Se connecter / S'enregistrer
Votre question

[Résolu] Problème : Impossible d'accéder aux disques

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Mai 2009 16:15:46

Bonjour,

Je vous écris car depuis hier maintenant il m'est impossible de consulter par double clic mes disques durs. A chaque fois un message d'erreur apparait : "Impossible de trouver le fichier script "C:\Msdb87.vbs" ou D:\Msdb87.vbs" ou M\:Msdb87.vbs" ."
La première fois que ça m'est arrivé AVG à détecter un virus mais ça na rien arrangé au problème. Ad-Aware, Spybot et Malwarebyte's non rien trouvé et donc encore moins supprimé un ver ou virus.
Après quelques recherches, je suis tombé sur des forums avec des sujets un chouilla semblable à mon problème mais pour autant pas de solution(s).

Voila, aidez moi arranger ce problème s'il vous plait. Je suis très inquiet car j'ai mon disque dur externe qui lui aussi est touché et dessus j'ai des photos, musiques et cours que je ne veux surtout pas perdre lors d'un formatage et même si j'ai linux sur un autre disque dur je ne sais pas si le virus, ver ou je ne sais quoi ne va pas s'incruster si je fais un copie de sauvegarde sur le disque dur de linux (car même si linux ne sera pas touché, je ne sais pas si au moment de re-copie des fichiers sur le disque dur de windows, le virus, ver ne va pas se re-incruster).

A ceci mon ordinateur marche très bien. Mes logiciels, jeux fonctionnement parfaitement et je peux accéder à mes disques durs par "clic-droit", "ouvrir". Je suis persuadé que c'est un virus ou ver qui est à l'origine de mon problème car il est apparu depuis que j'ai utilisé une clef usb qui a servie sur un ordinateur lui même touché par ce même problème mais que j'ai formaté pour arranger le problème.

Merci de votre aide

Autres pages sur : resolu probleme impossible acceder disques

a c 267 8 Sécurité
1 Mai 2009 16:21:54

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    1 Mai 2009 16:26:36

    Dossier : log.txt


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Maison at 2009-05-01 16:24:25
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 25 GB (22%) free of 110 GB
    Total RAM: 2047 MB (59% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:25:21, on 01/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Documents and Settings\Maison\Bureau\RSIT.exe
    C:\Program Files\trend micro\Maison.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
    O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
    O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
    O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
    O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
    O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
    O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
    O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
    O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
    O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
    O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
    O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
    O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
    O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
    O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
    O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

    --
    End of file - 8431 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-25 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-25 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-25 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
    "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "MS-RAD2"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs []
    "MS-RADD"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs []
    "MS-RADE"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs []
    "MS-RAD7"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs []
    "MS-RAD6"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs []
    "MS-RAD5"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs []
    "MS-RAD4"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs []
    "MS-RADA"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs []
    "MS-RAD1"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs []
    "MS-RAD8"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs []
    "MS-RAD3"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs []
    "MS-RADC"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs []
    "MS-RADF"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs []
    "MS-RAD9"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs []
    "MS-RADB"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs []
    "MS-RAD0"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs []
    "CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    bthprops.cpl,,BluetoothAuthenticationAgent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD0]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad599.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD1]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad7CC.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD2]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radB9E.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD3]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad24D.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD4]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad871.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD5]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad9F8.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD6]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad0F0.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD7]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad80A.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD8]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad6BD.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD9]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radD83.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADA]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radE86.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADB]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad7\rad200.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADC]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad2DD.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADD]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad941.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADE]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad233.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADF]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radE76.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
    C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
    C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
    C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
    C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
    C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ose"=3
    "NBService"=3
    "iPod Service"=3
    "MDM"=2
    "ATI Smart"=2
    "a2free"=2
    "a2AntiDialer"=2
    "usnjsvc"=3
    "JavaQuickStarterService"=2
    "IDriverT"=3
    "gusvc"=2

    C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:D isabled:SplinterCell4"
    "D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
    "D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
    "D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
    "D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
    "D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*:D isabled:ActOfWar"
    "D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
    "D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:p eggle Extreme"
    "D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
    "D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}]
    shell\Auto\command - AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c10b0ce-5cd3-11dd-b3d8-806d6172696f}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdB87.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59681ea4-5ccc-11dd-9370-a45bc3650dbc}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdB87.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}]
    shell\AutoRun\command - O:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd0BE.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd980.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd4F7.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd61A.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdC4F.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd3BF.vbs


    ======List of files/folders created in the last 1 months======

    2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
    2009-05-01 16:24:25 ----D---- C:\rsit
    2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
    2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
    2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
    2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
    2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
    2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
    2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
    2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
    2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
    2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
    2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
    2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

    ======List of files/folders modified in the last 1 months======

    2009-05-01 16:24:31 ----RD---- C:\Program Files
    2009-05-01 16:24:23 ----D---- C:\WINDOWS\Prefetch
    2009-05-01 15:49:34 ----D---- C:\WINDOWS\Temp
    2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
    2009-05-01 15:32:51 ----D---- C:\Program Files\Mozilla Firefox
    2009-04-30 19:41:19 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
    2009-04-29 19:15:15 ----SHD---- C:\WINDOWS\Installer
    2009-04-29 16:18:52 ----D---- C:\Azureus
    2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-28 13:45:52 ----D---- C:\WINDOWS
    2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
    2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
    2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
    2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-04-27 15:23:20 ----D---- C:\WINDOWS\system32
    2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
    2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
    2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
    2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
    2009-04-26 19:52:18 ----D---- C:\Jeux
    2009-04-26 19:48:01 ----D---- C:\dossier de partages
    2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
    2009-04-25 19:32:52 ----D---- C:\Incomplete
    2009-04-25 19:32:45 ----D---- C:\Limewire
    2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
    2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
    2009-04-19 12:06:00 ----D---- C:\iTunes music
    2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
    2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
    2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
    2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
    2009-04-03 17:45:53 ----RSH---- C:\boot.ini
    2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
    R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
    R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
    R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
    R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
    R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
    S3 az0iqero;az0iqero; C:\WINDOWS\system32\drivers\az0iqero.sys []
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
    S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
    S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
    S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
    S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
    S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
    S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
    S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
    S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
    S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
    S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
    S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
    S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
    S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
    S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
    S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
    S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
    S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
    R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
    R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
    S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
    S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-25 152984]
    S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
    S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

    -----------------EOF-----------------
    Contenus similaires
    1 Mai 2009 16:27:23

    Dossier : into.txt

    info.txt logfile of random's system information tool 1.06 2009-05-01 16:25:27

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Ableton Live v7.0.1-->"C:\Program Files\Ableton\Live 7.0.1\Uninstall\unins000.exe"
    Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}\Ad-AwareAE.exe
    Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
    Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
    Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{230CCBE9-14B0-4008-97AF-30C10F99E42C}\setup.exe" -l0x40c
    a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
    a-squared HiJackFree 3.1-->"C:\Program Files\a-squared HiJackFree\unins000.exe"
    Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
    ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x040c -removeonly
    AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    BioShock-->C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\Setup.exe -runfromtemp -l0x040c -removeonly
    Black & White® 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x40c -removeonly
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    burnatonce-->"C:\Program Files\burnatonce\unins000.exe"
    Call of Duty(R) 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374}
    CanoScan Toolbox 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}\setup.exe" -l0x40c anything
    Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
    Collection Microsoft Encarta 2005-->MsiExec.exe /I{054600C0-64A6-4248-A026-9745C1E9E159}
    Command & Conquer 3 Tiberium Wars™ Demo-->MsiExec.exe /I{39F7653F-3E82-4FED-9EE5-6B9253EA57E3}
    Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
    Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
    DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
    Earth 2160-->D:\Jeux\EARTH2~1\Uninstall_Earth2160.exe /U D:\Jeux\EARTH2~1\install.log
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    Fable - The Lost Chapters-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
    FEAR-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x40c /zU -removeonly
    FileAlyzer-->"C:\Program Files\Safer Networking\FileAlyzer\unins000.exe"
    FW LiveUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11F5D779-7BD9-465A-BBC4-10701386BCB9}\setup.exe" -l0x9 -removeonly
    Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
    GPGNet-->MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
    Half-Life 2: Episode One-->"C:\Program Files\Steam\steam.exe" steam://uninstall/380
    Half-Life 2: Episode Two-->"C:\Program Files\Steam\steam.exe" steam://uninstall/420
    Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
    Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220
    Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20071984-5EB1-4881-8EDB-082532ACEC6D}\setup.exe" -l0x40c
    Heroes of Might and Magic® III The Shadow of Death(TM)-->C:\WINDOWS\IsUn040c.exe -f"d:\jeux\Hereos III\Uninst.isu" -c"d:\jeux\Hereos III\uninst.dll
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Homeworld2-->D:\Jeux\Homeworld2\uninstall.exe
    iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Jurassic Park Operation Genesis-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
    L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall
    LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Age of Empires II-->"D:\Jeux\Age of Empire II\UNINSTAL.EXE" /runtemp /uninstall
    Microsoft Halo-->"C:\Jeux\Halo\UNINSTAL.EXE" /runtemp /addremove
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    MobileMe Control Panel-->MsiExec.exe /I{A14C24F6-615B-415E-84B0-610FDAD19B68}
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    Native Instruments Massive v1.0.1.008 VSTi DXi RTAS-->C:\PROGRA~1\NATIVE~1\Massive\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Massive\INSTALL.LOG
    Need for Speed Underground 2-->D:\Jeux\NFS underground 2\EAUninstall.exe
    Need for Speed™ Carbon-->D:\Jeux\NFS Carbon\EAUninstall.exe
    Need for Speed™ Most Wanted-->D:\Jeux\NFS Most Wanted\EAUninstall.exe
    Nero 7 Essentials-->MsiExec.exe /I{F87DA817-8D53-42CC-AA45-93A100341036}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
    OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    Peggle Extreme-->"C:\Program Files\Steam\steam.exe" steam://uninstall/3483
    PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
    Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400
    Prince of Persia T2T-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x40c -removeonly
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    Rayman Raving Rabbids-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{111E336D-30BF-4CD4-8D69-4541732AFB27}\setup.exe" -l0x40c -removeonly
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    RegAlyzer (OpenSBI Edition)-->"C:\Program Files\Safer Networking\RegAlyzer\unins000.exe"
    Richard Burns Rally-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92C7D009-A464-4948-A980-7A3E28CB2F49}\setup.exe" -l0x40c
    Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    SimCity 3000-->C:\WINDOWS\IsUn040c.exe -f"d:\jeux\SimCity 3000\Uninst.isu"
    Sonic and Knuckles-->D:\Jeux\Sonic\Sonic and Knuckles\Uninstal.exe
    Sonic the Hedgehog 3-->D:\Jeux\Sonic\Sonic the Hedgehog 3\Uninstal.exe
    Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
    Sony Ericsson Drivers-->MsiExec.exe /I{5CC68528-24FF-4DF8-91C9-AF540F98505A}
    Sony Ericsson PC Suite 4.006.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x040c -removeonly
    Sony Ericsson PC Suite-->MsiExec.exe /I{B192E1BB-98A4-4369-9271-96117A57F546}
    SoulSeek 157 NS 13c-->"C:\Program Files\SoulseekNS\uninstall.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x40c
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Sunbelt Personal Firewall-->MsiExec.exe /X{F61A549E-9C8A-4859-8BFE-2A4A018BBA4A}
    Supreme Commander-->C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x040c -removeonly
    VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    WellPhone DirectSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEC7E01-B73C-451D-A366-96978AFD233B}\setup.exe" UNINSTALL
    WellPhone-->"C:\Program Files\SmartCom\WellPhone\UnInst32.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
    xp-AntiSpy 3.96-2-->C:\Program Files\xp-AntiSpy\Uninstall.exe

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AVG Anti-Virus Free
    FW: Sunbelt Personal Firewall

    ======System event log======

    Computer Name: NOUS
    Event Code: 10005
    Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments ""
    pour démarrer le serveur :
    {0C0A3666-30C9-11D0-8F20-00805F2CD064}

    Record Number: 169
    Source Name: DCOM
    Time Written: 20090331212923.000000+120
    Event Type: erreur
    User: NOUS\Maison

    Computer Name: NOUS
    Event Code: 10005
    Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM avec les arguments ""
    pour démarrer le serveur :
    {0C0A3666-30C9-11D0-8F20-00805F2CD064}

    Record Number: 168
    Source Name: DCOM
    Time Written: 20090331204125.000000+120
    Event Type: erreur
    User: NOUS\Maison

    Computer Name: NOUS
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

    Record Number: 167
    Source Name: Service Control Manager
    Time Written: 20090331203950.000000+120
    Event Type: Informations
    User:

    Computer Name: NOUS
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 166
    Source Name: Service Control Manager
    Time Written: 20090331203944.000000+120
    Event Type: Informations
    User:

    Computer Name: NOUS
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 165
    Source Name: Service Control Manager
    Time Written: 20090331203944.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: NOUS
    Event Code: 1100
    Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


    Record Number: 774
    Source Name: .NET Runtime Optimization Service
    Time Written: 20080910224020.000000+120
    Event Type: Informations
    User:

    Computer Name: NOUS
    Event Code: 1102
    Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


    Record Number: 773
    Source Name: .NET Runtime Optimization Service
    Time Written: 20080910224020.000000+120
    Event Type:
    User:

    Computer Name: NOUS
    Event Code: 1100
    Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Deployment, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


    Record Number: 772
    Source Name: .NET Runtime Optimization Service
    Time Written: 20080910224018.000000+120
    Event Type: Informations
    User:

    Computer Name: NOUS
    Event Code: 1102
    Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


    Record Number: 771
    Source Name: .NET Runtime Optimization Service
    Time Written: 20080910224018.000000+120
    Event Type:
    User:

    Computer Name: NOUS
    Event Code: 1100
    Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


    Record Number: 770
    Source Name: .NET Runtime Optimization Service
    Time Written: 20080910224017.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Adobe\AGL
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
    "PROCESSOR_REVISION"=4303
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 267 8 Sécurité
    1 Mai 2009 16:32:39

  • Télécharge UsbFix (de C_XX & Chiquitine29) sur ton Bureau.
  • Lance l'installation avec les paramètres par défaut.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix sur ton Bureau.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    1 Mai 2009 16:41:46

    rapport UsbFix.txt :


    ############################## [ UsbFix V3.015 # Scan ]

    # User : Maison (Administrateurs) # NOUS
    # Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 16:39:14 | 01/05/2009

    # AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled
    # AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
    # FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T

    # C:\ # Disque fixe local # 107,42 Go (24,13 Go free) # NTFS
    # D:\ # Disque fixe local # 125,45 Go (35,99 Go free) [Disque local] # NTFS
    # E:\ # Disque CD-ROM
    # G:\ # Disque amovible
    # H:\ # Disque amovible
    # I:\ # Disque CD-ROM
    # J:\ # Disque CD-ROM
    # K:\ # Disque CD-ROM
    # L:\ # Disque amovible
    # M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
    # N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
    # Z:\ # Disque amovible

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## [ Registre # Startup ]

    HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    HKLM_logon: "DefaultUserName"="Maison"
    HKLM_logon: "AltDefaultUserName"="Maison"
    HKLM_logon: "LegalNoticeCaption"=""
    HKLM_logon: "LegalNoticeText"=""
    HKLM_Run: RTHDCPL=RTHDCPL.EXE
    HKLM_Run: Alcmtr=ALCMTR.EXE
    HKLM_Run: EPSON Stylus Photo R240 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
    HKLM_Run: AppleSyncNotifier=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
    HKLM_Run: Ad-Watch=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
    HKLM_Run: MS-RAD2=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
    HKLM_Run: MS-RADD=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
    HKLM_Run: MS-RADE=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
    HKLM_Run: MS-RAD7=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
    HKLM_Run: MS-RAD6=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
    HKLM_Run: MS-RAD5=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
    HKLM_Run: MS-RAD4=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
    HKLM_Run: MS-RADA=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
    HKLM_Run: MS-RAD1=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
    HKLM_Run: MS-RAD8=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
    HKLM_Run: MS-RAD3=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
    HKLM_Run: MS-RADC=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
    HKLM_Run: MS-RADF=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
    HKLM_Run: MS-RAD9=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
    HKLM_Run: MS-RADB=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
    HKLM_Run: MS-RAD0=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
    HKLM_Run: CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
    HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe

    ################## [ Informations ]


    ################## [ Fichiers # Dossiers infectieux ]

    Found ! C:\autorun.inf
    Found ! D:\autorun.inf
    Found ! M:\autorun.inf

    ################## [ Registre # Clés Run infectieuses ]


    ################## [ Registre # Mountpoints2 ]

    HKCU\Software\Microsoft\....\MountPoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}\Shell\Auto\command
    HKCU\Software\Microsoft\....\MountPoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{4c10b0ce-5cd3-11dd-b3d8-806d6172696f}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{59681ea4-5ccc-11dd-9370-a45bc3650dbc}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}\Shell\AutoRun\command

    ################## [ ! Fin du rapport # UsbFix V3.015 ! ]

    a c 267 8 Sécurité
    1 Mai 2009 16:52:30

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau .

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    1 Mai 2009 17:02:30


    ############################## [ UsbFix V3.015 # Cleaning ]

    # User : Maison (Administrateurs) # NOUS
    # Update on 30/04/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 16:58:38 | 01/05/2009

    # AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled
    # AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
    # FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T

    # C:\ # Disque fixe local # 107,42 Go (24,13 Go free) # NTFS
    # D:\ # Disque fixe local # 125,45 Go (35,99 Go free) [Disque local] # NTFS
    # E:\ # Disque CD-ROM
    # G:\ # Disque amovible
    # H:\ # Disque amovible
    # I:\ # Disque CD-ROM
    # J:\ # Disque CD-ROM
    # K:\ # Disque CD-ROM
    # L:\ # Disque amovible
    # M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
    # N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
    # Z:\ # Disque amovible

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## [ Fichiers # Dossiers infectieux ]

    Deleted ! C:\autorun.inf
    Deleted ! D:\autorun.inf
    Deleted ! M:\autorun.inf

    ################## [ Registre # Clés Run infectieuses ]


    ################## [ Registre # Mountpoints2 ]

    # -> Not Found !

    ################## [ Listing des fichiers présent ]

    [01/05/2009 16:57|--a------|47061] - C:\aaw7boot.log
    [12/02/2009 17:15|--a------|0] - C:\AILog.txt
    [28/07/2008 19:11|--a------|0] - C:\AUTOEXEC.BAT
    [03/04/2009 17:45|-r-hs----|224] - C:\boot.ini
    [28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
    [28/07/2008 19:11|--a------|0] - C:\CONFIG.SYS
    [28/07/2008 19:11|-rahs----|0] - C:\IO.SYS
    [28/07/2008 19:11|-rahs----|0] - C:\MSDOS.SYS
    [03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
    [03/08/2004 22:59|-rahs----|251712] - C:\ntldr
    [?|?|?] - C:\pagefile.sys
    [30/04/2009 19:36|--a------|251] - C:\rapport_clean.txt
    [30/04/2009 19:36|--a------|98] - C:\resultat_clean.txt
    [30/04/2009 19:36|--a------|7540460] - C:\upload_moi_NOUS.tar.gz
    [01/05/2009 17:01|--a------|3302] - C:\UsbFix.txt
    [22/04/2009 23:51|--a------|15260] - M:\58a.jpg
    [29/03/2009 22:46|--a------|1039415] - M:\734848.pdf
    [19/04/2009 20:35|--a------|219568] - M:\carnavaldeveniseenorlj5.jpg
    [22/04/2009 23:33|--a------|1139974] - M:\homme-de-dos.jpg
    [13/04/2009 20:42|--a------|25088] - M:\Les 4 ‚tapes d.doc
    [30/03/2009 12:53|--a------|46034] - M:\Lettre pr‚sident.pdf
    [30/03/2009 00:17|--a------|21292] - M:\n1330067033_239634_1658.jpg
    [30/03/2009 12:56|--a------|16224] - M:\PY0006Y_chap_5_corriges_exos_1-2-3-7.pdf
    [30/03/2009 12:56|--a------|39427] - M:\PY0006Y_chap_5_variables_ordinales.pdf

    ################## [ Vaccination ]

    # C:\autorun.inf -> Folder created by UsbFix.
    # D:\autorun.inf -> Folder created by UsbFix.
    # M:\autorun.inf -> Folder created by UsbFix.

    ################## [ Cracks / Keygens / Serials ]

    C:\Documents and Settings\Maison\Bureau\mirror_s_edge_patch_v1.01_multi-langues_273164.exe

    ################## [ ! Fin du rapport # UsbFix V3.015 ! ]

    1 Mai 2009 17:04:29

    Le problème me semble arrangé vu que j'arrive a accéder à mes disques. Vraiment un énorme merci =)
    Ya t'il encore quelque chose à faire?
    Pouvez vous m'expliquer ce qu'est ce virus ou spy ou ...?
    a c 267 8 Sécurité
    1 Mai 2009 17:09:30

    1/

  • Désinstalle les programmes suivants :
    - Java 6 Update 11
    - Java 6 Update 7
    - UsbFix

  • Mets à jour Java.

  • Mets à jour Internet Explorer.


    2/

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    1 Mai 2009 17:17:06

    Je n'utilise pas internet explorer mais mozilla (qui est à jour) donc je ne pense pas qu'il soit nécessaire de le mettre à jour. Ensuite spybot semble avoir vacciné les appli de mozilla et IE. Sinon j'ai bien supprimé Java 6 upd 11 & upd 7 et je viens de le mettre à jour.

    Résultat du scanne :

    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 2063
    Windows 5.1.2600 Service Pack 2

    01/05/2009 17:15:38
    mbam-log-2009-05-01 (17-15-38).txt

    Type de recherche: Examen rapide
    Eléments examinés: 83067
    Temps écoulé: 3 minute(s), 32 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 267 8 Sécurité
    1 Mai 2009 17:27:42

    Citation :
    il soit nécessaire de le mettre à jour

    ---> Je pense que si.

  • Refais un scan RSIT et poste le rapport log.
    1 Mai 2009 17:38:20

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Maison at 2009-05-01 19:37:06
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 25 GB (23%) free of 110 GB
    Total RAM: 2047 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:37:25, on 01/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\RSIT.exe
    C:\Program Files\trend micro\Maison.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [MS-RAD2] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs
    O4 - HKLM\..\Run: [MS-RADD] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs
    O4 - HKLM\..\Run: [MS-RADE] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs
    O4 - HKLM\..\Run: [MS-RAD7] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs
    O4 - HKLM\..\Run: [MS-RAD6] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs
    O4 - HKLM\..\Run: [MS-RAD5] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs
    O4 - HKLM\..\Run: [MS-RAD4] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs
    O4 - HKLM\..\Run: [MS-RADA] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs
    O4 - HKLM\..\Run: [MS-RAD1] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs
    O4 - HKLM\..\Run: [MS-RAD8] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs
    O4 - HKLM\..\Run: [MS-RAD3] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs
    O4 - HKLM\..\Run: [MS-RADC] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs
    O4 - HKLM\..\Run: [MS-RADF] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs
    O4 - HKLM\..\Run: [MS-RAD9] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs
    O4 - HKLM\..\Run: [MS-RADB] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs
    O4 - HKLM\..\Run: [MS-RAD0] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

    --
    End of file - 8061 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
    "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "MS-RAD2"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad771.vbs []
    "MS-RADD"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad5\rad486.vbs []
    "MS-RADE"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad861.vbs []
    "MS-RAD7"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad338.vbs []
    "MS-RAD6"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad8\rad39D.vbs []
    "MS-RAD5"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad535.vbs []
    "MS-RAD4"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad910.vbs []
    "MS-RADA"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\radB7C.vbs []
    "MS-RAD1"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radB30.vbs []
    "MS-RAD8"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radAA9.vbs []
    "MS-RAD3"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad6\radE0B.vbs []
    "MS-RADC"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radD0A.vbs []
    "MS-RADF"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radACD.vbs []
    "MS-RAD9"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radd\rad051.vbs []
    "MS-RADB"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\rad2F4.vbs []
    "MS-RAD0"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad157.vbs []
    "CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    bthprops.cpl,,BluetoothAuthenticationAgent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD0]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad599.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD1]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad1\rad7CC.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD2]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad0\radB9E.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD3]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rada\rad24D.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD4]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\rad871.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD5]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad9F8.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD6]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\rad0F0.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD7]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad80A.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD8]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad6BD.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RAD9]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad3\radD83.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADA]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad4\radE86.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADB]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad7\rad200.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADC]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad2DD.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADD]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rad9\rad941.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADE]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\rade\rad233.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS-RADF]
    C:\Program Files\Internet Explorer\Connection Wizard\icwconn1\radf\radE76.vbs []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
    C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
    C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
    C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
    C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
    C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ose"=3
    "NBService"=3
    "iPod Service"=3
    "MDM"=2
    "ATI Smart"=2
    "a2free"=2
    "a2AntiDialer"=2
    "usnjsvc"=3
    "JavaQuickStarterService"=2
    "IDriverT"=3
    "gusvc"=2

    C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoFind"=
    "NoFolderOptions"=
    "NoRun"=
    "NoDrives"=0
    "NoViewContextMenu"=0
    "NoWinKeys"=0
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoLogOff"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:D isabled:SplinterCell4"
    "D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
    "D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
    "D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
    "D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
    "D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*:D isabled:ActOfWar"
    "D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
    "D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:p eggle Extreme"
    "D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
    "D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{077af32b-7f4f-11dd-aae3-001d9284e3f0}]
    shell\Auto\command - AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bae2520-fdf9-11dd-ac33-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e0cc68c-070d-11de-baf7-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd826.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebd-9b70-11dd-ab3b-001d9284e3f0}]
    shell\AutoRun\command - O:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e4f3ebe-9b70-11dd-ab3b-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd0BE.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{717ce769-9480-11dd-ab25-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd980.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86f7ed9c-df29-11dd-abdb-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd4F7.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca24730-2cc9-11de-b54b-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd61A.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5411f8c-d9d7-11dd-abcb-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSdC4F.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1874b82-a514-11dd-ab52-001d9284e3f0}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MSd3BF.vbs


    ======List of files/folders created in the last 1 months======

    2009-05-01 17:01:53 ----RASHD---- C:\autorun.inf
    2009-05-01 16:37:50 ----D---- C:\UsbFix
    2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
    2009-05-01 16:24:25 ----D---- C:\rsit
    2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
    2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
    2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
    2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
    2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
    2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
    2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
    2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
    2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
    2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
    2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
    2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

    ======List of files/folders modified in the last 1 months======

    2009-05-01 19:37:15 ----D---- C:\WINDOWS\Prefetch
    2009-05-01 19:35:37 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-01 19:34:39 ----D---- C:\WINDOWS\Temp
    2009-05-01 17:26:23 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-01 17:16:21 ----SHD---- C:\WINDOWS\Installer
    2009-05-01 17:16:17 ----D---- C:\Program Files\Java
    2009-05-01 17:16:16 ----D---- C:\Program Files\Fichiers communs
    2009-05-01 17:16:08 ----D---- C:\WINDOWS\system32
    2009-05-01 16:24:31 ----RD---- C:\Program Files
    2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
    2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
    2009-04-29 16:18:52 ----D---- C:\Azureus
    2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-28 13:45:52 ----D---- C:\WINDOWS
    2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
    2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
    2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
    2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-04-27 14:23:58 ----A---- C:\WINDOWS\system32\lsdelete.exe
    2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
    2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
    2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
    2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
    2009-04-26 19:52:18 ----D---- C:\Jeux
    2009-04-26 19:48:01 ----D---- C:\dossier de partages
    2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
    2009-04-25 19:32:52 ----D---- C:\Incomplete
    2009-04-25 19:32:45 ----D---- C:\Limewire
    2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
    2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
    2009-04-19 12:06:00 ----D---- C:\iTunes music
    2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
    2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
    2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
    2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
    2009-04-03 17:45:53 ----RSH---- C:\boot.ini
    2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
    R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
    R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
    R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
    R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 aevt6pi1;aevt6pi1; C:\WINDOWS\system32\drivers\aevt6pi1.sys []
    S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
    S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
    S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
    S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
    S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
    S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
    S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
    S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
    S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
    S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
    S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
    S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
    S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
    S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
    S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
    S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
    S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
    S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
    R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
    R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
    S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
    S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
    S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

    -----------------EOF-----------------
    1 Mai 2009 17:42:08

    Ok je mettrai IE à jour, ça le dépoussièrera ^^
    a c 267 8 Sécurité
    1 Mai 2009 18:05:11

    Je te donne des nouvelles bientôt.
    1 Mai 2009 20:39:59

    J'ai joint le rapport. Usnfix à découvert la petite mrd sur mon MP3 mais c'est nettoyé cependant je viens de découvrir avec une folle joie :pt1cable:  que l'ordi portable de la maison et maintenant touché. Je vais utiliser les mêmes procédure que vous m'avez donné

    ############################## [ UsbFix V3.016 # Cleaning ]

    # User : Maison (Administrateurs) # NOUS
    # Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 20:32:53 | 01/05/2009

    # AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled
    # AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
    # FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T

    # C:\ # Disque fixe local # 107,42 Go (24,48 Go free) # NTFS
    # D:\ # Disque fixe local # 125,45 Go (36,33 Go free) [Disque local] # NTFS
    # E:\ # Disque CD-ROM
    # F:\ # Disque amovible # 896,29 Mo (6,38 Mo free) [O'CONNELL] # FAT32
    # G:\ # Disque amovible
    # H:\ # Disque amovible
    # I:\ # Disque CD-ROM
    # J:\ # Disque CD-ROM
    # K:\ # Disque CD-ROM
    # L:\ # Disque amovible
    # M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
    # N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
    # Z:\ # Disque amovible

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## [ Fichiers # Dossiers infectieux ]

    Deleted ! F:\MSd61A.vbs
    Deleted ! F:\autorun.inf

    ################## [ Registre # Clés Run infectieuses ]


    ################## [ Registre # Mountpoints2 ]

    # -> Not Found !

    ################## [ Listing des fichiers présent ]

    [01/05/2009 20:32|--a------|48181] - C:\aaw7boot.log
    [12/02/2009 17:15|--a------|0] - C:\AILog.txt
    [28/07/2008 19:11|--a------|0] - C:\AUTOEXEC.BAT
    [03/04/2009 17:45|-r-hs----|224] - C:\boot.ini
    [28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
    [28/07/2008 19:11|--a------|0] - C:\CONFIG.SYS
    [28/07/2008 19:11|-rahs----|0] - C:\IO.SYS
    [28/07/2008 19:11|-rahs----|0] - C:\MSDOS.SYS
    [03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
    [03/08/2004 22:59|-rahs----|251712] - C:\ntldr
    [?|?|?] - C:\pagefile.sys
    [30/04/2009 19:36|--a------|251] - C:\rapport_clean.txt
    [30/04/2009 19:36|--a------|98] - C:\resultat_clean.txt
    [30/04/2009 19:36|--a------|7540460] - C:\upload_moi_NOUS.tar.gz
    [01/05/2009 20:36|--a------|3343] - C:\UsbFix.txt
    [16/04/2009 09:07|--a------|1618] - F:\BOOTEX.LOG
    [22/04/2009 23:51|--a------|15260] - M:\58a.jpg
    [29/03/2009 22:46|--a------|1039415] - M:\734848.pdf
    [19/04/2009 20:35|--a------|219568] - M:\carnavaldeveniseenorlj5.jpg
    [22/04/2009 23:33|--a------|1139974] - M:\homme-de-dos.jpg
    [13/04/2009 20:42|--a------|25088] - M:\Les 4 ‚tapes d.doc
    [30/03/2009 12:53|--a------|46034] - M:\Lettre pr‚sident.pdf
    [30/03/2009 00:17|--a------|21292] - M:\n1330067033_239634_1658.jpg
    [30/03/2009 12:56|--a------|16224] - M:\PY0006Y_chap_5_corriges_exos_1-2-3-7.pdf
    [30/03/2009 12:56|--a------|39427] - M:\PY0006Y_chap_5_variables_ordinales.pdf

    ################## [ Vaccination ]

    # C:\autorun.inf -> Folder created by UsbFix.
    # D:\autorun.inf -> Folder created by UsbFix.
    # F:\autorun.inf -> Folder created by UsbFix.
    # M:\autorun.inf -> Folder created by UsbFix.

    ################## [ Cracks / Keygens / Serials ]

    # -> Nothing found !

    ################## [ ! Fin du rapport # UsbFix V3.016 ! ]

    a c 267 8 Sécurité
    1 Mai 2009 20:48:07

    Ce rapport vient du PC qu'on désinfectait ?
    1 Mai 2009 21:16:23

    Tout les périphériques de la maison qui ont touché l'ordinateur, que l'on ne désinfectait pas, sont infectés, c'est hallucinant. Je suis en train de nettoyer tout les périphériques et le PC "non désinfecté" en ce moment avec UsbFix. Cependant en lisant le rapport de l'ordinateur "non désinfecté" du scanner de UsbFix je crois que ce dernier et à l'origine du problème car là UsbFix a trouvé des fichiers registre infecté contrairement à l'ordinateur que l'on désinfectait.
    Je vous glisse le rapport de l'ordinateur infecté dés que je peux
    1 Mai 2009 21:24:00

    Voici le tout dernier rapport de l'ordinateur que l'on ne désinfectait pas. C'est dommage il n'y apparait pas les fichiers registre qui étaient touché au précédent scanner. Je pense mettre débarrassé de cette chose. Si il y a d'autre chose à savoir ou des conseils à propos de ce trucvirus spy je suis prenneur =)

    ############################## [ UsbFix V3.016 # Cleaning ]

    # User : Maison (Administrateurs) # VOUS
    # Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 21:11:41 | 01/05/2009

    # Mobile AMD Sempron(tm) Processor 3500+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled
    # AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
    # FW : Sunbelt Personal Firewall[ Enabled ]4.6.1861 T

    # C:\ # Disque fixe local # 74,52 Go (53,26 Go free) # NTFS
    # D:\ # Disque CD-ROM
    # E:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
    # F:\ # Disque amovible # 7,42 Go (3,84 Go free) [CATHERINE] # FAT32
    # G:\ # Disque amovible # 927,77 Mo (655,73 Mo free) [WALKMAN] # FAT32

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe

    ################## [ Fichiers # Dossiers infectieux ]

    Deleted ! G:\MSd???.vbs
    Deleted ! G:\autorun.inf

    ################## [ Registre # Clés Run infectieuses ]


    ################## [ Registre # Mountpoints2 ]

    # -> Not Found !

    ################## [ Listing des fichiers présent ]

    [11/04/2009 21:20|--a------|0] - C:\AUTOEXEC.BAT
    [11/04/2009 23:23|-r-hs----|212] - C:\boot.ini
    [28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin
    [11/04/2009 21:20|--a------|0] - C:\CONFIG.SYS
    [11/04/2009 21:20|-rahs----|0] - C:\IO.SYS
    [11/04/2009 21:20|-rahs----|0] - C:\MSDOS.SYS
    [03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
    [03/08/2004 22:59|-rahs----|251712] - C:\ntldr
    [?|?|?] - C:\pagefile.sys
    [11/04/2009 23:23|--ah-----|268] - C:\sqmdata00.sqm
    [20/04/2009 13:31|--ah-----|268] - C:\sqmdata01.sqm
    [21/04/2009 22:56|--ah-----|268] - C:\sqmdata02.sqm
    [23/04/2009 19:47|--ah-----|268] - C:\sqmdata03.sqm
    [23/04/2009 19:51|--ah-----|268] - C:\sqmdata04.sqm
    [23/04/2009 19:53|--ah-----|268] - C:\sqmdata05.sqm
    [23/04/2009 23:13|--ah-----|268] - C:\sqmdata06.sqm
    [24/04/2009 19:25|--ah-----|268] - C:\sqmdata07.sqm
    [11/04/2009 23:23|--ah-----|244] - C:\sqmnoopt00.sqm
    [20/04/2009 13:31|--ah-----|244] - C:\sqmnoopt01.sqm
    [21/04/2009 22:56|--ah-----|244] - C:\sqmnoopt02.sqm
    [23/04/2009 19:47|--ah-----|244] - C:\sqmnoopt03.sqm
    [23/04/2009 19:51|--ah-----|244] - C:\sqmnoopt04.sqm
    [23/04/2009 19:53|--ah-----|244] - C:\sqmnoopt05.sqm
    [23/04/2009 23:13|--ah-----|244] - C:\sqmnoopt06.sqm
    [24/04/2009 19:25|--ah-----|244] - C:\sqmnoopt07.sqm
    [01/05/2009 21:17|--a------|3613] - C:\UsbFix.txt
    [01/05/2009 20:17|--a------|702837] - E:\UsbFix.exe
    [17/10/2063 23:15|---------|0] - F:\.metadata_never_index
    [16/03/2008 20:39|--ah-----|4194304] - G:\STDBSTR.DAT
    [16/03/2008 20:39|--ah-----|40] - G:\STDBSTR.IDX
    [16/03/2008 20:39|--ah-----|1900544] - G:\STDBDATA.DAT
    [16/03/2008 20:39|--ah-----|4] - G:\STDBDATA.IDX
    [16/03/2008 20:39|--ah-----|560512] - G:\RAMLIST.DAT
    [16/03/2008 20:39|--ah-----|40040] - G:\playqueue.dat
    [16/03/2008 20:39|--ah-----|927] - G:\SETSTOR.DAT
    [20/03/2008 10:19|---hs----|1052672] - G:\STSTORE.HDS
    [20/03/2008 10:19|---hs----|1052672] - G:\SSTORE.HDS

    ################## [ Vaccination ]

    # C:\autorun.inf -> Folder created by UsbFix.
    # E:\autorun.inf -> Folder created by UsbFix.
    # F:\autorun.inf -> Folder created by UsbFix.
    # G:\autorun.inf -> Folder created by UsbFix.

    ################## [ Cracks / Keygens / Serials ]

    # -> Nothing found !

    ################## [ ! Fin du rapport # UsbFix V3.016 ! ]

    a c 267 8 Sécurité
    1 Mai 2009 21:35:21

    Bien, désinstalle UsbFix.

  • Refais un scan RSIT et poste le rapport log.
    1 Mai 2009 21:38:29

    Ceci est le tout dernier rapport UsbFix de l'ordinateur que l'on désinfectait. Il confirme bien que tout est bon =) Merci de l'aide!

    Je vais m'atteler maintenant à l'autre PC qui normalement vient d'être décontaminé

    ############################## [ UsbFix V3.016 # Scan ]

    # User : Maison (Administrateurs) # NOUS
    # Update on 01/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 21:25:07 | 01/05/2009

    # AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled
    # AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]
    # FW : Sunbelt Personal Firewall[ Enabled ]4.6.1845 T

    # C:\ # Disque fixe local # 107,42 Go (24,5 Go free) # NTFS
    # D:\ # Disque fixe local # 125,45 Go (36,33 Go free) [Disque local] # NTFS
    # E:\ # Disque CD-ROM
    # F:\ # Disque amovible # 896,29 Mo (6,39 Mo free) [O'CONNELL] # FAT32
    # G:\ # Disque amovible
    # H:\ # Disque amovible
    # I:\ # Disque CD-ROM
    # J:\ # Disque CD-ROM
    # K:\ # Disque CD-ROM
    # L:\ # Disque amovible
    # M:\ # Disque fixe local # 232,88 Go (34,79 Go free) [DATA] # NTFS
    # N:\ # Disque amovible # 3,74 Go (3,74 Go free) # FAT32
    # Z:\ # Disque amovible

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## [ Registre # Startup ]

    HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    HKCU_Main: "Window Title"=""
    HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    HKLM_logon: "DefaultUserName"=""
    HKLM_logon: "AltDefaultUserName"="Maison"
    HKLM_logon: "LegalNoticeCaption"=""
    HKLM_logon: "LegalNoticeText"=""
    HKLM_Run: RTHDCPL=RTHDCPL.EXE
    HKLM_Run: Alcmtr=ALCMTR.EXE
    HKLM_Run: EPSON Stylus Photo R240 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
    HKLM_Run: AppleSyncNotifier=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
    HKLM_Run: Ad-Watch=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
    HKLM_Run: CloneCDTray="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
    HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe

    ################## [ Informations ]

    # C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # M:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # N:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

    ################## [ Fichiers # Dossiers infectieux ]


    ################## [ Registre # Clés Run infectieuses ]


    ################## [ Registre # Mountpoints2 ]

    # -> Not Found !

    ################## [ ! Fin du rapport # UsbFix V3.016 ! ]

    a c 267 8 Sécurité
    1 Mai 2009 21:44:08

    Pour finir le PC qu'on désinfectait :


    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    1 Mai 2009 21:44:27

    Rapport de l'ordinateur désinfecté


    Je poste celui de l'ordinateur "non désinfecté" dans quelques minutes

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Maison at 2009-05-01 21:41:18
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 25 GB (23%) free of 110 GB
    Total RAM: 2047 MB (49% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:41:33, on 01/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Jeux\Dead Space\Dead Space.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\RSIT.exe
    C:\Program Files\trend micro\Maison.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/Nvi...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

    --
    End of file - 6569 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-30 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-19 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-01 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-01 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "EPSON Stylus Photo R240 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-02-06 177472]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-30 1932568]
    "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-03-17 61440]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
    bthprops.cpl,,BluetoothAuthenticationAgent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
    C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
    C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe [2003-07-07 729088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
    C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2006-01-18 2293760]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-05-28 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-01 148888]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync]
    C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-12-20 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Maison^Menu Démarrer^Programmes^Démarrage^Registration RAYMAN]
    C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage\Registration RAYMAN []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ose"=3
    "NBService"=3
    "iPod Service"=3
    "MDM"=2
    "ATI Smart"=2
    "a2free"=2
    "a2AntiDialer"=2
    "usnjsvc"=3
    "JavaQuickStarterService"=2
    "IDriverT"=3
    "gusvc"=2

    C:\Documents and Settings\Maison\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2009-03-16 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-03-30 10520]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoFind"=
    "NoFolderOptions"=
    "NoRun"=
    "NoDrives"=0
    "NoViewContextMenu"=0
    "NoWinKeys"=0
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoLogOff"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:D isabled:SplinterCell4"
    "D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe"="D:\Jeux\Splinter Cell DA\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
    "D:\Jeux\FEAR\FEAR.exe"="D:\Jeux\FEAR\FEAR.exe:*:Enabled:FEAR"
    "D:\Jeux\FEAR\FEARMP.exe"="D:\Jeux\FEAR\FEARMP.exe:*:Enabled:FEARMP"
    "D:\Jeux\NFS Carbon\NFSC.exe"="D:\Jeux\NFS Carbon\NFSC.exe:*:Enabled:NFSC"
    "D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe"="D:\Jeux\Act of War - Direct Action Multiplayer Demo\ActOfWar.exe:*:D isabled:ActOfWar"
    "D:\Jeux\Alerte rouge 2\gamemd.exe"="D:\Jeux\Alerte rouge 2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe"="D:\Jeux\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander"
    "D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe"="D:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe"="C:\Program Files\Steam\SteamApps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:p eggle Extreme"
    "D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_NO_SSE.exe:*:Enabled:Earth 2160"
    "D:\Jeux\Earth 2160\Earth2160_SSE.exe"="D:\Jeux\Earth 2160\Earth2160_SSE.exe:*:Enabled:Earth 2160"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
    "D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    ======List of files/folders created in the last 1 months======

    2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-01 21:38:22 ----A---- C:\WINDOWS\system32\java.exe
    2009-05-01 21:08:18 ----A---- C:\UsbFix.txt
    2009-05-01 19:48:08 ----D---- C:\Program Files\EClean
    2009-05-01 19:46:41 ----D---- C:\Program Files\BeClean
    2009-05-01 17:01:53 ----RASHD---- C:\autorun.inf
    2009-05-01 16:37:50 ----D---- C:\UsbFix
    2009-05-01 16:24:31 ----D---- C:\Program Files\trend micro
    2009-05-01 16:24:25 ----D---- C:\rsit
    2009-04-30 19:36:35 ----A---- C:\resultat_clean.txt
    2009-04-30 19:36:24 ----A---- C:\rapport_clean.txt
    2009-04-27 13:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-04-27 13:02:43 ----A---- C:\WINDOWS\RtkUpd.exe
    2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
    2009-04-27 13:02:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
    2009-04-27 13:02:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
    2009-04-27 13:02:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2009-04-27 13:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-04-27 13:02:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-04-27 13:02:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-04-27 13:00:32 ----D---- C:\Nouveau dossier
    2009-04-27 12:57:43 ----N---- C:\WINDOWS\system32\ati2sgag.exe
    2009-04-27 12:57:19 ----D---- C:\Program Files\ATI Technologies
    2009-04-27 12:50:19 ----A---- C:\WINDOWS\WININIT.INI
    2009-04-11 16:17:48 ----D---- C:\Program Files\iTunes
    2009-04-11 16:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

    ======List of files/folders modified in the last 1 months======

    2009-05-01 21:41:27 ----D---- C:\WINDOWS\Prefetch
    2009-05-01 21:38:25 ----D---- C:\WINDOWS\Temp
    2009-05-01 21:38:22 ----D---- C:\WINDOWS\system32
    2009-05-01 21:38:03 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-05-01 21:38:01 ----SHD---- C:\WINDOWS\Installer
    2009-05-01 20:36:42 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-01 20:31:16 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-01 19:56:07 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-05-01 19:48:08 ----RD---- C:\Program Files
    2009-05-01 17:16:17 ----D---- C:\Program Files\Java
    2009-05-01 17:16:16 ----D---- C:\Program Files\Fichiers communs
    2009-05-01 15:40:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-01 15:40:31 ----D---- C:\WINDOWS\system32\drivers
    2009-04-29 19:24:02 ----D---- C:\Documents and Settings\Maison\Application Data\Azureus
    2009-04-29 16:18:52 ----D---- C:\Azureus
    2009-04-29 12:05:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-28 13:45:52 ----D---- C:\WINDOWS
    2009-04-27 16:37:48 ----D---- C:\WINDOWS\system32\DirectX
    2009-04-27 16:37:47 ----HD---- C:\WINDOWS\inf
    2009-04-27 16:37:37 ----RSD---- C:\WINDOWS\assembly
    2009-04-27 16:22:11 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-04-27 16:09:46 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-04-27 15:23:38 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-04-27 14:24:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-04-27 14:23:58 ----A---- C:\WINDOWS\system32\lsdelete.exe
    2009-04-27 13:44:37 ----D---- C:\Program Files\Steam
    2009-04-27 13:39:41 ----D---- C:\Program Files\SlySoft
    2009-04-27 13:02:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-04-27 12:58:47 ----D---- C:\WINDOWS\WinSxS
    2009-04-27 12:57:36 ----D---- C:\WINDOWS\system32\CatRoot
    2009-04-26 19:52:18 ----D---- C:\Jeux
    2009-04-26 19:48:01 ----D---- C:\dossier de partages
    2009-04-25 19:36:35 ----D---- C:\Documents and Settings\Maison\Application Data\LimeWire
    2009-04-25 19:32:52 ----D---- C:\Incomplete
    2009-04-25 19:32:45 ----D---- C:\Limewire
    2009-04-21 17:36:53 ----D---- C:\Documents and Settings\Maison\Application Data\dvdcss
    2009-04-21 17:23:03 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-04-19 20:32:59 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
    2009-04-19 12:06:00 ----D---- C:\iTunes music
    2009-04-13 18:34:13 ----D---- C:\Documents and Settings\Maison\Application Data\Canon
    2009-04-13 18:33:10 ----A---- C:\WINDOWS\CSTBox.INI
    2009-04-11 16:17:51 ----D---- C:\Program Files\iPod
    2009-04-11 16:17:47 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-04-10 20:54:50 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2009-04-03 17:46:37 ----D---- C:\Documents and Settings\Maison\Application Data\Bioshock
    2009-04-03 17:45:53 ----RSH---- C:\boot.ini
    2009-04-03 17:45:24 ----D---- C:\WINDOWS\Downloaded Installations

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-30 325640]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-06 27656]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-07 108552]
    R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
    R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-03-16 3597312]
    R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
    R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 a76j3wh6;a76j3wh6; C:\WINDOWS\system32\drivers\a76j3wh6.sys []
    S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
    S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
    S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
    S3 HidBth;Miniport HID Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-19 25856]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
    S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
    S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
    S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
    S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
    S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
    S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
    S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
    S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-06-29 83208]
    S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-06-29 15112]
    S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-06-29 108552]
    S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-06-29 100360]
    S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-06-29 23176]
    S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-06-29 98568]
    S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-06-29 98952]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-03-16 602112]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-30 298264]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-01 152984]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168]
    R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
    R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-16 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S4 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-03-20 425080]
    S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-19 168432]
    S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
    S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S4 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

    -----------------EOF-----------------
    1 Mai 2009 21:48:39

    Rapport Ordinateur non désinfecté



    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Maison at 2009-05-01 21:46:09
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 55 GB (71%) free of 76 GB
    Total RAM: 767 MB (40% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:46:30, on 01/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\System32\svchost.exe
    E:\VIRUS SPY VACCINATION\RSIT.exe
    C:\Program Files\trend micro\Maison.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [BisonInst0402] C:\WINDOWS\BR040286.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

    --
    End of file - 6080 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-11 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-12 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-12 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
    "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
    "AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
    "ACU"=C:\Program Files\Atheros\ACU.exe [2005-01-31 253952]
    "BisonInst0402"=C:\WINDOWS\BR040286.exe [2007-05-08 53248]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-04-11 1932568]
    "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-25 516440]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-12 148888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-03-27 24103720]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "ose"=3
    "MDM"=2

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-04-11 10520]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-19 240128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoFind"=
    "NoFolderOptions"=
    "NoRun"=
    "NoDrives"=0
    "NoViewContextMenu"=0
    "NoWinKeys"=0
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoLogOff"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    ======List of files/folders created in the last 1 months======

    2009-05-01 21:42:40 ----D---- C:\Program Files\trend micro
    2009-05-01 21:42:38 ----D---- C:\rsit
    2009-05-01 21:11:17 ----A---- C:\UsbFix.txt
    2009-05-01 21:05:07 ----D---- C:\Documents and Settings\Maison\Application Data\Malwarebytes
    2009-05-01 21:04:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-01 21:04:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-01 21:00:18 ----RASHD---- C:\autorun.inf
    2009-04-29 20:02:55 ----D---- C:\WINDOWS\Sun
    2009-04-28 20:24:59 ----D---- C:\WINDOWS\CSC
    2009-04-28 20:24:52 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-04-23 20:00:33 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
    2009-04-23 19:59:40 ----A---- C:\WINDOWS\Alcmtr.exe
    2009-04-23 19:47:30 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
    2009-04-23 19:46:44 ----A---- C:\WINDOWS\system32\nvunrm.exe
    2009-04-21 18:40:02 ----A---- C:\WINDOWS\system32\idecoiins.dll
    2009-04-21 18:40:02 ----A---- C:\WINDOWS\system32\idecoi.dll
    2009-04-21 18:39:49 ----A---- C:\WINDOWS\system32\SET16.tmp
    2009-04-21 18:38:29 ----D---- C:\WINDOWS\tiinst
    2009-04-16 14:52:33 ----D---- C:\WINDOWS\system32\LogFiles
    2009-04-15 20:31:44 ----D---- C:\Documents and Settings\Maison\Application Data\Apple Computer
    2009-04-15 20:31:30 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-04-15 20:29:35 ----D---- C:\Program Files\iPod
    2009-04-15 20:29:32 ----D---- C:\Program Files\iTunes
    2009-04-15 20:29:32 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-04-15 20:29:19 ----D---- C:\Program Files\Bonjour
    2009-04-15 20:29:11 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
    2009-04-15 20:28:38 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-04-12 11:57:37 ----D---- C:\WINDOWS\system32\Adobe
    2009-04-12 11:56:57 ----D---- C:\Program Files\QuickTime
    2009-04-12 11:56:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2009-04-12 11:56:42 ----D---- C:\Program Files\Apple Software Update
    2009-04-12 11:56:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-04-12 11:56:03 ----A---- C:\WINDOWS\system32\java.exe
    2009-04-12 11:55:49 ----D---- C:\Program Files\Java
    2009-04-12 11:51:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-04-12 11:50:43 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-04-12 11:50:43 ----D---- C:\Program Files\Adobe
    2009-04-12 11:47:28 ----D---- C:\Documents and Settings\Maison\Application Data\Mozilla
    2009-04-12 11:42:38 ----D---- C:\WINDOWS\system32\appmgmt
    2009-04-12 00:12:08 ----D---- C:\Documents and Settings\Maison\Application Data\Macromedia
    2009-04-12 00:12:07 ----D---- C:\Documents and Settings\Maison\Application Data\Adobe
    2009-04-12 00:08:42 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-04-12 00:04:55 ----D---- C:\Documents and Settings\Maison\Application Data\Sun
    2009-04-11 23:50:31 ----D---- C:\Program Files\NOS
    2009-04-11 23:50:31 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-04-11 23:38:47 ----D---- C:\Documents and Settings\All Users\Application Data\Google
    2009-04-11 23:14:46 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-04-11 23:12:02 ----D---- C:\Program Files\MSN Messenger
    2009-04-11 23:09:55 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
    2009-04-11 23:09:55 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-04-11 23:08:44 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-04-11 23:07:46 ----D---- C:\Temp (à supprimer)
    2009-04-11 23:07:36 ----A---- C:\WINDOWS\imsins.BAK
    2009-04-11 23:07:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-04-11 23:07:33 ----SHD---- C:\WINDOWS\Installer
    2009-04-11 23:07:33 ----D---- C:\Program Files\Fichiers communs\ODBC
    2009-04-11 23:07:33 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-04-11 23:07:29 ----RD---- C:\Program Files
    2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-04-11 23:07:29 ----D---- C:\Program Files\Fichiers communs
    2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-04-11 23:07:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-04-11 23:07:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-04-11 23:07:23 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-04-11 23:07:23 ----D---- C:\programmes
    2009-04-11 23:07:22 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-04-11 23:07:21 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-04-11 23:07:20 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-04-11 23:07:19 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-04-11 23:07:17 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-04-11 23:07:15 ----N---- C:\WINDOWS\system32\CONFIG.TMP
    2009-04-11 23:07:15 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-04-11 23:07:15 ----A---- C:\WINDOWS\system32\batt.dll
    2009-04-11 23:07:14 ----A---- C:\WINDOWS\NOTEPAD.EXE
    2009-04-11 23:07:13 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-04-11 23:07:05 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-04-11 23:07:02 ----RA---- C:\WINDOWS\SET8.tmp
    2009-04-11 23:07:00 ----RA---- C:\WINDOWS\SET4.tmp
    2009-04-11 23:06:58 ----RA---- C:\WINDOWS\SET3.tmp
    2009-04-11 23:06:53 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-11 23:06:53 ----D---- C:\WINDOWS\system32\CatRoot
    2009-04-11 23:06:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-04-11 23:06:30 ----A---- C:\WINDOWS\setuplog.txt
    2009-04-11 23:06:27 ----D---- C:\Documents and Settings
    2009-04-11 23:06:26 ----SHD---- C:\System Volume Information
    2009-04-11 23:05:32 ----RSH---- C:\boot.ini
    2009-04-11 23:01:21 ----D---- C:\_Photos
    2009-04-11 23:01:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-04-11 23:01:12 ----RSD---- C:\WINDOWS\Fonts
    2009-04-11 23:01:12 ----RD---- C:\WINDOWS\Web
    2009-04-11 23:01:12 ----HD---- C:\WINDOWS\inf
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\WinSxS
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\twain_32
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Temp
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\wins
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\wbem
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\usmt
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\spool
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ShellExt
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\Setup
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ras
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\oobe
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\npp
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\mui
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\inetsrv
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\IME
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\icsxml
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\ias
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\export
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\drivers
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\dhcp
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\config
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\3076
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\2052
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1054
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1042
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1041
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1037
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1036
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1033
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1031
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1028
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32\1025
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system32
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\system
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\security
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Resources
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\repair
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Provisioning
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\PeerNet
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\pchealth
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\mui
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\msapps
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\msagent
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Media
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\java
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\ime
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Help
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\ehome
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Driver Cache
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Debug
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Cursors
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Connection Wizard
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\Config
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\AppPatch
    2009-04-11 23:01:12 ----D---- C:\WINDOWS\addins
    2009-04-11 23:01:12 ----D---- C:\WINDOWS
    2009-04-11 23:00:27 ----D---- C:\_Musique
    2009-04-11 23:00:26 ----D---- C:\documents sav
    2009-04-11 23:00:24 ----D---- C:\_data
    2009-04-11 23:00:21 ----D---- C:\_Christian
    2009-04-11 23:00:18 ----D---- C:\_Catherine
    2009-04-11 23:00:18 ----D---- C:\_Adm
    2009-04-11 22:55:37 ----D---- C:\WINDOWS\pss
    2009-04-11 22:47:14 ----SHD---- C:\RECYCLER
    2009-04-11 22:46:40 ----D---- C:\Documents and Settings\Maison\Application Data\Skype
    2009-04-11 22:46:21 ----RD---- C:\Program Files\Skype
    2009-04-11 22:46:14 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
    2009-04-11 22:39:50 ----D---- C:\Program Files\Sunbelt Software
    2009-04-11 22:29:44 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-04-11 22:29:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-04-11 22:25:19 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
    2009-04-11 22:25:11 ----D---- C:\Program Files\Lavasoft
    2009-04-11 22:25:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-04-11 22:13:01 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-04-11 22:12:39 ----D---- C:\Program Files\AVG
    2009-04-11 22:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-04-11 22:10:10 ----D---- C:\Documents and Settings\Maison\Application Data\vlc
    2009-04-11 22:09:34 ----D---- C:\NVIDIA
    2009-04-11 22:08:24 ----D---- C:\Program Files\VideoLAN
    2009-04-11 21:57:15 ----A---- C:\WINDOWS\ODBC.INI
    2009-04-11 21:57:11 ----A---- C:\WINDOWS\system32\mdimon.dll
    2009-04-11 21:56:33 ----D---- C:\Program Files\Microsoft.NET
    2009-04-11 21:55:44 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2009-04-11 21:55:39 ----D---- C:\Program Files\Microsoft Works
    2009-04-11 21:55:33 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-04-11 21:55:09 ----D---- C:\WINDOWS\SHELLNEW
    2009-04-11 21:54:45 ----D---- C:\Program Files\Microsoft Office
    2009-04-11 21:52:33 ----D---- C:\Program Files\Mozilla Firefox
    2009-04-11 21:44:41 ----D---- C:\WINDOWS\system32\Lang
    2009-04-11 21:39:47 ----A---- C:\WINDOWS\Setup.INI
    2009-04-11 21:38:31 ----D---- C:\WINDOWS\BisonC07
    2009-04-11 21:38:27 ----A---- C:\WINDOWS\system32\BisonR07.dll
    2009-04-11 21:38:27 ----A---- C:\WINDOWS\M3000Twn.ini
    2009-04-11 21:38:26 ----A---- C:\WINDOWS\BR040286.exe
    2009-04-11 21:38:11 ----D---- C:\Documents and Settings\Maison\Application Data\InstallShield
    2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\Wendy-918-NewDriDate-50316
    2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\T60H918_01_4.0.0.14001_50323_Acer_SVID_1025
    2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\4.0.0.167
    2009-04-11 21:37:37 ----D---- C:\WINDOWS\system32\4.0.0.14001
    2009-04-11 21:37:37 ----D---- C:\WINDOWS\Options
    2009-04-11 21:37:34 ----A---- C:\WINDOWS\system32\results.txt
    2009-04-11 21:37:34 ----A---- C:\WINDOWS\system32\acs.exe
    2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\wgapi.dll
    2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\wcapi.dll
    2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\athcfg11res.dll
    2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\athcfg11.dll
    2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\AegisI5.exe
    2009-04-11 21:37:30 ----A---- C:\WINDOWS\system32\AegisE5.dll
    2009-04-11 21:37:29 ----D---- C:\Program Files\Atheros
    2009-04-11 21:37:17 ----D---- C:\temp
    2009-04-11 21:36:47 ----D---- C:\Program Files\DIFX
    2009-04-11 21:36:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-04-11 21:36:02 ----N---- C:\WINDOWS\system32\nvuide.exe
    2009-04-11 21:35:45 ----A---- C:\WINDOWS\system32\nvusmb.exe
    2009-04-11 21:35:33 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-04-11 21:34:21 ----A---- C:\WINDOWS\system32\ChCfg.exe
    2009-04-11 21:34:01 ----D---- C:\WINDOWS\system32\RTCOM
    2009-04-11 21:33:26 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2009-04-11 21:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
    2009-04-11 21:33:22 ----A---- C:\WINDOWS\SoundMan.exe
    2009-04-11 21:33:22 ----A---- C:\WINDOWS\SkyTel.exe
    2009-04-11 21:33:22 ----A---- C:\WINDOWS\RtlUpd.exe
    2009-04-11 21:33:21 ----A---- C:\WINDOWS\RTLCPL.exe
    2009-04-11 21:33:19 ----A---- C:\WINDOWS\RTHDCPL.exe
    2009-04-11 21:33:19 ----A---- C:\WINDOWS\MicCal.exe
    2009-04-11 21:33:18 ----D---- C:\Program Files\Realtek
    2009-04-11 21:33:18 ----A---- C:\WINDOWS\alcwzrd.exe
    2009-04-11 21:33:17 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-04-11 21:33:12 ----A---- C:\WINDOWS\RtlExUpd.dll
    2009-04-11 21:32:27 ----D---- C:\WINDOWS\nview
    2009-04-11 21:32:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
    2009-04-11 21:32:19 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
    2009-04-11 21:32:11 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2009-04-11 21:29:38 ----D---- C:\Documents and Settings\Maison\Application Data\Identities
    2009-04-11 21:29:37 ----HD---- C:\Program Files\Uninstall Information
    2009-04-11 21:29:31 ----ASH---- C:\Documents and Settings\Maison\Application Data\desktop.ini
    2009-04-11 21:29:30 ----SD---- C:\Documents and Settings\Maison\Application Data\Microsoft
    2009-04-11 21:26:08 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-04-11 21:26:07 ----D---- C:\WINDOWS\Prefetch
    2009-04-11 21:26:06 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-04-11 21:26:06 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-04-11 21:20:35 ----D---- C:\WINDOWS\system32\xircom
    2009-04-11 21:20:35 ----D---- C:\Program Files\xerox
    2009-04-11 21:20:35 ----D---- C:\Program Files\microsoft frontpage
    2009-04-11 21:20:17 ----A---- C:\WINDOWS\control.ini
    2009-04-11 21:20:17 ----A---- C:\AUTOEXEC.BAT
    2009-04-11 21:20:03 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-04-11 21:19:59 ----A---- C:\WINDOWS\system32\mapi32.dll
    2009-04-11 21:19:12 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-04-11 21:19:12 ----RD---- C:\WINDOWS\Offline Web Pages
    2009-04-11 21:19:12 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2009-04-11 21:19:06 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2009-04-11 21:19:02 ----HD---- C:\Program Files\WindowsUpdate
    2009-04-11 21:18:58 ----D---- C:\Program Files\Services en ligne
    2009-04-11 21:18:43 ----D---- C:\WINDOWS\system32\DirectX
    2009-04-11 21:18:25 ----A---- C:\WINDOWS\system32\atrace.dll
    2009-04-11 21:18:22 ----A---- C:\WINDOWS\system32\desktop.ini
    2009-04-11 21:18:22 ----A---- C:\WINDOWS\desktop.ini
    2009-04-11 21:18:16 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2009-04-11 21:18:15 ----A---- C:\WINDOWS\system32\acctres.dll
    2009-04-11 21:18:14 ----D---- C:\Program Files\Fichiers communs\Services
    2009-04-11 21:18:12 ----SD---- C:\WINDOWS\Tasks
    2009-04-11 21:18:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2009-04-11 21:18:11 ----D---- C:\Program Files\Fichiers communs\MSSoap
    2009-04-11 21:18:07 ----D---- C:\WINDOWS\srchasst
    2009-04-11 21:18:06 ----D---- C:\WINDOWS\system32\Macromed
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuweb.dll
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wups.dll
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wucltui.dll
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2009-04-11 21:18:03 ----A---- C:\WINDOWS\system32\wuapi.dll
    2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2009-04-11 21:18:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2009-04-11 21:17:58 ----D---- C:\Program Files\Movie Maker
    2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrslv.dll
    2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrdm.dll
    2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2009-04-11 21:17:55 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2009-04-11 21:17:51 ----A---- C:\WINDOWS\system32\fltMc.exe
    2009-04-11 21:17:51 ----A---- C:\WINDOWS\system32\fltlib.dll
    2009-04-11 21:17:50 ----D---- C:\WINDOWS\system32\Restore
    2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srsvc.dll
    2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srrstr.dll
    2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\srclient.dll
    2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2009-04-11 21:17:50 ----A---- C:\WINDOWS\system32\ils.dll
    2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\msconf.dll
    2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2009-04-11 21:17:49 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2009-04-11 21:17:46 ----D---- C:\Program Files\NetMeeting
    2009-04-11 21:17:46 ----A---- C:\WINDOWS\system32\msoert2.dll
    2009-04-11 21:17:46 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2009-04-11 21:17:45 ----A---- C:\WINDOWS\system32\inetres.dll
    2009-04-11 21:17:45 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2009-04-11 21:17:43 ----D---- C:\Program Files\Outlook Express
    2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\mstinit.exe
    2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\mstask.dll
    2009-04-11 21:17:43 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\isign32.dll
    2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2009-04-11 21:17:42 ----A---- C:\WINDOWS\system32\icwdial.dll
    2009-04-11 21:17:37 ----D---- C:\Program Files\Fichiers communs\System
    2009-04-11 21:17:30 ----D---- C:\Program Files\Internet Explorer
    2009-04-11 21:16:56 ----D---- C:\Program Files\ComPlus Applications
    2009-04-11 21:16:54 ----A---- C:\WINDOWS\vbaddin.ini
    2009-04-11 21:16:54 ----A---- C:\WINDOWS\vb.ini
    2009-04-11 21:16:49 ----D---- C:\WINDOWS\Registration
    2009-04-11 21:16:41 ----D---- C:\Program Files\Windows Media Player
    2009-04-11 21:16:41 ----D---- C:\Program Files\Online Services
    2009-04-11 21:16:35 ----D---- C:\Program Files\Messenger
    2009-04-11 21:16:31 ----D---- C:\Program Files\MSN Gaming Zone
    2009-04-11 21:16:31 ----A---- C:\WINDOWS\system32\write.exe
    2009-04-11 21:16:24 ----A---- C:\WINDOWS\system32\sndvol32.exe
    2009-04-11 21:16:24 ----A---- C:\WINDOWS\system32\hticons.dll
    2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\winchat.exe
    2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avwav.dll
    2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avtapi.dll
    2009-04-11 21:16:23 ----A---- C:\WINDOWS\system32\avmeter.dll
    2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\winmine.exe
    2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\sol.exe
    2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\getuname.dll
    2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\charmap.exe
    2009-04-11 21:16:17 ----A---- C:\WINDOWS\system32\calc.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\usrlogon.cmd
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tsshutdn.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tslabels.ini
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tskill.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tsdiscon.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\tscon.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\shadow.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\reset.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\mshearts.exe
    2009-04-11 21:16:16 ----A---- C:\WINDOWS\system32\freecell.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\rwinsta.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\regini.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\qwinsta.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\qappsrv.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\msg.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\msdtcprf.ini
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\logoff.exe
    2009-04-11 21:16:15 ----A---- C:\WINDOWS\system32\cdmodem.dll
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\stclient.dll
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxex.dll
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\mtxdm.dll
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\comrepl.dll
    2009-04-11 21:16:14 ----A---- C:\WINDOWS\system32\comaddin.dll
    2009-04-11 21:16:13 ----A---- C:\WINDOWS\system32\comsnap.dll
    2009-04-11 21:16:09 ----A---- C:\WINDOWS\system32\wmimgmt.msc
    2009-04-11 21:15:58 ----D---- C:\Program Files\MSN
    2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\mplay32.exe
    2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2009-04-11 21:15:57 ----A---- C:\WINDOWS\system32\accwiz.exe
    2009-04-11 21:15:56 ----D---- C:\Program Files\Windows NT
    2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\spider.exe
    2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\mspaint.exe
    2009-04-11 21:15:56 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\remotepg.dll
    2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\rdshost.exe
    2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\mstscax.dll
    2009-04-11 21:15:55 ----A---- C:\WINDOWS\system32\mstsc.exe
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\tscupgrd.exe
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\termsrv.dll
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\rdchost.dll
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\qprocess.exe
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\icaapi.dll
    2009-04-11 21:15:54 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2009-04-11 21:15:53 ----D---- C:\WINDOWS\system32\MsDtc
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\mtxoci.dll
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtctm.dll
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtcprx.dll
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtclog.dll
    2009-04-11 21:15:53 ----A---- C:\WINDOWS\system32\msdtc.exe
    2009-04-11 21:15:52 ----D---- C:\WINDOWS\system32\Com
    2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\colbact.dll
    2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2009-04-11 21:15:52 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\comuid.dll
    2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2009-04-11 21:15:51 ----A---- C:\WINDOWS\system32\catsrv.dll
    2009-04-11 21:15:50 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\servdeps.dll
    2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\licwmi.dll
    2009-04-11 21:15:44 ----A---- C:\WINDOWS\system32\cmprops.dll
    2009-04-11 20:36:43 ----A---- C:\WINDOWS\system32\nwiz.exe
    2009-04-11 20:36:42 ----A---- C:\WINDOWS\system32\nvwrszht.dll
    2009-04-11 20:36:42 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
    2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrstr.dll
    2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrssv.dll
    2009-04-11 20:36:41 ----A---- C:\WINDOWS\system32\nvwrsru.dll
    2009-04-11 20:36:40 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
    2009-04-11 20:36:40 ----A---- C:\WINDOWS\system32\nvwrspt.dll
    2009-04-11 20:36:39 ----A---- C:\WINDOWS\system32\nvwrsno.dll
    2009-04-11 20:36:39 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
    2009-04-11 20:36:38 ----A---- C:\WINDOWS\system32\nvwrsko.dll
    2009-04-11 20:36:38 ----A---- C:\WINDOWS\system32\nvwrsja.dll
    2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrsit.dll
    2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrshe.dll
    2009-04-11 20:36:37 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
    2009-04-11 20:36:36 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
    2009-04-11 20:36:35 ----A---- C:\WINDOWS\system32\nvwrses.dll
    2009-04-11 20:36:35 ----A---- C:\WINDOWS\system32\nvwrseng.dll
    2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsde.dll
    2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsda.dll
    2009-04-11 20:36:34 ----A---- C:\WINDOWS\system32\nvwrsar.dll
    2009-04-11 20:36:33 ----A---- C:\WINDOWS\system32\nvwimg.dll
    2009-04-11 20:36:30 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
    2009-04-11 20:36:30 ----A---- C:\WINDOWS\system32\nvwddi.dll
    2009-04-11 20:36:18 ----A---- C:\WINDOWS\system32\nvsvc32.exe
    2009-04-11 20:36:17 ----A---- C:\WINDOWS\system32\nvshell.dll
    2009-04-11 20:36:16 ----A---- C:\WINDOWS\system32\nvrszht.dll
    2009-04-11 20:36:16 ----A---- C:\WINDOWS\system32\nvrszhc.dll
    2009-04-11 20:36:15 ----A---- C:\WINDOWS\system32\nvrstr.dll
    2009-04-11 20:36:13 ----A---- C:\WINDOWS\system32\nvrssv.dll
    2009-04-11 20:36:13 ----A---- C:\WINDOWS\system32\nvrsru.dll
    2009-04-11 20:36:12 ----A---- C:\WINDOWS\system32\nvrsptb.dll
    2009-04-11 20:36:11 ----A---- C:\WINDOWS\system32\nvrspt.dll
    2009-04-11 20:36:11 ----A---- C:\WINDOWS\system32\nvrsno.dll
    2009-04-11 20:36:10 ----A---- C:\WINDOWS\system32\nvrsnl.dll
    2009-04-11 20:36:09 ----A---- C:\WINDOWS\system32\nvrsko.dll
    2009-04-11 20:36:09 ----A---- C:\WINDOWS\system32\nvrsja.dll
    2009-04-11 20:36:08 ----A---- C:\WINDOWS\system32\nvrsit.dll
    2009-04-11 20:36:08 ----A---- C:\WINDOWS\system32\nvrshe.dll
    2009-04-11 20:36:07 ----A---- C:\WINDOWS\system32\nvrsfr.dll
    2009-04-11 20:36:06 ----A---- C:\WINDOWS\system32\nvrsfi.dll
    2009-04-11 20:36:05 ----A---- C:\WINDOWS\system32\nvrses.dll
    2009-04-11 20:36:04 ----A---- C:\WINDOWS\system32\nvrseng.dll
    2009-04-11 20:36:04 ----A---- C:\WINDOWS\system32\nvrsde.dll
    2009-04-11 20:36:03 ----A---- C:\WINDOWS\system32\nvrsda.dll
    2009-04-11 20:36:02 ----A---- C:\WINDOWS\system32\nvrsar.dll
    2009-04-11 20:36:01 ----A---- C:\WINDOWS\system32\nvoglnt.dll
    2009-04-11 20:36:01 ----A---- C:\WINDOWS\system32\nvmctray.dll
    2009-04-11 20:36:00 ----A---- C:\WINDOWS\system32\nview.dll
    2009-04-11 20:35:59 ----A---- C:\WINDOWS\system32\nvdspsch.exe
    2009-04-11 20:35:51 ----A---- C:\WINDOWS\system32\nvcpl.dll
    2009-04-11 20:35:45 ----A---- C:\WINDOWS\system32\nvcodins.dll
    2009-04-11 20:35:45 ----A---- C:\WINDOWS\system32\nvcod.dll
    2009-04-11 20:35:43 ----A---- C:\WINDOWS\system32\nvappbar.exe
    2009-04-11 20:35:43 ----A---- C:\WINDOWS\system32\nvapi.dll
    2009-04-11 20:35:41 ----A---- C:\WINDOWS\system32\nv4_disp.dll
    2009-04-11 20:35:40 ----A---- C:\WINDOWS\system32\keystone.exe
    2009-04-11 20:26:34 ----A---- C:\WINDOWS\system32\fdco_l2052.dll
    2009-04-11 20:26:34 ----A---- C:\WINDOWS\system32\fdco_l1046.dll
    2009-04-11 20:26:33 ----A---- C:\WINDOWS\system32\fdco_l1042.dll
    2009-04-11 20:26:33 ----A---- C:\WINDOWS\system32\fdco_l1041.dll
    2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1040.dll
    2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1036.dll
    2009-04-11 20:26:32 ----A---- C:\WINDOWS\system32\fdco_l1034.dll
    2009-04-11 20:26:31 ----A---- C:\WINDOWS\system32\fdco_l1031.dll
    2009-04-11 20:26:31 ----A---- C:\WINDOWS\system32\fdco_l1028.dll
    2009-04-11 20:26:30 ----A---- C:\WINDOWS\system32\bdco1ins.dll
    2009-04-11 20:26:16 ----A---- C:\WINDOWS\system32\NVCOI.DLL

    ======List of files/folders modified in the last 1 months======

    2009-04-11 23:23:15 ----A---- C:\WINDOWS\win.ini
    2009-04-11 23:23:15 ----A---- C:\WINDOWS\system.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-04-11 325640]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-04-11 27656]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-11 108552]
    R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
    R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-11 17801]
    R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
    R3 Cam5607;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonC07.sys [2007-08-06 761640]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
    R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
    R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
    R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
    R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2004-12-27 36864]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-11 298264]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-12 152984]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
    R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
    R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-25 953168]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S4 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

    -----------------EOF-----------------
    1 Mai 2009 21:54:05

    Eh bien merci beaucoup pour l'aide et pour m'avoir consacré du temps.
    Je vais bien suivre tout vos conseil.

    Bonne soirée à vous =)
    a c 267 8 Sécurité
    1 Mai 2009 21:54:31

    Je ne vois pas d'infection dans ce rapport.
    1 Mai 2009 21:58:39

    [ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\rapport_clean.txt: trouvé !
    C:\UsbFix.txt: trouvé !
    C:\UsbFix: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Maison\Bureau\UsbFix.exe: trouvé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: trouvé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: trouvé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\rapport_clean.txt: supprimé !
    C:\UsbFix.txt: supprimé !
    C:\Documents and Settings\Maison\Bureau\UsbFix.exe: supprimé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: supprimé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\UsbFix: ERREUR DE SUPPRESSION !!
    C:\Rsit: supprimé !

    Fichiers temporaires nettoyés !
    1 Mai 2009 21:59:06

    [ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\rapport_clean.txt: trouvé !
    C:\UsbFix.txt: trouvé !
    C:\UsbFix: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Maison\Bureau\UsbFix.exe: trouvé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: trouvé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: trouvé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Clean.zip: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\rapport_clean.txt: supprimé !
    C:\UsbFix.txt: supprimé !
    C:\Documents and Settings\Maison\Bureau\UsbFix.exe: supprimé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\UsbFix.exe: supprimé !
    C:\Documents and Settings\Maison\Bureau\VIRUS SPY VACCINATION\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\UsbFix: ERREUR DE SUPPRESSION !!
    C:\Rsit: supprimé !

    Fichiers temporaires nettoyés !
    a c 267 8 Sécurité
    1 Mai 2009 22:01:00

    Tu peux supprimer ToolsCleaner.

    Ne garde pas les programmes comme UsbFix sur ton PC car ce genre de programmes de désinfection évolue souvent.
    1 Mai 2009 22:12:30

    D'accord et merci pour les liens des logiciels. Je supprimerai ce qui a été cité.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS