Votre question

Nmdfgds1.dll. Comment s'en débarrasser?

Tags :
  • Disque dur externe
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Avril 2009 01:52:16

Bonjour,

A chaque ouverture de programme (quelqu'il soit), une alerte AntiVir m'annonce la présence de :C:\WINDOWS\system32\nmdfgds1.dll

Qu'est-ce?
Que dois-je faire pour m'en debarrasser?

Merci d'avance pour vos lumières

Autres pages sur : nmdfgds1 dll debarrasser

a c 333 8 Sécurité
13 Avril 2009 01:55:44

Salut,

Tu es sous XP ou Vista ?
13 Avril 2009 01:58:21

merci d'etre si rapide

Win XP Pro
Contenus similaires
a c 333 8 Sécurité
13 Avril 2009 01:59:14

  • Télécharge UsbFix (de C_XX & Chiquitine29) sur ton Bureau.
  • Lance l'installation avec les paramètres par défaut.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix sur ton Bureau.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    13 Avril 2009 02:04:01

    nous y voila :


    ############################## [ UsbFix V3.006 ]

    # User : Administrateur (Administrateurs) # IND_PC
    # Update on 11/04/09 by C_XX & Chiquitine29
    # Start at: 02:02:01 | 13/04/2009

    # Intel(R) Core(TM)2 CPU T7400 @ 2.16GHz
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Enabled
    # AV : Avira AntiVir PersonalEdition Classic 8.0.1.30 [ Enabled | Updated ]

    # C:\ # Disque fixe local # 31,47 Go (11,48 Go free) # NTFS
    # D:\ # Disque CD-ROM
    # E:\ # Disque CD-ROM
    # F:\ # Disque amovible # 3,72 Go (2,06 Go free) [GAUTIER] # FAT32

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rmctrl.exe
    C:\WINDOWS\system32\taskswitch.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\IRW.exe
    C:\Program Files\Boot Camp\KbdMgr.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\PROGRA~1\SCHNEI~1\Schneider Widget.exe
    C:\WINDOWS\system32\AppleOSSMgr.exe
    C:\WINDOWS\system32\AppleTimeSrv.exe
    C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
    C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\lmgrd.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\SW_D.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Opera\opera.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## [ Registre # Startup ]

    HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    HKCU_Main: "Start Page"="http://www.google.fr/"
    HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    HKLM_logon: "DefaultUserName"="Administrateur"
    HKLM_logon: "AltDefaultUserName"="Administrateur"
    HKLM_logon: "LegalNoticeCaption"=""
    HKLM_logon: "LegalNoticeText"=""
    HKLM_Run: RemoteControl=C:\WINDOWS\system32\rmctrl.exe
    HKLM_Run: CoolSwitch=C:\WINDOWS\system32\taskswitch.exe
    HKLM_Run: IgfxTray=C:\WINDOWS\system32\igfxtray.exe
    HKLM_Run: HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
    HKLM_Run: Persistence=C:\WINDOWS\system32\igfxpers.exe
    HKLM_Run: BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    HKLM_Run: IRW=C:\WINDOWS\system32\IRW.exe
    HKLM_Run: Apple_KbdMgr=C:\Program Files\Boot Camp\KbdMgr.exe
    HKLM_Run: DAEMON Tools="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    HKLM_Run: SigmatelSysTrayApp=sttray.exe
    HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
    HKCU_Run: ccleaner="C:\Program Files\CCleaner\CCleaner.exe" /AUTO

    ################## [ Informations ]

    # Contenu de l'autorun C:\autorun.inf
    [AutoRun]
    open=i.cmd
    shell\open\Command=i.cmd

    # Contenu de l'autorun F:\autorun.inf
    [AutoRun]
    ;LadK
    open=yh.cmd
    ;rinaaJalslaKl
    shell\open\Command=yh.cmd


    ################## [ Fichiers # Dossiers infectieux ]

    Found ! C:\WINDOWS\system32\gasretyw0.dll
    Found ! C:\WINDOWS\system32\nmdfgds1.dll
    C:\autorun.inf # -> fichier appelé : "C:\i.cmd" ( absent ! )
    Found ! C:\autorun.inf
    Found ! C:\opgde.exe
    Found ! C:\uxkl0apt.bat
    F:\autorun.inf # -> fichier appelé : "F:\yh.cmd" ( présent ! )
    Found ! F:\autorun.inf
    Found ! F:\cv22.cmd
    Found ! F:\gyn.cmd
    Found ! F:\hyetn1i.exe
    Found ! F:\opgde.exe
    Found ! F:\q0dhfjf.exe
    Found ! F:\rcukd.cmd
    Found ! F:\ur0.com
    Found ! F:\uxkl0apt.bat

    ################## [ Registre # Clés infectieuses ]

    # -> Not Found !

    ################## [ Registre # Mountpoint2 ]

    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f9a5fdb-9fb5-1241-bea5-806d6172696f}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f9a5fdb-9fb5-1241-bea5-806d6172696f}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{229ec3ba-f857-11dd-a2c9-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{229ec3ba-f857-11dd-a2c9-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26f3c688-a058-1241-a2c0-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26f3c688-a058-1241-a2c0-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88f134a6-14f2-11de-a307-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88f134a6-14f2-11de-a307-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf0-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf0-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf1-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf1-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf2-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf2-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf3-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf3-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf4-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e1d6cf4-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1661fc8-f9fa-11dd-a2cb-001b63454d0c}\Shell\AutoRun\command
    Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1661fc8-f9fa-11dd-a2cb-001b63454d0c}\Shell\open\Command

    ################## [ ! Fin du rapport # UsbFix V3.006 ! ]

    a c 333 8 Sécurité
    13 Avril 2009 02:07:47

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau .

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    13 Avril 2009 02:16:38

    et voila:


    ############################## [ UsbFix V3.006 ]

    # User : Administrateur (Administrateurs) # IND_PC
    # Update on 11/04/09 by C_XX & Chiquitine29
    # Start at: 02:14:46 | 13/04/2009

    # Intel(R) Core(TM)2 CPU T7400 @ 2.16GHz
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Enabled
    # AV : Avira AntiVir PersonalEdition Classic 8.0.1.30 [ Enabled | Updated ]

    # C:\ # Disque fixe local # 31,47 Go (11,49 Go free) # NTFS
    # D:\ # Disque CD-ROM
    # E:\ # Disque CD-ROM
    # F:\ # Disque amovible # 3,72 Go (2,06 Go free) [GAUTIER] # FAT32

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\AppleOSSMgr.exe
    C:\WINDOWS\system32\AppleTimeSrv.exe
    C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
    C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\lmgrd.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\SW_D.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe

    ################## [ Fichiers # Dossiers infectieux ]

    Deleted ! C:\WINDOWS\system32\gasretyw0.dll
    Deleted ! C:\WINDOWS\system32\nmdfgds1.dll
    C:\autorun.inf # -> fichier appelé : "C:\i.cmd" ( absent ! )
    Deleted ! C:\autorun.inf
    Deleted ! C:\opgde.exe
    Deleted ! C:\uxkl0apt.bat
    F:\autorun.inf # -> fichier appelé : "F:\yh.cmd" ( présent ! )
    Deleted ! -> F:\yh.cmd
    Deleted ! F:\autorun.inf
    Deleted ! F:\cv22.cmd
    Deleted ! F:\gyn.cmd
    Deleted ! F:\hyetn1i.exe
    Deleted ! F:\opgde.exe
    Deleted ! F:\q0dhfjf.exe
    Deleted ! F:\rcukd.cmd
    Deleted ! F:\ur0.com
    Deleted ! F:\uxkl0apt.bat

    ################## [ Registre # Clés infectieuses ]

    # -> Not Found !

    ################## [ Registre # Mountpoint2 ]

    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{229ec3ba-f857-11dd-a2c9-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{229ec3ba-f857-11dd-a2c9-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88f134a6-14f2-11de-a307-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88f134a6-14f2-11de-a307-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf0-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf0-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf1-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf1-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf2-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf2-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf3-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf3-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf4-2073-11de-a30c-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e1d6cf4-2073-11de-a30c-001b63454d0c}\Shell\open\Command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1661fc8-f9fa-11dd-a2cb-001b63454d0c}\Shell\AutoRun\command
    Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1661fc8-f9fa-11dd-a2cb-001b63454d0c}\Shell\open\Command

    ################## [ Listing des fichiers présent ]

    C:\AUTOEXEC.BAT
    C:\NTDETECT.COM
    C:\boot.ini
    F:\qphdin.com

    ################## [ ! Fin du rapport # UsbFix V3.006 ! ]

    a c 333 8 Sécurité
    13 Avril 2009 02:18:03

    Laisse ton périphérique F branché.

  • Désinstalle UsbFix.

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    F:\qphdin.com

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    13 Avril 2009 02:25:00

    voici :

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    F:\qphdin.com moved successfully.
    ========== COMMANDS ==========
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_4b8.dat scheduled to be deleted on reboot.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\md.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\url.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\w.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\wb.vx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\adoc.bx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\md.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\url.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\w.ax scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\wb.vx scheduled to be deleted on reboot.
    Opera cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04132009_022106

    Files moved on Reboot...
    File C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_4b8.dat not found!
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\adoc.bx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\md.dat moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\url.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\w.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0003\wb.vx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\adoc.bx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\md.dat moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\url.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\w.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0002\wb.vx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\adoc.bx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\md.dat moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\url.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\w.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0001\wb.vx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\adoc.bx moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\md.dat moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\url.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\w.ax moved successfully.
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Opera\Opera\Profile\vps\0000\wb.vx moved successfully.
    a c 333 8 Sécurité
    13 Avril 2009 02:28:56

    Ton périphérique F n'est plus infecté, tu peux le retirer.

    On va regarder si tout va bien.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    13 Avril 2009 11:29:56

    apres une bonne nuit, voicu les rapports :

    log.txt :


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-04-13 11:25:29
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 10 GB (32%) free of 32 GB
    Total RAM: 2017 MB (59% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:25:56, on 13/04/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\AppleOSSMgr.exe
    C:\WINDOWS\system32\AppleTimeSrv.exe
    C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
    C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe
    C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\lmgrd.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\WINDOWS\system32\svchost.exe
    C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\SW_D.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rmctrl.exe
    C:\WINDOWS\system32\taskswitch.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\IRW.exe
    C:\Program Files\Boot Camp\KbdMgr.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    c:\program files\avira\antivir personaledition classic\avcenter.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
    C:\Program Files\trend micro\Administrateur.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr&source=iglk
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [IRW] C:\WINDOWS\system32\IRW.exe
    O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\WINDOWS\system32\AppleOSSMgr.exe
    O23 - Service: Apple Time Service (AppleTimeSrv) - Apple Inc. - C:\WINDOWS\system32\AppleTimeSrv.exe
    O23 - Service: Autodesk Data Management Job Dispatch - Autodesk - C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
    O23 - Service: Autodesk EDM Server - Autodesk - C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\lmgrd.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

    --
    End of file - 6910 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RemoteControl"=C:\WINDOWS\system32\rmctrl.exe [2000-10-16 32768]
    "CoolSwitch"=C:\WINDOWS\system32\taskswitch.exe [2002-03-19 45632]
    "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-07-31 142104]
    "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-07-31 162584]
    "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-07-31 138008]
    "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
    "IRW"=C:\WINDOWS\system32\IRW.exe [2007-07-31 147456]
    "Apple_KbdMgr"=C:\Program Files\Boot Camp\KbdMgr.exe [2007-07-31 398640]
    "DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2005-12-10 133016]
    "SigmatelSysTrayApp"=sttray.exe []
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2009-03-24 1488112]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Getting started with MacDrive]
    C:\Program Files\Mediafour\MacDrive 7\MDGetStarted.exe [2008-09-02 141312]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAVPersonal50]
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacDrive application]
    C:\Program Files\Mediafour\MacDrive 7\MacDrive.exe [2008-09-23 201304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2007-07-31 204800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=36
    "NoDriveAutoRun"=FFFFFFFF

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
    "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:o pera Internet Browser"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======File associations======

    .scr - open - C:\WINDOWS\system32\notepad.exe "%1"
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2098-01-01 21:37:20 ----A---- C:\WINDOWS\NeroDigital.ini
    2098-01-01 21:20:22 ----RHD---- C:\MSOCache
    2098-01-01 21:10:56 ----A---- C:\WINDOWS\ODBC.INI
    2098-01-01 21:10:51 ----A---- C:\WINDOWS\system32\mdimon.dll
    2098-01-01 21:09:35 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2098-01-01 21:09:32 ----D---- C:\Program Files\Microsoft Works
    2098-01-01 21:09:25 ----D---- C:\Program Files\Microsoft Visual Studio
    2098-01-01 21:09:11 ----D---- C:\WINDOWS\SHELLNEW
    2098-01-01 21:09:09 ----D---- C:\Program Files\Microsoft Office
    2098-01-01 21:01:39 ----D---- C:\Program Files\Mediafour
    2098-01-01 02:50:12 ----A---- C:\WINDOWS\system32\h323log.txt
    2098-01-01 02:49:34 ----A---- C:\WINDOWS\system32\hidserv.dll
    2098-01-01 02:47:46 ----A---- C:\WINDOWS\system32\usbui.dll
    2098-01-01 02:46:22 ----SHD---- C:\WINDOWS\Installer
    2098-01-01 02:46:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2098-01-01 02:46:21 ----D---- C:\Program Files\Fichiers communs\ODBC
    2098-01-01 02:46:21 ----A---- C:\WINDOWS\ODBCINST.INI
    2098-01-01 02:46:17 ----RD---- C:\Program Files
    2098-01-01 02:46:17 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2098-01-01 02:46:17 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2098-01-01 02:46:17 ----D---- C:\Program Files\Fichiers communs
    2098-01-01 02:46:14 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2098-01-01 02:46:14 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2098-01-01 02:46:14 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2098-01-01 02:46:12 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2098-01-01 02:46:11 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2098-01-01 02:46:11 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2098-01-01 02:46:10 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2098-01-01 02:46:08 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2098-01-01 02:46:08 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2098-01-01 02:46:08 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2098-01-01 02:46:08 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2098-01-01 02:46:08 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2098-01-01 02:46:07 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2098-01-01 02:46:06 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2098-01-01 02:46:01 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2098-01-01 02:46:01 ----A---- C:\WINDOWS\system32\irclass.dll
    2098-01-01 02:46:01 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2098-01-01 02:46:01 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2098-01-01 02:46:01 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2098-01-01 02:45:59 ----N---- C:\WINDOWS\system32\CONFIG.TMP
    2098-01-01 02:45:59 ----A---- C:\WINDOWS\TASKMAN.EXE
    2098-01-01 02:45:58 ----A---- C:\WINDOWS\system32\storprop.dll
    2098-01-01 02:45:58 ----A---- C:\WINDOWS\system32\batt.dll
    2098-01-01 02:45:58 ----A---- C:\WINDOWS\notepad.exe
    2098-01-01 02:45:48 ----RA---- C:\WINDOWS\SET2B.tmp
    2098-01-01 02:45:48 ----RA---- C:\WINDOWS\SET2A.tmp
    2098-01-01 02:45:48 ----RA---- C:\WINDOWS\SET29.tmp
    2098-01-01 02:45:48 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2098-01-01 02:45:45 ----RA---- C:\WINDOWS\SET8.tmp
    2098-01-01 02:45:42 ----RA---- C:\WINDOWS\SET4.tmp
    2098-01-01 02:45:41 ----RA---- C:\WINDOWS\SET3.tmp
    2098-01-01 02:45:36 ----D---- C:\WINDOWS\system32\CatRoot2
    2098-01-01 02:45:36 ----D---- C:\WINDOWS\system32\CatRoot
    2098-01-01 02:45:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2098-01-01 02:44:54 ----SHD---- C:\System Volume Information
    2098-01-01 02:44:54 ----D---- C:\Documents and Settings
    2098-01-01 02:43:33 ----SH---- C:\boot.ini
    2098-01-01 02:43:25 ----HD---- C:\install
    2098-01-01 02:38:44 ----D---- C:\WINDOWS\wpi
    2098-01-01 02:36:12 ----D---- C:\Program Files\DAEMON Tools
    2098-01-01 02:33:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2098-01-01 02:33:19 ----RSD---- C:\WINDOWS\Fonts
    2098-01-01 02:33:19 ----RD---- C:\WINDOWS\Web
    2098-01-01 02:33:19 ----HD---- C:\WINDOWS\inf
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\WinSxS
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\twain_32
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Temp
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\wins
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\wbem
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\usmt
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\spool
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\ShellExt
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\Setup
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\ras
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\oobe
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\npp
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\mui
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\inetsrv
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\IME
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\icsxml
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\ias
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\export
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\drivers
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\dhcp
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\config
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\3com_dmi
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\3076
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\2052
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1054
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1042
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1041
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1037
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1036
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1033
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1031
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1028
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32\1025
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system32
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\system
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\security
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Resources
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\repair
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Provisioning
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\PeerNet
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\pchealth
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\mui
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\msapps
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\msagent
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Media
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\java
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\ime
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Help
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\ehome
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Driver Cache
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Debug
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Cursors
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Connection Wizard
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\Config
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\AppPatch
    2098-01-01 02:33:19 ----D---- C:\WINDOWS\addins
    2098-01-01 02:33:19 ----D---- C:\WINDOWS
    2098-01-01 02:31:57 ----A---- C:\WINDOWS\RussSqr.INI
    2098-01-01 02:24:47 ----SHD---- C:\RECYCLER
    2098-01-01 02:22:15 ----RA---- C:\WINDOWS\system32\igfxres.dll
    2098-01-01 02:19:42 ----D---- C:\Program Files\Intel
    2098-01-01 02:19:00 ----D---- C:\Program Files\Boot Camp
    2098-01-01 02:18:32 ----A---- C:\WINDOWS\system32\IRW.exe
    2098-01-01 02:18:17 ----A---- C:\WINDOWS\system32\wshirda.dll
    2098-01-01 02:18:17 ----A---- C:\WINDOWS\system32\irmon.dll
    2098-01-01 02:18:17 ----A---- C:\WINDOWS\system32\irftp.exe
    2098-01-01 02:18:00 ----D---- C:\Program Files\Motorola
    2098-01-01 02:17:52 ----A---- C:\WINDOWS\alcwzrd.exe
    2098-01-01 02:17:52 ----A---- C:\WINDOWS\Alcmtr.exe
    2098-01-01 02:17:50 ----A---- C:\WINDOWS\SoundMan.exe
    2098-01-01 02:17:50 ----A---- C:\WINDOWS\SkyTel.exe
    2098-01-01 02:17:50 ----A---- C:\WINDOWS\RTHDCPL.exe
    2098-01-01 02:17:50 ----A---- C:\WINDOWS\MicCal.exe
    2098-01-01 02:17:49 ----D---- C:\WINDOWS\system32\RTCOM
    2098-01-01 02:17:49 ----A---- C:\WINDOWS\system32\ChCfg.exe
    2098-01-01 02:17:49 ----A---- C:\WINDOWS\RtlUpd.exe
    2098-01-01 02:17:49 ----A---- C:\WINDOWS\RTLCPL.exe
    2098-01-01 02:17:24 ----D---- C:\Program Files\Realtek
    2098-01-01 02:17:24 ----A---- C:\WINDOWS\HideWin.exe
    2098-01-01 02:17:23 ----A---- C:\WINDOWS\RtlExUpd.dll
    2098-01-01 02:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
    2098-01-01 02:16:53 ----D---- C:\Program Files\SigmaTel
    2098-01-01 02:16:53 ----A---- C:\WINDOWS\system32\staco.dll
    2098-01-01 02:16:53 ----A---- C:\WINDOWS\system32\stacapi.dll
    2098-01-01 02:16:43 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
    2098-01-01 02:15:22 ----RA---- C:\WINDOWS\system32\igldev32.dll
    2098-01-01 02:15:22 ----RA---- C:\WINDOWS\system32\igfxCoIn_v4833.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igxprd32.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igxpgd32.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igxpdx32.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igxpdv32.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\iglicd32.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxzoom.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxtray.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxsrvc.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxsrvc.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxress.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxpph.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxpers.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxext.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxexps.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxdo.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxdev.dll
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\igfxcfg.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\hkcmd.exe
    2098-01-01 02:15:21 ----RA---- C:\WINDOWS\system32\hccutils.dll
    2098-01-01 02:15:04 ----D---- C:\WINDOWS\system32\Lang
    2098-01-01 02:15:03 ----RA---- C:\WINDOWS\system32\igxpun.exe
    2098-01-01 02:15:03 ----RA---- C:\WINDOWS\system32\difxapi.dll
    2098-01-01 02:14:50 ----D---- C:\Intel
    2098-01-01 02:14:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2098-01-01 02:13:50 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
    2098-01-01 02:13:49 ----A---- C:\WINDOWS\system32\ksuser.dll
    2098-01-01 02:13:40 ----D---- C:\Program Files\DIFX
    2098-01-01 02:13:27 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2098-01-01 02:13:26 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2098-01-01 02:13:12 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2098-01-01 02:13:12 ----A---- C:\WINDOWS\system32\WdfCoInstaller01005.dll
    2098-01-01 02:13:12 ----A---- C:\WINDOWS\system32\iSightCI.dll
    2098-01-01 02:12:59 ----D---- C:\Program Files\Apple Software Update
    2098-01-01 02:12:59 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2098-01-01 02:06:57 ----D---- C:\Documents and Settings\Administrateur\Application Data\Identities
    2098-01-01 02:06:55 ----HD---- C:\Program Files\Uninstall Information
    2098-01-01 02:06:24 ----D---- C:\Program Files\WinRAR
    2098-01-01 02:06:15 ----D---- C:\WINDOWS\Downloaded Installations
    2098-01-01 02:06:00 ----D---- C:\Program Files\Secway
    2098-01-01 02:05:46 ----D---- C:\Program Files\Messenger Plus! 3
    2098-01-01 02:05:40 ----D---- C:\Documents and Settings\All Users\Application Data\MSN Messenger 6.2.0137
    2098-01-01 02:05:25 ----A---- C:\WINDOWS\system32\jit.dll
    2098-01-01 02:05:25 ----A---- C:\WINDOWS\setdebug.exe
    2098-01-01 02:05:24 ----A---- C:\WINDOWS\system32\javaee.dll
    2098-01-01 02:05:24 ----A---- C:\WINDOWS\system32\dx3j.dll
    2098-01-01 02:05:23 ----A---- C:\WINDOWS\system32\wjview.exe
    2098-01-01 02:05:23 ----A---- C:\WINDOWS\system32\vmhelper.dll
    2098-01-01 02:05:23 ----A---- C:\WINDOWS\system32\msjdbc10.dll
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\msjava.dll
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\msawt.dll
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\jview.exe
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\jdbgmgr.exe
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\javart.dll
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\javaprxy.dll
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\javacypt.dll
    2098-01-01 02:05:22 ----A---- C:\WINDOWS\system32\clspack.exe
    2098-01-01 02:05:17 ----D---- C:\Program Files\FlashFXP
    2098-01-01 02:05:10 ----D---- C:\Program Files\eMule
    2098-01-01 02:05:07 ----D---- C:\Program Files\antispy
    2098-01-01 02:05:06 ----D---- C:\Program Files\utiles
    2098-01-01 02:05:06 ----D---- C:\Program Files\SuperCopier
    2098-01-01 02:05:01 ----D---- C:\Program Files\UltraISO
    2098-01-01 02:04:08 ----D---- C:\Program Files\Ahead
    2098-01-01 02:03:53 ----D---- C:\Program Files\Copernic Desktop Search
    2098-01-01 02:03:16 ----D---- C:\WINDOWS\RegisteredPackages
    2098-01-01 02:03:05 ----RA---- C:\WINDOWS\system32\rmctrl.exe
    2098-01-01 02:03:05 ----RA---- C:\WINDOWS\system32\ctrldll.dll
    2098-01-01 02:03:05 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2098-01-01 02:03:02 ----HD---- C:\Program Files\InstallShield Installation Information
    2098-01-01 02:03:02 ----D---- C:\Program Files\CyberLink
    2098-01-01 02:02:25 ----D---- C:\Program Files\Microsoft Plus!
    2098-01-01 02:02:25 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2098-01-01 02:02:12 ----D---- C:\Program Files\Microsoft Plus! Digital Media Edition
    2098-01-01 02:01:52 ----D---- C:\Program Files\K-Lite Codec Pack
    2098-01-01 01:58:29 ----ASH---- C:\Documents and Settings\Administrateur\Application Data\desktop.ini
    2098-01-01 01:58:28 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
    2098-01-01 01:58:21 ----D---- C:\WINDOWS\SoftwareDistribution
    2098-01-01 01:58:18 ----SD---- C:\WINDOWS\system32\Microsoft
    2098-01-01 01:58:18 ----N---- C:\WINDOWS\SchedLgU.Txt
    2098-01-01 01:56:11 ----HD---- C:\WINDOWS\$hf_mig$
    2098-01-01 01:55:51 ----A---- C:\WINDOWS\control.ini
    2098-01-01 01:55:51 ----A---- C:\AUTOEXEC.BAT
    2098-01-01 01:55:36 ----A---- C:\WINDOWS\system32\mapi32.dll
    2098-01-01 01:54:49 ----SD---- C:\WINDOWS\Downloaded Program Files
    2098-01-01 01:54:49 ----RD---- C:\WINDOWS\Offline Web Pages
    2098-01-01 01:54:49 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2098-01-01 01:54:43 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2098-01-01 01:54:39 ----HD---- C:\Program Files\WindowsUpdate
    2098-01-01 01:54:34 ----D---- C:\Program Files\Services en ligne
    2098-01-01 01:54:17 ----D---- C:\WINDOWS\system32\DirectX
    2098-01-01 01:53:57 ----A---- C:\WINDOWS\system32\atrace.dll
    2098-01-01 01:53:54 ----A---- C:\WINDOWS\system32\desktop.ini
    2098-01-01 01:53:54 ----A---- C:\WINDOWS\desktop.ini
    2098-01-01 01:53:48 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2098-01-01 01:53:47 ----A---- C:\WINDOWS\system32\acctres.dll
    2098-01-01 01:53:46 ----D---- C:\Program Files\Fichiers communs\Services
    2098-01-01 01:53:44 ----SD---- C:\WINDOWS\Tasks
    2098-01-01 01:53:44 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2098-01-01 01:53:43 ----D---- C:\Program Files\Fichiers communs\MSSoap
    2098-01-01 01:53:39 ----D---- C:\WINDOWS\srchasst
    2098-01-01 01:53:38 ----D---- C:\WINDOWS\system32\Macromed
    2098-01-01 01:53:35 ----A---- C:\WINDOWS\system32\wuweb.dll
    2098-01-01 01:53:35 ----A---- C:\WINDOWS\system32\wups.dll
    2098-01-01 01:53:35 ----A---- C:\WINDOWS\system32\wucltui.dll
    2098-01-01 01:53:35 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2098-01-01 01:53:35 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2098-01-01 01:53:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\wuapi.dll
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\qmgr.dll
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2098-01-01 01:53:34 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2098-01-01 01:53:30 ----D---- C:\Program Files\Movie Maker
    2098-01-01 01:53:26 ----A---- C:\WINDOWS\system32\safrslv.dll
    2098-01-01 01:53:26 ----A---- C:\WINDOWS\system32\safrdm.dll
    2098-01-01 01:53:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2098-01-01 01:53:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2098-01-01 01:53:22 ----D---- C:\WINDOWS\system32\Restore
    2098-01-01 01:53:22 ----A---- C:\WINDOWS\system32\fltmc.exe
    2098-01-01 01:53:22 ----A---- C:\WINDOWS\system32\fltlib.dll
    2098-01-01 01:53:21 ----A---- C:\WINDOWS\system32\srsvc.dll
    2098-01-01 01:53:21 ----A---- C:\WINDOWS\system32\srrstr.dll
    2098-01-01 01:53:21 ----A---- C:\WINDOWS\system32\srclient.dll
    2098-01-01 01:53:21 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2098-01-01 01:53:21 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2098-01-01 01:53:21 ----A---- C:\WINDOWS\system32\ils.dll
    2098-01-01 01:53:20 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2098-01-01 01:53:20 ----A---- C:\WINDOWS\system32\msconf.dll
    2098-01-01 01:53:20 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2098-01-01 01:53:18 ----D---- C:\Program Files\NetMeeting
    2098-01-01 01:53:18 ----A---- C:\WINDOWS\system32\msoert2.dll
    2098-01-01 01:53:18 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2098-01-01 01:53:17 ----A---- C:\WINDOWS\system32\inetres.dll
    2098-01-01 01:53:16 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2098-01-01 01:53:14 ----D---- C:\Program Files\Outlook Express
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\mstinit.exe
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\mstask.dll
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\isign32.dll
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2098-01-01 01:53:14 ----A---- C:\WINDOWS\system32\icwdial.dll
    2098-01-01 01:53:08 ----D---- C:\Program Files\Fichiers communs\System
    2098-01-01 01:53:00 ----D---- C:\Program Files\Internet Explorer
    2098-01-01 01:52:26 ----D---- C:\Program Files\ComPlus Applications
    2098-01-01 01:52:24 ----A---- C:\WINDOWS\vbaddin.ini
    2098-01-01 01:52:24 ----A---- C:\WINDOWS\vb.ini
    2098-01-01 01:52:18 ----D---- C:\WINDOWS\Registration
    2098-01-01 01:52:09 ----D---- C:\Program Files\Windows Media Player
    2098-01-01 01:51:59 ----D---- C:\Program Files\MSN Gaming Zone
    2098-01-01 01:51:59 ----A---- C:\WINDOWS\system32\write.exe
    2098-01-01 01:51:51 ----A---- C:\WINDOWS\system32\hticons.dll
    2098-01-01 01:51:51 ----A---- C:\WINDOWS\system32\avwav.dll
    2098-01-01 01:51:51 ----A---- C:\WINDOWS\system32\avmeter.dll
    2098-01-01 01:51:50 ----A---- C:\WINDOWS\system32\winchat.exe
    2098-01-01 01:51:50 ----A---- C:\WINDOWS\system32\avtapi.dll
    2098-01-01 01:51:42 ----A---- C:\WINDOWS\system32\sol.exe
    2098-01-01 01:51:42 ----A---- C:\WINDOWS\system32\getuname.dll
    2098-01-01 01:51:42 ----A---- C:\WINDOWS\system32\charmap.exe
    2098-01-01 01:51:42 ----A---- C:\WINDOWS\system32\calc.exe
    2098-01-01 01:51:41 ----A---- C:\WINDOWS\system32\winmine.exe
    2098-01-01 01:51:41 ----A---- C:\WINDOWS\system32\usrlogon.cmd
    2098-01-01 01:51:41 ----A---- C:\WINDOWS\system32\tskill.exe
    2098-01-01 01:51:41 ----A---- C:\WINDOWS\system32\reset.exe
    2098-01-01 01:51:41 ----A---- C:\WINDOWS\system32\mshearts.exe
    2098-01-01 01:51:41 ----A---- C:\WINDOWS\system32\freecell.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\tsshutdn.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\tslabels.ini
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\tsdiscon.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\tscon.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\shadow.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\rwinsta.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\regini.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\qwinsta.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\qappsrv.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\msg.exe
    2098-01-01 01:51:40 ----A---- C:\WINDOWS\system32\logoff.exe
    2098-01-01 01:51:39 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2098-01-01 01:51:39 ----A---- C:\WINDOWS\system32\msdtcprf.ini
    2098-01-01 01:51:39 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2098-01-01 01:51:39 ----A---- C:\WINDOWS\system32\cdmodem.dll
    2098-01-01 01:51:38 ----A---- C:\WINDOWS\system32\stclient.dll
    2098-01-01 01:51:38 ----A---- C:\WINDOWS\system32\mtxex.dll
    2098-01-01 01:51:38 ----A---- C:\WINDOWS\system32\mtxdm.dll
    2098-01-01 01:51:38 ----A---- C:\WINDOWS\system32\comsnap.dll
    2098-01-01 01:51:38 ----A---- C:\WINDOWS\system32\comrepl.dll
    2098-01-01 01:51:38 ----A---- C:\WINDOWS\system32\comaddin.dll
    2098-01-01 01:51:33 ----A---- C:\WINDOWS\system32\wmimgmt.msc
    2098-01-01 01:51:32 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2098-01-01 01:51:32 ----A---- C:\WINDOWS\system32\mplay32.exe
    2098-01-01 01:51:32 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2098-01-01 01:51:32 ----A---- C:\WINDOWS\system32\accwiz.exe
    2098-01-01 01:51:31 ----D---- C:\Program Files\Windows NT
    2098-01-01 01:51:31 ----A---- C:\WINDOWS\system32\spider.exe
    2098-01-01 01:51:31 ----A---- C:\WINDOWS\system32\mspaint.exe
    2098-01-01 01:51:31 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\remotepg.dll
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\rdshost.exe
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\mstscax.dll
    2098-01-01 01:51:30 ----A---- C:\WINDOWS\system32\mstsc.exe
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\tscupgrd.exe
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\termsrv.dll
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\rdchost.dll
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\qprocess.exe
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\icaapi.dll
    2098-01-01 01:51:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2098-01-01 01:51:28 ----D---- C:\WINDOWS\system32\MsDtc
    2098-01-01 01:51:28 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2098-01-01 01:51:28 ----A---- C:\WINDOWS\system32\mtxoci.dll
    2098-01-01 01:51:28 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
    2098-01-01 01:51:28 ----A---- C:\WINDOWS\system32\msdtctm.dll
    2098-01-01 01:51:28 ----A---- C:\WINDOWS\system32\msdtcprx.dll
    2098-01-01 01:51:27 ----D---- C:\WINDOWS\system32\Com
    2098-01-01 01:51:27 ----A---- C:\WINDOWS\system32\msdtclog.dll
    2098-01-01 01:51:27 ----A---- C:\WINDOWS\system32\msdtc.exe
    2098-01-01 01:51:27 ----A---- C:\WINDOWS\system32\colbact.dll
    2098-01-01 01:51:27 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2098-01-01 01:51:26 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2098-01-01 01:51:26 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2098-01-01 01:51:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2098-01-01 01:51:26 ----A---- C:\WINDOWS\system32\catsrv.dll
    2098-01-01 01:51:25 ----A---- C:\WINDOWS\system32\comuid.dll
    2098-01-01 01:51:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2098-01-01 01:51:19 ----A---- C:\WINDOWS\system32\servdeps.dll
    2098-01-01 01:51:19 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2098-01-01 01:51:19 ----A---- C:\WINDOWS\system32\licwmi.dll
    2098-01-01 01:51:19 ----A---- C:\WINDOWS\system32\cmprops.dll
    2009-04-13 11:25:31 ----D---- C:\Program Files\trend micro
    2009-04-13 11:25:29 ----D---- C:\rsit
    2009-04-13 10:40:10 ----D---- C:\WINDOWS\LastGood
    2009-04-13 10:38:33 ----D---- C:\Program Files\xerox
    2009-04-13 10:38:32 ----D---- C:\WINDOWS\system32\xircom
    2009-04-13 10:38:31 ----D---- C:\Program Files\microsoft frontpage
    2009-04-13 10:36:01 ----D---- C:\WINDOWS\Prefetch
    2009-04-13 03:45:55 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-04-13 03:35:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
    2009-04-13 03:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-04-13 03:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-04-13 03:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-04-13 03:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-04-13 03:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
    2009-04-13 03:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-04-13 03:24:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2009-04-13 03:24:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-04-13 03:24:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-04-13 03:23:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-04-13 03:23:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-04-13 03:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-04-13 03:23:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-04-13 03:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-04-13 03:22:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2009-04-13 03:22:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-04-13 03:22:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-04-13 03:22:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-04-13 03:21:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-04-13 03:21:43 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-04-13 03:21:40 ----D---- C:\WINDOWS\LastGood.Tmp
    2009-04-13 03:16:46 ----D---- C:\Program Files\Messenger
    2009-04-13 03:16:25 ----D---- C:\WINDOWS\system32\fr
    2009-04-13 03:16:25 ----D---- C:\WINDOWS\l2schemas
    2009-04-13 03:16:25 ----D---- C:\Program Files\msn
    2009-04-13 03:16:24 ----D---- C:\WINDOWS\system32\bits
    2009-04-13 03:13:59 ----D---- C:\WINDOWS\ServicePackFiles
    2009-04-13 03:11:17 ----D---- C:\WINDOWS\network diagnostic
    2009-04-13 03:07:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-04-13 02:58:00 ----N---- C:\WINDOWS\system32\xmllite.dll
    2009-04-13 02:57:53 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2009-04-13 02:57:45 ----N---- C:\WINDOWS\system32\verclsid.exe
    2009-04-13 02:57:39 ----N---- C:\WINDOWS\system32\tspkg.dll
    2009-04-13 02:57:39 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2009-04-13 02:57:28 ----N---- C:\WINDOWS\system32\spupdwxp.exe
    2009-04-13 02:57:27 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
    2009-04-13 02:57:25 ----N---- C:\WINDOWS\system32\slserv.exe
    2009-04-13 02:57:25 ----N---- C:\WINDOWS\system32\slrundll.exe
    2009-04-13 02:57:25 ----N---- C:\WINDOWS\system32\slgen.dll
    2009-04-13 02:57:25 ----N---- C:\WINDOWS\system32\slextspk.dll
    2009-04-13 02:57:25 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2009-04-13 02:57:25 ----N---- C:\WINDOWS\slrundll.exe
    2009-04-13 02:57:21 ----N---- C:\WINDOWS\system32\setupn.exe
    2009-04-13 02:57:17 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2009-04-13 02:57:16 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2009-04-13 02:57:14 ----N---- C:\WINDOWS\system32\rasqec.dll
    2009-04-13 02:57:12 ----N---- C:\WINDOWS\system32\qutil.dll
    2009-04-13 02:57:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2009-04-13 02:57:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2009-04-13 02:57:10 ----N---- C:\WINDOWS\system32\qagent.dll
    2009-04-13 02:57:04 ----N---- C:\WINDOWS\system32\onex.dll
    2009-04-13 02:57:01 ----N---- C:\WINDOWS\system32\nv4_disp.dll
    2009-04-13 02:56:52 ----N---- C:\WINDOWS\system32\napstat.exe
    2009-04-13 02:56:52 ----N---- C:\WINDOWS\system32\napmontr.dll
    2009-04-13 02:56:51 ----N---- C:\WINDOWS\system32\napipsec.dll
    2009-04-13 02:56:51 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2009-04-13 02:56:50 ----A---- C:\WINDOWS\system32\msxml6r.dll
    2009-04-13 02:56:47 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2009-04-13 02:56:47 ----N---- C:\WINDOWS\system32\mssha.dll
    2009-04-13 02:56:27 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2009-04-13 02:56:27 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2009-04-13 02:56:27 ----N---- C:\WINDOWS\system32\mmcex.dll
    2009-04-13 02:56:27 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2009-04-13 02:56:24 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2009-04-13 02:56:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2009-04-13 02:56:10 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2009-04-13 02:56:09 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2009-04-13 02:56:09 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2009-04-13 02:56:09 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2009-04-13 02:56:09 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2009-04-13 02:56:02 ----N---- C:\WINDOWS\system32\smtpapi.dll
    2009-04-13 02:56:02 ----N---- C:\WINDOWS\system32\rwnh.dll
    2009-04-13 02:55:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
    2009-04-13 02:55:51 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2009-04-13 02:55:42 ----N---- C:\WINDOWS\system32\faxpatch.exe
    2009-04-13 02:55:42 ----A---- C:\WINDOWS\002726_.tmp
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eapqec.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eapphost.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2009-04-13 02:55:40 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2009-04-13 02:55:35 ----N---- C:\WINDOWS\system32\dot3api.dll
    2009-04-13 02:55:33 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2009-04-13 02:55:33 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2009-04-13 02:55:32 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2009-04-13 02:55:28 ----N---- C:\WINDOWS\system32\credssp.dll
    2009-04-13 02:55:19 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2009-04-13 02:55:19 ----N---- C:\WINDOWS\system32\azroles.dll
    2009-04-13 02:55:17 ----N---- C:\WINDOWS\system32\ativvaxx.dll
    2009-04-13 02:55:17 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2009-04-13 02:55:16 ----N---- C:\WINDOWS\system32\ati3duag.dll
    2009-04-13 02:55:16 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2009-04-13 02:55:15 ----N---- C:\WINDOWS\system32\ati2dvag.dll
    2009-04-13 02:55:15 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2009-04-13 02:55:15 ----N---- C:\WINDOWS\system32\ati2cqag.dll
    2009-04-13 02:55:06 ----N---- C:\WINDOWS\system32\aaclient.dll
    2009-04-13 02:21:06 ----D---- C:\_OTMoveIt
    2009-04-13 02:13:11 ----A---- C:\UsbFix.txt
    2009-04-13 02:01:33 ----D---- C:\UsbFix
    2009-04-12 16:46:47 ----D---- C:\Program Files\CCleaner
    2009-04-12 16:25:53 ----D---- C:\Program Files\Avira
    2009-04-12 16:25:53 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-04-08 18:44:31 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2009-04-08 18:44:31 ----A---- C:\WINDOWS\system32\mucltui.dll
    2009-04-02 16:34:50 ----D---- C:\Documents and Settings\Administrateur\Application Data\CyberLink
    2009-03-17 20:59:52 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk, Inc
    2009-03-17 19:45:14 ----D---- C:\Program Files\Microsoft
    2009-03-17 19:44:57 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-03-17 19:44:32 ----D---- C:\Program Files\Windows Live
    2009-03-17 19:41:03 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-03-17 19:19:43 ----D---- C:\autodesk
    2009-03-16 18:39:56 ----D---- C:\WINDOWS\SxsCaPendDel
    2009-03-15 22:17:09 ----D---- C:\Program Files\PC Inspector File Recovery
    2009-03-15 16:53:27 ----D---- C:\Program Files\Schneider Widget
    2009-03-15 15:43:18 ----D---- C:\WINDOWS\system32\LogFiles
    2009-03-14 12:52:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-03-14 12:52:16 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-03-14 12:52:16 ----D---- C:\Program Files\Adobe

    ======List of files/folders modified in the last 1 months======

    2009-04-13 10:40:20 ----D---- C:\Config.Msi
    2009-04-13 03:16:27 ----D---- C:\WINDOWS\system32\fr-FR
    2009-03-17 21:15:53 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
    2009-03-17 21:15:53 ----D---- C:\Documents and Settings\Administrateur\Application Data\Autodesk
    2009-03-17 21:09:54 ----RSD---- C:\WINDOWS\assembly
    2009-03-17 21:09:06 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared
    2009-03-16 18:40:55 ----D---- C:\Temp
    2009-03-15 21:15:13 ----D---- C:\Program Files\Autodesk
    2009-03-15 20:48:32 ----D---- C:\Program Files\Opera
    2009-03-15 17:42:36 ----D---- C:\Program Files\SolidWorks
    2009-03-15 17:41:44 ----D---- C:\Program Files\Fichiers communs\Bluebeam Software
    2009-03-15 17:26:48 ----D---- C:\Program Files\Autodesk Student Community Download Tool
    2009-03-14 12:53:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 KeyAgent;KeyAgent; \??\C:\WINDOWS\system32\drivers\KeyAgent.sys []
    R2 MacHALDriver;Mac HAL; \??\C:\WINDOWS\system32\drivers\MacHALDriver.sys []
    R3 aapltctp;Apple Trackpad Enabler; C:\WINDOWS\system32\DRIVERS\aapltctp.sys [2007-07-31 4224]
    R3 aapltp;Apple Trackpad; C:\WINDOWS\system32\DRIVERS\aapltp.sys [2007-07-31 35072]
    R3 applebt;Apple Built-in Bluetooth; C:\WINDOWS\system32\DRIVERS\applebt.sys [2007-07-31 8064]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5416.sys [2007-07-31 1296800]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    R3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
    R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    R3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 DevUpper;iSight Filter Driver; C:\WINDOWS\system32\DRIVERS\iSightFT.sys [2007-07-31 8320]
    R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2098-01-01 223128]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-07-31 5761760]
    R3 IRRemoteFlt;IR Receiver Filter Driver; C:\WINDOWS\system32\DRIVERS\IRFilter.sys [2007-07-31 16512]
    R3 KeyMagic;USB Keyboard HID Filter; C:\WINDOWS\system32\DRIVERS\KeyMagic.sys [2007-07-31 13824]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-10-29 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-07-31 1177864]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-07-31 255232]
    S3 BthKicker;Apple Bluetooth Device Driver; C:\WINDOWS\system32\DRIVERS\BthKicker.sys [2007-07-31 7424]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 iSightUpdate;iSight Update Driver; C:\WINDOWS\system32\DRIVERS\iSightUP.sys [2007-07-31 18304]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 utm3ndi4;AVZ Kernel Driver; \??\C:\WINDOWS\system32\Drivers\utm3ndi4.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 AppleOSSMgr;Apple OS Switch Manager; C:\WINDOWS\system32\AppleOSSMgr.exe [2007-07-31 116016]
    R2 AppleTimeSrv;Apple Time Service; C:\WINDOWS\system32\AppleTimeSrv.exe [2007-07-31 99632]
    R2 Autodesk Data Management Job Dispatch;Autodesk Data Management Job Dispatch; C:\Program Files\Autodesk\Data Management Server 2009\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe [2008-02-17 32768]
    R2 Autodesk EDM Server;Autodesk EDM Server; C:\Program Files\Autodesk\Data Management Server 2009\Server\Webserver\Connectivity.EDMWS.Server.exe [2008-02-17 57344]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 MacDriveService;MacDrive service; C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe [2008-09-02 150528]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
    R2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-09 29178224]
    R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; C:\flexlm\Solidworks 2005 sp0 Fr\SolidWorks 2005 SP0 crack\Crack\lmgrd.exe [2003-03-26 630272]
    R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
    R2 STacSV;SigmaTel Audio Service; C:\WINDOWS\system32\STacSV.exe [2007-07-31 86016]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-03-13 79360]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-13 45272]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
    S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-09 242544]

    -----------------EOF-----------------











    et voici info.txt :


    info.txt logfile of random's system information tool 1.06 2009-04-13 11:26:01

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
    Alt-Tab Task Switcher Powertoy for Windows XP-->MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
    Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Autodesk Data Management Server 2009-->C:\Program Files\Autodesk\Data Management Server 2009\Setup\setup.exe /p {BB9FF67B-1A16-491B-81C5-272B145FEAB7} /M SERVER
    Autodesk Data Management Server 2009-->MsiExec.exe /X{BB9FF67B-1A16-491B-81C5-272B145FEAB7}
    Autodesk Inventor Professional 2009-->C:\Program Files\Autodesk\Inventor 2009\Setup\Setup.exe /P {7F4DD591-1300-0409-0000-7107D70F3DB4} /M INVENTOR
    Autodesk Inventor Professional 2009-->MsiExec.exe /I{7F4DD591-1300-0409-0000-7107D70F3DB4}
    Autodesk Student Community Download Tool-->"C:\Program Files\Autodesk Student Community Download Tool\unins000.exe"
    Autodesk Vault 2009 (Client)-->C:\Program Files\Autodesk\Vault 2009\Setup\setup.exe /p {B4013E5D-C833-4C8D-A942-AD7BBDFD9389} /M VAULT
    Autodesk Vault 2009 (Client)-->MsiExec.exe /X{B4013E5D-C833-4C8D-A942-AD7BBDFD9389}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Copernic Desktop Search-->C:\Program Files\Copernic Desktop Search\uninst.exe
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    DWG TrueView 2009-->C:\Program Files\DWG TrueView 2009\Setup\Setup.exe /P {5783F2D6-7028-040C-0000-0060B0CE6BBA} /M AOEM
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
    GetDataBack for NTFS-->"F:\GetDataBack for NTFS\Uninstall.exe" "F:\GetDataBack for NTFS\install.log" -u
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
    K-Lite Codec Pack 2.24 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    MacDrive 7-->MsiExec.exe /X{D2A46935-A078-4EEC-86D5-4516CAD862F5}
    Messenger Plus! 3-->"C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /Uninstall
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Plus! Digital Media Edition-->MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}
    Microsoft Plus! pour Windows XP-->MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}
    Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
    Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{3F59A7E0-BC01-4435-9E93-C7D7015C21DA}
    Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
    Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829}
    Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
    Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Services Boot Camp-->MsiExec.exe /I{E56CCF4E-16D3-499E-9911-CB9A380665F3}
    SigmaTel Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C
    a c 333 8 Sécurité
    13 Avril 2009 12:22:18

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS