-12-05 10:01:43 ----D---- C:\WINDOWS\SxsCaPendDel
2009-12-05 09:49:57 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-12-05 09:46:35 ----D---- C:\Documents and Settings\Alexandre\Application Data\Macromedia
2009-12-05 09:46:35 ----D---- C:\Documents and Settings\Alexandre\Application Data\Adobe
2009-12-05 09:46:15 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-12-05 09:46:08 ----D---- C:\Documents and Settings\Alexandre\Application Data\Yahoo!
2009-12-05 09:38:15 ----D---- C:\Program Files\Yahoo!
2009-12-05 09:04:44 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-12-05 09:04:41 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-12-05 09:04:37 ----D---- C:\Program Files\AVG
2009-12-05 09:04:37 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-12-05 08:52:23 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-05 08:52:22 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-05 08:40:47 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-12-05 08:40:17 ----A---- C:\WINDOWS\system32\wpa.bak
2009-12-05 08:38:40 ----SHD---- C:\RECYCLER
2009-12-04 06:26:23 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-04 06:23:04 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-04 06:22:30 ----SHD---- C:\WINDOWS\Installer
2009-12-04 06:22:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-04 06:22:29 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-12-04 06:22:29 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-04 06:22:27 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-12-04 06:22:26 ----RD---- C:\Program Files
2009-12-04 06:22:26 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-12-04 06:22:26 ----D---- C:\Program Files\Fichiers communs
2009-12-04 06:22:23 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-04 06:22:23 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-04 06:22:23 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-04 06:22:21 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-04 06:22:19 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-04 06:22:17 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-04 06:22:17 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-04 06:22:17 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-04 06:22:17 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-04 06:22:17 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-04 06:22:15 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-12-04 06:22:14 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-12-04 06:22:14 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-12-04 06:22:14 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-12-04 06:22:14 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-12-04 06:22:14 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-12-04 06:22:14 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-04 06:22:13 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-04 06:22:13 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-04 06:22:12 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-04 06:22:12 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-04 06:22:12 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-04 06:22:10 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-12-04 06:22:10 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-04 06:22:10 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-04 06:22:09 ----A---- C:\WINDOWS\notepad.exe
2009-12-04 06:22:07 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-04 06:22:03 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-12-04 06:20:22 ----RA---- C:\WINDOWS\SET8.tmp
2009-12-04 06:20:19 ----RA---- C:\WINDOWS\SET4.tmp
2009-12-04 06:20:18 ----RA---- C:\WINDOWS\SET3.tmp
2009-12-04 06:20:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-04 06:20:13 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-04 06:20:08 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-04 06:19:40 ----D---- C:\Documents and Settings
2009-12-04 06:19:39 ----SHD---- C:\System Volume Information
2009-12-04 06:18:49 ----SH---- C:\boot.ini
2009-12-04 06:13:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-04 06:13:45 ----RSD---- C:\WINDOWS\Fonts
2009-12-04 06:13:45 ----RD---- C:\WINDOWS\Web
2009-12-04 06:13:45 ----HD---- C:\WINDOWS\inf
2009-12-04 06:13:45 ----D---- C:\WINDOWS\WinSxS
2009-12-04 06:13:45 ----D---- C:\WINDOWS\twain_32
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Temp
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\wins
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\wbem
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\usmt
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\spool
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\Setup
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\ras
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\oobe
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\npp
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\mui
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\IME
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\icsxml
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\ias
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\export
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\drivers
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\dhcp
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\config
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\3076
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\2052
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1054
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1042
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1041
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1037
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1036
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1033
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1031
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1028
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32\1025
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system32
2009-12-04 06:13:45 ----D---- C:\WINDOWS\system
2009-12-04 06:13:45 ----D---- C:\WINDOWS\security
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Resources
2009-12-04 06:13:45 ----D---- C:\WINDOWS\repair
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Provisioning
2009-12-04 06:13:45 ----D---- C:\WINDOWS\PeerNet
2009-12-04 06:13:45 ----D---- C:\WINDOWS\pchealth
2009-12-04 06:13:45 ----D---- C:\WINDOWS\mui
2009-12-04 06:13:45 ----D---- C:\WINDOWS\msapps
2009-12-04 06:13:45 ----D---- C:\WINDOWS\msagent
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Media
2009-12-04 06:13:45 ----D---- C:\WINDOWS\java
2009-12-04 06:13:45 ----D---- C:\WINDOWS\ime
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Help
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Driver Cache
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Debug
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Cursors
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Connection Wizard
2009-12-04 06:13:45 ----D---- C:\WINDOWS\Config
2009-12-04 06:13:45 ----D---- C:\WINDOWS\AppPatch
2009-12-04 06:13:45 ----D---- C:\WINDOWS\addins
2009-12-04 06:13:45 ----D---- C:\WINDOWS
2009-12-03 22:40:18 ----D---- C:\WINDOWS\system32\Lang
2009-12-03 22:39:12 ----D---- C:\WINDOWS\system32\RTCOM
2009-12-03 22:39:11 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-03 22:39:08 ----A---- C:\WINDOWS\vncutil.exe
2009-12-03 22:39:08 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-12-03 22:39:07 ----A---- C:\WINDOWS\SkyTel.exe
2009-12-03 22:39:06 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-12-03 22:39:06 ----A---- C:\WINDOWS\RtlUpd.exe
2009-12-03 22:39:06 ----A---- C:\WINDOWS\RtkAudioService.exe
2009-12-03 22:39:04 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-12-03 22:38:58 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-12-03 22:38:57 ----A---- C:\WINDOWS\MicCal.exe
2009-12-03 22:38:53 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-12-03 22:38:52 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-12-03 22:38:51 ----D---- C:\Program Files\Realtek
2009-12-03 22:38:48 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-12-03 22:38:33 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-03 22:38:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-03 22:38:28 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-03 22:38:28 ----D---- C:\Program Files\AMD
2009-12-03 22:37:45 ----D---- C:\WINDOWS\nview
2009-12-03 22:37:45 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-03 22:37:29 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-12-03 22:36:12 ----N---- C:\WINDOWS\system32\nvuide.exe
2009-12-03 22:36:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-03 22:36:07 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-12-03 22:36:04 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-12-03 22:36:03 ----D---- C:\Documents and Settings\Alexandre\Application Data\InstallShield
2009-12-03 22:33:59 ----D---- C:\Documents and Settings\Alexandre\Application Data\Identities
2009-12-03 22:33:58 ----HD---- C:\Program Files\Uninstall Information
2009-12-03 22:33:50 ----SD---- C:\Documents and Settings\Alexandre\Application Data\Microsoft
2009-12-03 22:33:50 ----ASH---- C:\Documents and Settings\Alexandre\Application Data\desktop.ini
2009-12-03 22:33:03 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-03 22:33:02 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-03 22:33:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-03 22:31:05 ----D---- C:\WINDOWS\system32\xircom
2009-12-03 22:31:05 ----D---- C:\Program Files\xerox
2009-12-03 22:31:05 ----D---- C:\Program Files\microsoft frontpage
2009-12-03 22:30:53 ----A---- C:\WINDOWS\control.ini
2009-12-03 22:30:53 ----A---- C:\AUTOEXEC.BAT
2009-12-03 22:30:39 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-03 22:30:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-03 22:30:10 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-03 22:30:10 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-03 22:30:07 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-03 22:30:04 ----HD---- C:\Program Files\WindowsUpdate
2009-12-03 22:30:02 ----D---- C:\Program Files\Services en ligne
2009-12-03 22:29:50 ----D---- C:\WINDOWS\system32\DirectX
2009-12-03 22:29:31 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-03 22:29:29 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-03 22:29:29 ----A---- C:\WINDOWS\desktop.ini
2009-12-03 22:29:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-03 22:29:21 ----D---- C:\Program Files\Fichiers communs\Services
2009-12-03 22:29:21 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-03 22:29:18 ----SD---- C:\WINDOWS\Tasks
2009-12-03 22:29:18 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-03 22:29:17 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-12-03 22:29:13 ----D---- C:\WINDOWS\srchasst
2009-12-03 22:29:12 ----D---- C:\WINDOWS\system32\Macromed
2009-12-03 22:29:10 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-03 22:29:10 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-03 22:29:10 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-03 22:29:10 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-03 22:29:09 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-03 22:29:08 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-12-03 22:29:05 ----D---- C:\Program Files\Movie Maker
2009-12-03 22:29:01 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-03 22:29:01 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-03 22:29:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-03 22:29:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-03 22:28:58 ----D---- C:\WINDOWS\system32\Restore
2009-12-03 22:28:58 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-12-03 22:28:58 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-03 22:28:58 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-03 22:28:58 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-12-03 22:28:58 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-03 22:28:57 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-03 22:28:57 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-03 22:28:57 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-03 22:28:56 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-03 22:28:56 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-03 22:28:56 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-03 22:28:54 ----D---- C:\Program Files\NetMeeting
2009-12-03 22:28:54 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-03 22:28:54 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-03 22:28:53 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-03 22:28:52 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-03 22:28:50 ----D---- C:\Program Files\Outlook Express
2009-12-03 22:28:50 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-12-03 22:28:50 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-03 22:28:50 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-03 22:28:50 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-03 22:28:50 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-03 22:28:50 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-03 22:28:49 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-03 22:28:44 ----D---- C:\Program Files\Fichiers communs\System
2009-12-03 22:28:43 ----D---- C:\Program Files\Internet Explorer
2009-12-03 22:28:35 ----D---- C:\Program Files\ComPlus Applications
2009-12-03 22:28:33 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-03 22:28:33 ----A---- C:\WINDOWS\vb.ini
2009-12-03 22:28:30 ----D---- C:\WINDOWS\Registration
2009-12-03 22:28:12 ----D---- C:\Program Files\Windows Media Player
2009-12-03 22:28:12 ----D---- C:\Program Files\Online Services
2009-12-03 22:28:09 ----D---- C:\Program Files\Messenger
2009-12-03 22:28:06 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-03 22:28:06 ----A---- C:\WINDOWS\system32\write.exe
2009-12-03 22:27:58 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-03 22:27:58 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-03 22:27:58 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-03 22:27:58 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-03 22:27:58 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-03 22:27:57 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-03 22:27:51 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-03 22:27:50 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-03 22:27:50 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-03 22:27:50 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-03 22:27:50 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-03 22:27:49 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-03 22:27:48 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-03 22:27:47 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-03 22:27:47 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-03 22:27:47 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-03 22:27:47 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-03 22:27:47 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-03 22:27:47 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-03 22:27:46 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-03 22:27:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-03 22:27:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-03 22:27:31 ----D---- C:\Program Files\MSN
2009-12-03 22:27:30 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-03 22:27:30 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-03 22:27:29 ----D---- C:\Program Files\Windows NT
2009-12-03 22:27:29 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-03 22:27:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-03 22:27:28 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-03 22:27:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-03 22:27:28 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-03 22:27:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-03 22:27:27 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-03 22:27:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-03 22:27:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-03 22:27:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-03 22:27:25 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-03 22:27:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-03 22:27:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-03 22:27:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-03 22:27:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-03 22:27:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-03 22:27:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-03 22:27:22 ----D---- C:\WINDOWS\system32\Com
2009-12-03 22:27:22 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-03 22:27:22 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-03 22:27:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-03 22:27:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-03 22:27:22 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-03 22:27:21 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-03 22:27:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-03 22:27:20 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-03 22:27:15 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-03 22:27:15 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-03 22:27:15 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-03 22:27:15 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 2 months======

2009-12-13 11:30:01 ----A---- C:\WINDOWS\win.ini
2009-12-04 06:22:25 ----A---- C:\WINDOWS\system.ini
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----N---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----N---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 15:40:47 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-05 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-05 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-05 108552]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-09-26 25768]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2009-11-11 104512]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-11 4959232]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ser2pl;SAGEM USB-Serial; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2007-11-20 49792]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-12-05 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-12-05 297752]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------



concernant le second fichier, il ne l'a pas créé
Contenus similaires
14 Décembre 2009 08:23:53

et voici info.txt :


info.txt logfile of random's system information tool 1.06 2009-12-14 08:13:15

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD2one V2.3.1-->C:\Program Files\DVD2one V2\uninst.exe
EVEREST Ultimate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McDonald's Dragons-->C:\Program Files\McDonaldsDragons\uninstall.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly
SAGEM USB-Serial v2.0.2.8-->"C:\Program Files\SAGEM\USBSerial\Drivers\uninstall.exe" /ID=USBSerial_x86
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WellPhone XT-->MsiExec.exe /I{D2A42A0B-988D-47BF-A020-AFA2042BC757}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: ALEX
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 173
Source Name: Service Control Manager
Time Written: 20091205090720.000000+060
14 Décembre 2009 14:15:56

Bonjour Bidule60,

télécharge UsbFix (merci Chiquitine29) : Ici

# Connecte tous tes périphériques externes, sans les ouvrir

# Double-clique sur le raccourci présent sur ton Bureau

# Choisis l' option 1 (Recherche) et laisse-le travailler

# Poste le rapport (également sauvegardé à la racine du disque)

process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin des processus. Mis entre de mauvaises mains cet utilitaire pourrait arrêter des logiciels de sécurité (antivirus, firewall...), d' où l' alerte émise.

A+
14 Décembre 2009 20:18:57

re bonsoir, voici le rapport :


############################## | UsbFix V6.063 |

User : Alexandre (Administrateurs) # ALEX
Update on 14/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:14:24 | 14/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Processor model unknown
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 465,75 Go (438,6 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque amovible # 7,45 Go (7,45 Go free) [USB DISK] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 576
C:\WINDOWS\system32\csrss.exe 640
C:\WINDOWS\system32\winlogon.exe 664
C:\WINDOWS\system32\services.exe 712
C:\WINDOWS\system32\lsass.exe 724
C:\WINDOWS\system32\svchost.exe 884
C:\WINDOWS\system32\svchost.exe 956
C:\WINDOWS\System32\svchost.exe 1056
C:\WINDOWS\system32\svchost.exe 1124
C:\WINDOWS\system32\svchost.exe 1292
C:\WINDOWS\Explorer.EXE 1560
C:\WINDOWS\system32\spoolsv.exe 1684
C:\PROGRA~1\AVG\AVG8\avgtray.exe 2024
C:\WINDOWS\system32\ctfmon.exe 168
C:\WINDOWS\system32\svchost.exe 180
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 236
C:\WINDOWS\system32\nvsvc32.exe 292
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 1192
C:\PROGRA~1\AVG\AVG8\avgrsx.exe 1280
C:\PROGRA~1\AVG\AVG8\avgnsx.exe 1368
C:\PROGRA~1\AVG\AVG8\avgemc.exe 1460
C:\Program Files\AVG\AVG8\avgcsrvx.exe 2004
C:\WINDOWS\System32\alg.exe 2184
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 860
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2052
C:\WINDOWS\system32\wbem\wmiprvse.exe 2860
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdateBeta.exe 3600
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 6088
C:\Program Files\Windows Live\Contacts\wlcomm.exe 7340
C:\Program Files\Internet Explorer\iexplore.exe 6760
C:\Program Files\Internet Explorer\iexplore.exe 6548

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{c8b72175-e088-11de-962c-806d6172696f}
Shell\AutoRun\command =D:\Run.exe

################## | Cracks / Keygens / Serials |

"C:\Program Files\SAGEM\USBSerial\Drivers\uninstall.exe"
05/12/2009 16:26 |Size 336378 |Crc32 0a407e77 |Md5 eb0920e1edee1cc9acc2876e95a191df


################## | ! Fin du rapport # UsbFix V6.063 ! |

14 Décembre 2009 20:40:29

Bonsoir Bidule60,

# Connecte tous tes périphériques externes, sans les ouvrir

# Double-clique sur le raccourci présent sur ton Bureau

# Choisis l' option 2 (Suppression)

# Ton bureau va disparaître et le pc redémarrer

# Laisse-le travailler

# Poste le rapport

A+
15 Décembre 2009 08:22:59

voici le rapport, le cheval de troie semble avoir radié, merci encore


############################## | UsbFix V6.063 |

User : Alexandre (Administrateurs) # ALEX
Update on 14/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 08:11:11 | 15/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Processor model unknown
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 465,75 Go (438,72 Go free) # NTFS
D:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 572
C:\WINDOWS\system32\csrss.exe 636
C:\WINDOWS\system32\winlogon.exe 660
C:\WINDOWS\system32\services.exe 708
C:\WINDOWS\system32\lsass.exe 720
C:\WINDOWS\system32\svchost.exe 876
C:\WINDOWS\system32\svchost.exe 948
C:\WINDOWS\System32\svchost.exe 1048
C:\WINDOWS\system32\svchost.exe 1120
C:\WINDOWS\system32\logonui.exe 1224
C:\WINDOWS\system32\svchost.exe 1300
C:\WINDOWS\system32\spoolsv.exe 1616
C:\WINDOWS\Explorer.EXE 1668
C:\WINDOWS\system32\svchost.exe 536
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 560
C:\WINDOWS\system32\nvsvc32.exe 628
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 1284
C:\PROGRA~1\AVG\AVG8\avgemc.exe 1528
C:\WINDOWS\system32\wuauclt.exe 1568
C:\PROGRA~1\AVG\AVG8\avgrsx.exe 1576
C:\PROGRA~1\AVG\AVG8\avgnsx.exe 1700
C:\Program Files\AVG\AVG8\avgcsrvx.exe 292
C:\WINDOWS\system32\wbem\wmiprvse.exe 1880
C:\WINDOWS\System32\alg.exe 1944

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\Recycler\S-1-5-21-57989841-1202660629-839522115-1004

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{c8b72175-e088-11de-962c-806d6172696f}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[03/12/2009 22:30|--a------|0] C:\AUTOEXEC.BAT
[03/12/2009 22:26|---hs----|216] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[03/12/2009 22:30|--a------|0] C:\CONFIG.SYS
[03/12/2009 22:30|-rahs----|0] C:\IO.SYS
[03/12/2009 22:30|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[05/12/2009 17:04|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[15/12/2009 08:14|--a------|2425] C:\UsbFix.txt
[25/03/2007 11:22|--a------|488990] E:\transfuzzionne.swf

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"C:\Program Files\SAGEM\USBSerial\Drivers\uninstall.exe"
05/12/2009 16:26 |Size 336378 |Crc32 0a407e77 |Md5 eb0920e1edee1cc9acc2876e95a191df


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\ALEXAN~1\Bureau\UsbFix_Upload_Me_ALEX.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .
18 Décembre 2009 13:55:31

Re bonjour,
merci je n'ai plus le Generic15.CKWE mais le Generic16.JP
je dois être maudit

rien n'y fait :
ni RSIT
ni USBFIX

lorsque j'ouvre un lien je suis renvoyé sur une autre page.
cordialement
18 Décembre 2009 19:59:53

Bonsoir Bidule60,

fais la dernière manip' stp.

A+
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS