Votre question

[Résolu]Impossible supprimer ce trojan. besoin d'aide

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Mars 2009 01:18:22

Bonsoir,

cela fait maintenant plusieurs jours que j'ai choppé un trojan. Avast me le détecte mais il refuse de le supprimer.
Dans un premier temp je l'ai placé en quarantaine mais apparement cela ne suffit pas.
Ensuite j'ai essayé de le supprimer manuellement mais après j'ai eu beau chercher sur le disque je ne l'ai jamais trouvé.
Donc je me suis dis que j'allais passer par dos, et la effectivement je l'ai trouvé.
le problème est que la commande del mssn.exe (c'est le nom du fichier) ne fonctionne pas. Il me dit " Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus."
Donc voila je ne sais plus quoi faire et c'est pour cette raison que je m'en remet à vous.
Pourriez-vous m'aider car cette sal.... commence à me prendre la tête.
Merçi d'avance

Autres pages sur : resolu impossible supprimer trojan besoin aide

a c 295 8 Sécurité
1 Mars 2009 01:25:22

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    1 Mars 2009 01:43:54

    Tous d'abord je te remercie de l'aide que tu peux m'apporter :-)

    Voilà déja le log.txt

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by _____________ at 2009-03-01 01:34:11
    Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
    System drive C: has 30 GB (21%) free of 143 GB
    Total RAM: 6134 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:34:27, on 1/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
    C:\Users\MERTEN~1\AppData\Roaming\ieudinit.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
    C:\Windows\vVX3000.exe
    C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\ASUS\OC Palm\AsG_Manager.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\LaunchApplication\AsG_LaunchApplication.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\TurboV\AsG_TurboV.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\HardwareMonitoring\AsG_HardwareMonitor.exe
    C:\Program Files (x86)\Asus\OC Palm\Gadgets\ywidget\ywidget.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\ASUS\Ai Suite\AiSuite.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10a.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Mertens Franck\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Mertens Franck.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Roaming\ieudinit.exe
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe" -startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] "C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10631 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A3003B3A-7AC8-4454-B2FD-BACB953DBB8F}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-02 1082880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-11 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-11 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-09-12 4039168]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "Corel Photo Downloader"=C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe -startup []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2008-05-28 380928]
    "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2008-04-15 1310720]
    "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "Corel File Shell Monitor"=C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [2007-12-01 38400]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-11 136600]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1555968]
    "WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "NoActiveDesktopChanges"=
    "ForceActiveDesktopOn"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\SysWOW64\Notepad.exe %1
    .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-03-01 01:34:12 ----D---- C:\Program Files (x86)\trend micro
    2009-03-01 01:34:11 ----D---- C:\rsit
    2009-02-26 19:28:46 ----A---- C:\Windows\system32\icardres.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\infocardapi.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\icardagt.exe
    2009-02-26 19:28:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-26 19:28:39 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-02-26 19:23:36 ----A---- C:\Windows\system32\netfxperf.dll
    2009-02-26 19:23:21 ----A---- C:\Windows\system32\dfshim.dll
    2009-02-26 19:23:12 ----A---- C:\Windows\system32\mscoree.dll
    2009-02-26 19:23:03 ----A---- C:\Windows\system32\mscorier.dll
    2009-02-26 19:22:58 ----A---- C:\Windows\system32\mscories.dll
    2009-02-13 12:52:43 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-13 12:52:40 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files\Skype
    2009-02-03 17:36:49 ----RD---- C:\Program Files (x86)\Skype

    ======List of files/folders modified in the last 1 months======

    2009-03-01 01:34:25 ----D---- C:\Windows\Prefetch
    2009-03-01 01:34:17 ----D---- C:\Windows\Temp
    2009-03-01 01:34:12 ----RD---- C:\Program Files (x86)
    2009-03-01 01:30:21 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Skype
    2009-03-01 00:18:24 ----D---- C:\Program Files (x86)\Warhammer Online - Age of Reckoning
    2009-02-28 23:56:15 ----D---- C:\Windows\system32\drivers
    2009-02-28 12:07:15 ----D---- C:\Windows\system32\GdgEvent
    2009-02-27 01:53:42 ----SHD---- C:\System Volume Information
    2009-02-26 21:22:59 ----D---- C:\Windows\rescache
    2009-02-26 21:11:29 ----RSD---- C:\Windows\assembly
    2009-02-26 21:11:29 ----D---- C:\Windows\Microsoft.NET
    2009-02-26 21:06:58 ----D---- C:\Windows\System32
    2009-02-26 21:06:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
    2009-02-26 21:00:20 ----D---- C:\Windows\system32\fr-FR
    2009-02-26 21:00:19 ----D---- C:\Windows\system32\XPSViewer
    2009-02-26 21:00:18 ----D---- C:\Windows\SysWOW64
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\wbem
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\en-US
    2009-02-26 19:37:03 ----SHD---- C:\Windows\Installer
    2009-02-26 19:37:03 ----HD---- C:\Config.Msi
    2009-02-26 19:36:49 ----D---- C:\Windows\winsxs
    2009-02-24 23:58:17 ----D---- C:\Windows\Minidump
    2009-02-24 23:58:13 ----D---- C:\Windows
    2009-02-24 10:05:23 ----D---- C:\Program Files (x86)\Steam
    2009-02-24 09:22:57 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-02-20 10:56:53 ----D---- C:\Windows\inf
    2009-02-17 19:55:52 ----SD---- C:\Windows\Downloaded Program Files
    2009-02-16 18:45:30 ----D---- C:\Program Files (x86)\Messenger Plus! Live
    2009-02-13 12:55:22 ----D---- C:\Windows\ehome
    2009-02-13 12:54:26 ----D---- C:\ProgramData\Microsoft Help
    2009-02-13 12:53:48 ----D---- C:\Program Files (x86)\Windows Mail
    2009-02-09 19:54:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-02-04 00:00:46 ----D---- C:\Users\Mertens Franck\AppData\Roaming\skypePM
    2009-02-03 17:36:50 ----D---- C:\ProgramData\Skype
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
    R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
    R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys []
    R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys []
    R3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service; C:\Windows\system32\DRIVERS\AVerBDA3x_x64.sys []
    R3 dc3d;USBCCGP filter driver (dc3d); C:\Windows\system32\DRIVERS\dc3d.sys []
    R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys []
    R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys []
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
    R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
    R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
    R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2007-03-20 61440]
    R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 MSCamSvc;MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe [2007-05-17 443752]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe []
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-01-16 316664]
    S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

    -----------------EOF-----------------


    Et voici le info.txt

    info.txt logfile of random's system information tool 1.05 2009-03-01 01:34:29

    ======Uninstall list======

    -->MsiExec /X{CD6E97C6-310B-487A-945E-18965FF0E20E}
    -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x40c
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    AI Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c
    Archiveur WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
    ASUS Gamer OSD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}\setup.exe" -l0x9 -removeonly
    ASUS OC Palm-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6F1EED1A-B73F-41E4-93A6-246E577FC48D}\setup.exe" -l0x40c REMOVE
    ASUS Smart Doctor-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{47A54EF5-D26E-430A-A1A7-A34BC187D70A} /l1036
    ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x40c
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Corel MediaOne-->MsiExec.exe /I{A062A15F-9CAC-4B88-98DF-87628A0BD721}
    Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
    Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
    EA Download Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
    eMule-->"C:\Program Files (x86)\eMule\Uninstall.exe"
    EPU-6 Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
    Express Gate Updater-->MsiExec.exe /X{30E1022C-17EB-482A-8C82-16B79B98C4E4}
    Fraps (remove only)-->"C:\Program Files (x86)\Fraps\uninstall.exe"
    Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
    HijackThis 2.0.2-->"C:\Program Files (x86)\trend micro\HijackThis.exe" /uninstall
    Host OpenAL (ADI)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x40c /remove
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
    HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    K-Lite Mega Codec Pack 4.1.7-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
    Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe
    Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
    Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mozilla Firefox (3.0.6)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
    NVIDIA PhysX v8.06.12-->MsiExec.exe /X{CD6E97C6-310B-487A-945E-18965FF0E20E}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PC Probe II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
    Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    Services Off-line de Home'Bank 4.51-->"C:\Program Files (x86)\ING\Off-line\unins000.exe"
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    SoundMAX-->C:\Program Files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe -runfromtemp -l0x040c -removeonly
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    TurboV-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A31951C5-DCD8-4DFE-A525-CFC701F54792}\setup.exe" -l0x40c
    Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
    Warhammer Online: Age of Reckoning-->"C:\Program Files (x86)\Warhammer Online - Age of Reckoning\unins000.exe"
    Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
    Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}

    ======Security center information======

    AV: avast! antivirus 4.8.1229 [VPS 081227-0]
    AS: Windows Defender
    AS: avast! antivirus 4.8.1229 [VPS 081227-0]

    System event log

    Computer Name: Intel_I7_965
    Event Code: 1001
    Message: L’analyse Windows Defender a terminé.
    ID de l’analyse : {1E4BB67D-277C-444B-BE5C-B1BFC7054633}
    Type de l’analyse : Logiciel anti-espion
    Paramètres de l’analyse : Analyse rapide
    Utilisateur : Intel_I7_965\_________
    Heure de l’analyse : 0:03:25
    Record Number: 56220
    Source Name: Microsoft-Windows-Windows Defender
    Time Written: 20090228233434.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 1000
    Message: L’analyse Windows Defender a démarré.
    ID de l’analyse : {0948FC64-2DFD-4B31-AC48-2389B2B81F3E}
    Type de l’analyse : Logiciel anti-espion
    Paramètres de l’analyse : Analyse complète
    Utilisateur : Intel_I7_965\Mertens Franck
    Record Number: 56221
    Source Name: Microsoft-Windows-Windows Defender
    Time Written: 20090228233635.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 1103
    Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
    Record Number: 56222
    Source Name: Microsoft-Windows-Dhcp-Client
    Time Written: 20090228235439.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 1002
    Message: L’analyse Windows Defender a été arrêtée avant la fin.
    ID de l’analyse : {0948FC64-2DFD-4B31-AC48-2389B2B81F3E}
    Type de l’analyse : Logiciel anti-espion
    Paramètres de l’analyse : Analyse complète
    Utilisateur : Intel_I7_965\Mertens Franck
    Record Number: 56223
    Source Name: Microsoft-Windows-Windows Defender
    Time Written: 20090301002823.000000-000
    Event Type: Avertissement
    User:

    Computer Name: Intel_I7_965
    Event Code: 7036
    Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
    Record Number: 56224
    Source Name: Service Control Manager
    Time Written: 20090301003244.000000-000
    Event Type: Information
    User:

    Application event log

    Computer Name: Intel_I7_965
    Event Code: 9013
    Message: Le Gestionnaire de fenêtrage n’a pas pu démarrer, car la composition du Bureau a été désactivée par une application en cours d’exécution
    Record Number: 7652
    Source Name: Desktop Window Manager
    Time Written: 20090228231837.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 9010
    Message: Une demande de désactivation du Gestionnaire de fenêtrage a été effectuée par le processus (2628)
    Record Number: 7653
    Source Name: Desktop Window Manager
    Time Written: 20090228231852.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 9013
    Message: Le Gestionnaire de fenêtrage n’a pas pu démarrer, car la composition du Bureau a été désactivée par une application en cours d’exécution
    Record Number: 7654
    Source Name: Desktop Window Manager
    Time Written: 20090228231852.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 9010
    Message: Une demande de désactivation du Gestionnaire de fenêtrage a été effectuée par le processus (2628)
    Record Number: 7655
    Source Name: Desktop Window Manager
    Time Written: 20090228231856.000000-000
    Event Type: Information
    User:

    Computer Name: Intel_I7_965
    Event Code: 9013
    Message: Le Gestionnaire de fenêtrage n’a pas pu démarrer, car la composition du Bureau a été désactivée par une application en cours d’exécution
    Record Number: 7656
    Source Name: Desktop Window Manager
    Time Written: 20090228231856.000000-000
    Event Type: Information
    User:

    Security event log

    Computer Name: Intel_I7_965
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 18768
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090228185450.366223-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Intel_I7_965
    Event Code: 4648
    Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : INTEL_I7_965$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Compte dont les informations d’identification ont été utilisées :
    Nom du compte : Mertens Franck
    Domaine du compte : Intel_I7_965
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Serveur cible :
    Nom du serveur cible : localhost
    Informations supplémentaires : localhost

    Informations sur le processus :
    ID du processus : 0x29c
    Nom du processus : C:\Windows\System32\winlogon.exe

    Informations sur le réseau :
    Adresse du réseau : 127.0.0.1
    Port : 0

    Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
    Record Number: 18769
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090228185457.570269-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Intel_I7_965
    Event Code: 4624
    Message: L’ouverture de session d’un compte s’est correctement déroulée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : INTEL_I7_965$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Type d’ouverture de session : 2

    Nouvelle ouverture de session :
    ID de sécurité : S-1-5-21-3293256203-1262480290-3979595184-1000
    Nom du compte : Mertens Franck
    Domaine du compte : Intel_I7_965
    ID d’ouverture de session : 0x4fdac
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Informations sur le processus :
    ID du processus : 0x29c
    Nom du processus : C:\Windows\System32\winlogon.exe

    Informations sur le réseau :
    Nom de la station de travail : INTEL_I7_965
    Adresse du réseau source : 127.0.0.1
    Port source : 0

    Informations détaillées sur l’authentification :
    Processus d’ouverture de session : User32
    Package d’authentification : Negotiate
    Services en transit : -
    Nom du package (NTLM uniquement) : -
    Longueur de la clé : 0

    Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

    Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

    Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

    Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

    Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

    Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
    - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
    - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
    - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
    - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
    Record Number: 18770
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090228185457.570269-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Intel_I7_965
    Event Code: 4624
    Message: L’ouverture de session d’un compte s’est correctement déroulée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : INTEL_I7_965$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Type d’ouverture de session : 2

    Nouvelle ouverture de session :
    ID de sécurité : S-1-5-21-3293256203-1262480290-3979595184-1000
    Nom du compte : Mertens Franck
    Domaine du compte : Intel_I7_965
    ID d’ouverture de session : 0x4fdd5
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Informations sur le processus :
    ID du processus : 0x29c
    Nom du processus : C:\Windows\System32\winlogon.exe

    Informations sur le réseau :
    Nom de la station de travail : INTEL_I7_965
    Adresse du réseau source : 127.0.0.1
    Port source : 0

    Informations détaillées sur l’authentification :
    Processus d’ouverture de session : User32
    Package d’authentification : Negotiate
    Services en transit : -
    Nom du package (NTLM uniquement) : -
    Longueur de la clé : 0

    Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

    Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

    Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

    Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

    Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

    Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
    - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
    - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
    - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
    - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
    Record Number: 18771
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090228185457.570269-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Intel_I7_965
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-21-3293256203-1262480290-3979595184-1000
    Nom du compte : Mertens Franck
    Domaine du compte : Intel_I7_965
    ID d’ouverture de session : 0x4fdac

    Privilèges : SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 18772
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090228185457.570269-000
    Event Type: Succès de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 26 Stepping 4, GenuineIntel
    "PROCESSOR_REVISION"=1a04
    "NUMBER_OF_PROCESSORS"=8

    -----------------EOF-----------------


    Voilà
    Contenus similaires
    a c 295 8 Sécurité
    1 Mars 2009 02:04:05

    1/

  • Cherche ce fichier : C:\Program Files (x86)\trend micro\Mertens Franck.exe
  • Clique droit sur ce fichier et choisis Exécuter en tant qu'administrateur.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Roaming\ieudinit.exe

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.



    2/

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Clique droit sur OTMoveIt3.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\Users\MERTEN~1\AppData\Roaming\ieudinit.exe

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    1 Mars 2009 02:20:02

    Voici le rapport

    ========== PROCESSES ==========
    Unable to kill process: explorer.exe
    ========== FILES ==========
    C:\Users\MERTEN~1\AppData\Roaming\ieudinit.exe moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_0rMxoTRff797na4GwMR5 scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_0rMxoTRff797na4GwMR5-journal scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF38E9.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF520E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF532D.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF5388.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF553B.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF5567.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DF5573.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03012009_020900

    Files moved on Reboot...
    File C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_0rMxoTRff797na4GwMR5 not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_0rMxoTRff797na4GwMR5-journal not found!
    C:\Users\MERTEN~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\MERTEN~1\AppData\Local\Temp\~DF38E9.tmp moved successfully.
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DF520E.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DF532D.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DF5388.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DF553B.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DF5567.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DF5573.tmp not found!
    File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
    a c 295 8 Sécurité
    1 Mars 2009 02:22:45

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    1 Mars 2009 02:29:23

    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1813
    Windows 6.0.6001 Service Pack 1

    1/03/2009 2:24:09
    mbam-log-2009-03-01 (02-24-09).txt

    Type de recherche: Examen rapide
    Eléments examinés: 55256
    Temps écoulé: 1 minute(s), 52 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\users\merten~1\appdata\roaming\mstsc.exe -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Mertens Franck\AppData\Roaming\mstsc.exe (Trojan.Agent) -> Delete on reboot.
    a c 295 8 Sécurité
    1 Mars 2009 02:30:40

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    1 Mars 2009 02:36:22

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Mertens Franck at 2009-03-01 02:31:17
    Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
    System drive C: has 30 GB (21%) free of 143 GB
    Total RAM: 6134 MB (69% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:31:20, on 1/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files (x86)\ASUS\OC Palm\AsG_Manager.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
    C:\Windows\vVX3000.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\LaunchApplication\AsG_LaunchApplication.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\TurboV\AsG_TurboV.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\HardwareMonitoring\AsG_HardwareMonitor.exe
    C:\Program Files (x86)\Asus\OC Palm\Gadgets\ywidget\ywidget.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\ASUS\Ai Suite\AiSuite.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10a.exe
    C:\Users\Mertens Franck\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Mertens Franck.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe" -startup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] "C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10540 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A3003B3A-7AC8-4454-B2FD-BACB953DBB8F}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-02 1082880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-11 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-11 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-09-12 4039168]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "Corel Photo Downloader"=C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe -startup []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2008-05-28 380928]
    "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2008-04-15 1310720]
    "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "Corel File Shell Monitor"=C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [2007-12-01 38400]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-11 136600]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1555968]
    "WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\SysWOW64\Notepad.exe %1
    .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-03-01 02:20:37 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\ProgramData\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-03-01 02:09:00 ----D---- C:\_OTMoveIt
    2009-03-01 01:34:12 ----D---- C:\Program Files (x86)\trend micro
    2009-03-01 01:34:11 ----D---- C:\rsit
    2009-02-26 19:28:46 ----A---- C:\Windows\system32\icardres.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\infocardapi.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\icardagt.exe
    2009-02-26 19:28:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-26 19:28:39 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-02-26 19:23:36 ----A---- C:\Windows\system32\netfxperf.dll
    2009-02-26 19:23:21 ----A---- C:\Windows\system32\dfshim.dll
    2009-02-26 19:23:12 ----A---- C:\Windows\system32\mscoree.dll
    2009-02-26 19:23:03 ----A---- C:\Windows\system32\mscorier.dll
    2009-02-26 19:22:58 ----A---- C:\Windows\system32\mscories.dll
    2009-02-13 12:52:43 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-13 12:52:40 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files\Skype
    2009-02-03 17:36:49 ----RD---- C:\Program Files (x86)\Skype

    ======List of files/folders modified in the last 1 months======

    2009-03-01 02:31:17 ----D---- C:\Windows\Temp
    2009-03-01 02:30:58 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Skype
    2009-03-01 02:29:57 ----D---- C:\Windows\Prefetch
    2009-03-01 02:29:24 ----D---- C:\Windows\system32\drivers
    2009-03-01 02:20:32 ----RD---- C:\Program Files (x86)
    2009-03-01 02:20:32 ----HD---- C:\ProgramData
    2009-03-01 02:13:08 ----D---- C:\Windows\system32\GdgEvent
    2009-03-01 00:18:24 ----D---- C:\Program Files (x86)\Warhammer Online - Age of Reckoning
    2009-02-27 01:53:42 ----SHD---- C:\System Volume Information
    2009-02-26 21:22:59 ----D---- C:\Windows\rescache
    2009-02-26 21:11:29 ----RSD---- C:\Windows\assembly
    2009-02-26 21:11:29 ----D---- C:\Windows\Microsoft.NET
    2009-02-26 21:06:58 ----D---- C:\Windows\System32
    2009-02-26 21:06:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
    2009-02-26 21:00:20 ----D---- C:\Windows\system32\fr-FR
    2009-02-26 21:00:19 ----D---- C:\Windows\system32\XPSViewer
    2009-02-26 21:00:18 ----D---- C:\Windows\SysWOW64
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\wbem
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\en-US
    2009-02-26 19:37:03 ----SHD---- C:\Windows\Installer
    2009-02-26 19:37:03 ----HD---- C:\Config.Msi
    2009-02-26 19:36:49 ----D---- C:\Windows\winsxs
    2009-02-24 23:58:17 ----D---- C:\Windows\Minidump
    2009-02-24 23:58:13 ----D---- C:\Windows
    2009-02-24 10:05:23 ----D---- C:\Program Files (x86)\Steam
    2009-02-24 09:22:57 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-02-20 10:56:53 ----D---- C:\Windows\inf
    2009-02-17 19:55:52 ----SD---- C:\Windows\Downloaded Program Files
    2009-02-16 18:45:30 ----D---- C:\Program Files (x86)\Messenger Plus! Live
    2009-02-13 12:55:22 ----D---- C:\Windows\ehome
    2009-02-13 12:54:26 ----D---- C:\ProgramData\Microsoft Help
    2009-02-13 12:53:48 ----D---- C:\Program Files (x86)\Windows Mail
    2009-02-09 19:54:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-02-04 00:00:46 ----D---- C:\Users\Mertens Franck\AppData\Roaming\skypePM
    2009-02-03 17:36:50 ----D---- C:\ProgramData\Skype
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
    R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
    R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys []
    R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys []
    R3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service; C:\Windows\system32\DRIVERS\AVerBDA3x_x64.sys []
    R3 dc3d;USBCCGP filter driver (dc3d); C:\Windows\system32\DRIVERS\dc3d.sys []
    R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys []
    R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys []
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
    R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
    R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
    R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2007-03-20 61440]
    R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 MSCamSvc;MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe [2007-05-17 443752]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe []
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-01-16 316664]
    S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

    -----------------EOF-----------------
    a c 295 8 Sécurité
    1 Mars 2009 02:46:01

    Je connais cette infection ;) 

  • Désinstalle Avast.

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.
    1 Mars 2009 03:19:29

    Le temp du scan risque d'être long...Je le metterai des qu'il sera fini donc si tu n'es pas la, je le comprendrai parfaitement :-)
    Juste pour savoir théoriquement après ca je n'aurai plus aucun problème?
    Si oui que mon conseil tu de garder comme antivirus? avast ou antivir?
    Merci
    a c 295 8 Sécurité
    1 Mars 2009 03:22:27

    Antivir est plus efficace.

    Je ne sais pas si ça va suffire car cette infection est un peu embêtante des fois.
    1 Mars 2009 03:27:23

    En tout cas c'est vraiment très sympas de ta part de m'aider ainssi.
    Je poste des qu'il est fini donc j'attendrai que tu me dise quoi.
    1 Mars 2009 03:43:46

    Voila le rapport



    Avira AntiVir Personal
    Date de création du fichier de rapport : dimanche 1 mars 2009 02:54

    La recherche porte sur 1271369 souches de virus.

    Détenteur de la licence :Avira AntiVir PersonalEdition Classic
    Numéro de série : 0000149996-ADJIE-0001
    Plateforme : Windows Vista x64 Edition
    Version de Windows :( Service Pack 1) [6.0.6001]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur :INTEL_I7_965

    Informations de version :
    BUILD.DAT : 8.2.0.52 16931 Bytes 2/12/2008 14:55:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 1/03/2009 01:52:09
    AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
    LUKERES.DLL : 8.1.4.0 13057 Bytes 4/07/2008 07:30:27
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 01:52:09
    ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 01:52:10
    ANTIVIR2.VDF : 7.1.2.55 248832 Bytes 20/02/2009 01:52:10
    ANTIVIR3.VDF : 7.1.2.96 190976 Bytes 28/02/2009 01:52:10
    Version du moteur: 8.2.0.98
    AEVDF.DLL : 8.1.1.0 106868 Bytes 1/03/2009 01:52:10
    AESCRIPT.DLL : 8.1.1.56 352634 Bytes 1/03/2009 01:52:10
    AESCN.DLL : 8.1.1.7 127347 Bytes 1/03/2009 01:52:10
    AERDL.DLL : 8.1.1.3 438645 Bytes 1/03/2009 01:52:10
    AEPACK.DLL : 8.1.3.8 397684 Bytes 1/03/2009 01:52:10
    AEOFFICE.DLL : 8.1.0.36 196987 Bytes 1/03/2009 01:52:10
    AEHEUR.DLL : 8.1.0.100 1618295 Bytes 1/03/2009 01:52:10
    AEHELP.DLL : 8.1.2.2 119158 Bytes 1/03/2009 01:52:10
    AEGEN.DLL : 8.1.1.22 336245 Bytes 1/03/2009 01:52:10
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
    AECORE.DLL : 8.1.6.6 176501 Bytes 1/03/2009 01:52:10
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 9/07/2008 08:40:02
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
    AVREP.DLL : 8.0.0.2 98344 Bytes 1/03/2009 01:52:10
    AVREG.DLL : 8.0.0.1 33537 Bytes 9/05/2008 11:26:37
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 4/07/2008 07:23:16
    RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43

    Configuration pour la recherche actuelle :
    Nom de la tâche..................: Contrôle intégral du système
    Fichier de configuration.........: C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sysscan.avp
    Documentation....................: bas
    Action principale................: interactif
    Action secondaire................: ignorer
    Recherche sur les secteurs d'amorçage maître: marche
    Recherche sur les secteurs d'amorçage: marche
    Secteurs d'amorçage..............: C:, D:,
    Recherche dans les programmes actifs: marche
    Recherche en cours sur l'enregistrement: marche
    Recherche de Rootkits............: arrêt
    Fichier mode de recherche........: Sélection de fichiers intelligente
    Recherche sur les archives.......: marche
    Limiter la profondeur de récursivité: 20
    Archive Smart Extensions.........: marche
    Heuristique de macrovirus........: marche
    Heuristique fichier..............: moyen

    Début de la recherche : dimanche 1 mars 2009 02:54

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SearchFilterHost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'TrustedInstaller.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'SearchProtocolHost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'FlashUtil10a.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpqste08.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ywidget.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AsG_HardwareMonitor.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AsG_TurboV.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AsG_LaunchApplication.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wmpnetwk.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'wmpnscfg.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'sidebar.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'logman.exe' - '1' module(s) sont contrôlés
    Module infecté -> 'C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe'
    Processus de recherche 'aaCenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AsG_Manager.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SixEngine.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'taskeng.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'taskeng.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'SmartDoctor.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'CorelIOMonitor.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpwuSchd2.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smax4pnp.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'GamerOSD.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AiNap.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'TurboV.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'LCDMedia.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'LCDPop3.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'LCDCountdown.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'LCDClock.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'sidebar.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'dpupdchk.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'rundll32.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'vVX3000.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ipoint.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'LGDCore.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'LCDMon.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'Corel Photo Downloader.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SoundMAX.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MSASCui.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'dwm.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'rundll32.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'taskeng.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'WUDFHost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'SearchIndexer.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'PSIService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'MSCamS64.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AsSysCtrlService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ASDR.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AEADISRV.EXE' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'SLsvc.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'audiodg.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'nvvsvc.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'lsm.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'wininit.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '0' module(s) sont contrôlés
    Le processus 'logman.exe' est arrêté
    C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    [RESULTAT] Contient le cheval de Troie TR/Agent.77824
    [REMARQUE] Fichier supprimé.

    '35' processus ont été contrôlés avec '34' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD1
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD2
    [INFO] Aucun virus trouvé !
    [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
    [INFO] Veuillez relancer la recherche avec les droits d'administrateur
    Secteur d'amorçage maître HD3
    [INFO] Aucun virus trouvé !
    [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt.
    [INFO] Veuillez relancer la recherche avec les droits d'administrateur

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'D:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence.

    Le registre a été contrôlé ( '39' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\'
    C:\hiberfil.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0LCJ6JZ3\go[1].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a04ed99.qua' !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C43OKM05\search[4].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0aedbf.qua' !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C43OKM05\smartsearch[1].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a0aedd0.qua' !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\anticheat[1].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1dede5.qua' !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\anticheat[3].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1dede8.qua' !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\anticheat[5].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a1dedeb.qua' !
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCA4GUM01.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCA4VYU1U.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCA91FKZ2.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCA9HTFGK.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCANKSSIB.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCAP7FEX4.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\indexCAZ3WGQU.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\searchCAB0AEI5.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\searchCABRM4JZ.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\searchCAC91ACM.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\searchCAJGJ1Q0.htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\search[2].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\11XS2UAB\search[6].htm
    [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\Documents\Drivers & Logiciels\Atomix.Virtual.DJ.v3.4.incl.patch-MP2K.by.ChingLiu.rar
    [0] Type d'archive: RAR
    --> atomix.virtual.dj.3.x-patch.exe
    [RESULTAT] Contient le cheval de Troie TR/Agent.37670
    [REMARQUE] Fichier supprimé.
    C:\Users\Mertens Franck\Documents\Drivers & Logiciels\Visual c++, Acrobat reader\Microsoft Visual C++ 6.0 Professional Edition.zip
    [0] Type d'archive: ZIP
    --> NTOPTPAK/X86/WINNT.WKS/MSMQOCM.CAB
    [1] Type d'archive: CAB (Microsoft)
    --> REGSVR32.EXE
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
    --> NTOPTPAK/X86/WINNT.WKS/WSH.CAB
    [1] Type d'archive: CAB (Microsoft)
    --> wshext.dll
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
    C:\_OTMoveIt\MovedFiles\03012009_020900\Users\MERTEN~1\AppData\Roaming\ieudinit.exe
    [RESULTAT] Contient le cheval de Troie TR/Agent.77824
    [REMARQUE] Fichier supprimé.
    Recherche débutant dans 'D:\' <Disque local>
    D:\Save vista\Documents\Drivers & Logiciels\Atomix.Virtual.DJ.v3.4.incl.patch-MP2K.by.ChingLiu.rar
    [0] Type d'archive: RAR
    --> atomix.virtual.dj.3.x-patch.exe
    [RESULTAT] Contient le cheval de Troie TR/Agent.37670
    [REMARQUE] Fichier supprimé.
    D:\Save vista\Documents\Drivers & Logiciels\Visual c++, Acrobat reader\Microsoft Visual C++ 6.0 Professional Edition.zip
    [0] Type d'archive: ZIP
    --> NTOPTPAK/X86/WINNT.WKS/MSMQOCM.CAB
    [1] Type d'archive: CAB (Microsoft)
    --> REGSVR32.EXE
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
    --> NTOPTPAK/X86/WINNT.WKS/WSH.CAB
    [1] Type d'archive: CAB (Microsoft)
    --> wshext.dll
    [AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.


    Fin de la recherche : dimanche 1 mars 2009 03:34
    Temps nécessaire: 39:55 Minute(s)

    La recherche a été effectuée intégralement

    27941 Les répertoires ont été contrôlés
    633797 Des fichiers ont été contrôlés
    24 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    17 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    6 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    2 Impossible de contrôler des fichiers
    633771 Fichiers non infectés
    4842 Les archives ont été contrôlées
    8 Avertissements
    23 Consignes

    a c 295 8 Sécurité
    1 Mars 2009 03:59:38

    Bien.

  • Refais un scan avec RSIT et poste le rapport log.
    1 Mars 2009 04:00:51

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Mertens Franck at 2009-03-01 03:55:53
    Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
    System drive C: has 30 GB (21%) free of 143 GB
    Total RAM: 6134 MB (42% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:55:55, on 1/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
    C:\Windows\vVX3000.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files (x86)\ASUS\OC Palm\AsG_Manager.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\LaunchApplication\AsG_LaunchApplication.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\TurboV\AsG_TurboV.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\HardwareMonitoring\AsG_HardwareMonitor.exe
    C:\Program Files (x86)\Asus\OC Palm\Gadgets\ywidget\ywidget.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10a.exe
    C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\notepad.exe
    C:\Users\Mertens Franck\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Mertens Franck.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe" -startup
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] "C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10374 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A3003B3A-7AC8-4454-B2FD-BACB953DBB8F}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-02 1082880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-11 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-11 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-09-12 4039168]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "Corel Photo Downloader"=C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe -startup []
    "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2008-05-28 380928]
    "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2008-04-15 1310720]
    "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "Corel File Shell Monitor"=C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [2007-12-01 38400]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-11 136600]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1555968]
    "WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\SysWOW64\Notepad.exe %1
    .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-03-01 02:50:23 ----D---- C:\ProgramData\Avira
    2009-03-01 02:50:23 ----D---- C:\Program Files (x86)\Avira
    2009-03-01 02:20:37 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\ProgramData\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-03-01 02:09:00 ----D---- C:\_OTMoveIt
    2009-03-01 01:34:12 ----D---- C:\Program Files (x86)\trend micro
    2009-03-01 01:34:11 ----D---- C:\rsit
    2009-02-26 19:28:46 ----A---- C:\Windows\system32\icardres.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\infocardapi.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\icardagt.exe
    2009-02-26 19:28:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-26 19:28:39 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-02-26 19:23:36 ----A---- C:\Windows\system32\netfxperf.dll
    2009-02-26 19:23:21 ----A---- C:\Windows\system32\dfshim.dll
    2009-02-26 19:23:12 ----A---- C:\Windows\system32\mscoree.dll
    2009-02-26 19:23:03 ----A---- C:\Windows\system32\mscorier.dll
    2009-02-26 19:22:58 ----A---- C:\Windows\system32\mscories.dll
    2009-02-13 12:52:43 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-13 12:52:40 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files\Skype
    2009-02-03 17:36:49 ----RD---- C:\Program Files (x86)\Skype

    ======List of files/folders modified in the last 1 months======

    2009-03-01 03:55:52 ----D---- C:\Windows\Temp
    2009-03-01 03:55:03 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Skype
    2009-03-01 02:50:25 ----D---- C:\Windows\Prefetch
    2009-03-01 02:50:23 ----RD---- C:\Program Files (x86)
    2009-03-01 02:50:23 ----HD---- C:\ProgramData
    2009-03-01 02:50:23 ----D---- C:\Windows\system32\drivers
    2009-03-01 02:43:23 ----D---- C:\Windows\SysWOW64
    2009-03-01 02:43:18 ----D---- C:\Windows\System32
    2009-03-01 02:13:08 ----D---- C:\Windows\system32\GdgEvent
    2009-03-01 00:18:24 ----D---- C:\Program Files (x86)\Warhammer Online - Age of Reckoning
    2009-02-27 01:53:42 ----SHD---- C:\System Volume Information
    2009-02-26 21:22:59 ----D---- C:\Windows\rescache
    2009-02-26 21:11:29 ----RSD---- C:\Windows\assembly
    2009-02-26 21:11:29 ----D---- C:\Windows\Microsoft.NET
    2009-02-26 21:06:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
    2009-02-26 21:00:20 ----D---- C:\Windows\system32\fr-FR
    2009-02-26 21:00:19 ----D---- C:\Windows\system32\XPSViewer
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\wbem
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\en-US
    2009-02-26 19:37:03 ----SHD---- C:\Windows\Installer
    2009-02-26 19:37:03 ----HD---- C:\Config.Msi
    2009-02-26 19:36:49 ----D---- C:\Windows\winsxs
    2009-02-24 23:58:17 ----D---- C:\Windows\Minidump
    2009-02-24 23:58:13 ----D---- C:\Windows
    2009-02-24 10:05:23 ----D---- C:\Program Files (x86)\Steam
    2009-02-24 09:22:57 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-02-20 10:56:53 ----D---- C:\Windows\inf
    2009-02-17 19:55:52 ----SD---- C:\Windows\Downloaded Program Files
    2009-02-16 18:45:30 ----D---- C:\Program Files (x86)\Messenger Plus! Live
    2009-02-13 12:55:22 ----D---- C:\Windows\ehome
    2009-02-13 12:54:26 ----D---- C:\ProgramData\Microsoft Help
    2009-02-13 12:53:48 ----D---- C:\Program Files (x86)\Windows Mail
    2009-02-09 19:54:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-02-04 00:00:46 ----D---- C:\Users\Mertens Franck\AppData\Roaming\skypePM
    2009-02-03 17:36:50 ----D---- C:\ProgramData\Skype
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
    R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
    R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys []
    R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys []
    R3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service; C:\Windows\system32\DRIVERS\AVerBDA3x_x64.sys []
    R3 dc3d;USBCCGP filter driver (dc3d); C:\Windows\system32\DRIVERS\dc3d.sys []
    R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys []
    R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys []
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
    R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
    R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2007-03-20 61440]
    R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 MSCamSvc;MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe [2007-05-17 443752]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe []
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-01-16 316664]
    S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

    -----------------EOF-----------------
    a c 295 8 Sécurité
    1 Mars 2009 04:08:07

    Et il revient...

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    1 Mars 2009 04:15:19

    Il me dit incompatible OS :( 
    a c 295 8 Sécurité
    1 Mars 2009 04:17:08

    Vista 64bits ?
    a c 295 8 Sécurité
    1 Mars 2009 04:21:05

    Mince...

  • Télécharge DirLook sur ton Bureau.
  • Clique droit sur DirLook.exe et choisis Exécuter en tant qu'administrateur.
  • Vérifie que les deux cases situées derrière "Show hidden files/folders:" et "BBCode Output:" soient cochées.
  • Copie le texte ci-dessous :

    C:\Users\MERTEN~1\AppData
    C:\Windows


  • Dans la petite fenêtre de DirLook, faire un clic droit dans la zone blanche et choisir Coller.
    Note : les lignes sélectionnées précédemment doivent avoir été recopiées dans la zone blanche de DirLook.

  • Clique sur le bouton DirLook pour lancer la recherche. Lorsque l'outil a terminé cette recherche, le Bloc-notes s'ouvre.
    Note : Dans le Bloc-notes, vérifie dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.

  • Enregistre le rapport sous le nom DirLook1.txt et ferme le Bloc-notes.
  • Ferme DirLook en cliquant sur le bouton Exit puis poste le rapport.
    1 Mars 2009 04:23:36

    Non march pas quand je clique sur Dirlook le programme se plante :( 
    a c 295 8 Sécurité
    1 Mars 2009 04:25:57

    Ça va être dur de t'aider si les tools ne fonctionnent pas.

    Réessaie en désactivant UAC.
    1 Mars 2009 04:33:08

    DirLook.exe v2.0 by jpshortstuff
    Log created at 04:27 on 01/03/2009
    ==================================
    Contents of "C:\Users\MERTEN~1\AppData"

    ---FOLDERS---

    Local (Created on 23/11/2008 at 10:02) d-----
    LocalLow (Created on 23/11/2008 at 10:02) d-----
    Roaming (Created on 23/11/2008 at 10:02) d-----

    ---FILES---

    (none found)

    ==================================
    Contents of "C:\Windows"

    ---FOLDERS---

    addins (Created on 02/11/2006 at 15:06) d-----
    AppPatch (Created on 02/11/2006 at 13:33) d-----
    assembly (Created on 02/11/2006 at 13:33) dr--s-
    AsusInstAll (Created on 23/11/2008 at 10:24) d-----
    Boot (Created on 02/11/2006 at 13:33) d-----
    Branding (Created on 02/11/2006 at 13:33) d-----
    CSC (Created on 23/11/2008 at 09:52) d-----
    Cursors (Created on 02/11/2006 at 13:33) d-----
    Debug (Created on 23/11/2008 at 09:52) d-----
    DigitalLocker (Created on 02/11/2006 at 15:06) d-----
    Downloaded Program Files (Created on 02/11/2006 at 13:33) d---s-
    ehome (Created on 02/11/2006 at 15:06) d-----
    en-US (Created on 02/11/2006 at 15:15) d-----
    Fonts (Created on 02/11/2006 at 13:33) dr--s-
    fr-FR (Created on 02/11/2006 at 19:23) d-----
    Globalization (Created on 02/11/2006 at 13:33) d-----
    Help (Created on 02/11/2006 at 13:33) d-----
    IME (Created on 02/11/2006 at 13:33) d-----
    inf (Created on 02/11/2006 at 13:33) d-----
    Installer (Created on 23/11/2008 at 10:05) d--hs-
    L2Schemas (Created on 02/11/2006 at 13:33) d-----
    LiveKernelReports (Created on 02/11/2006 at 13:33) d-----
    Logs (Created on 02/11/2006 at 13:33) d-----
    Media (Created on 02/11/2006 at 13:33) dr--s-
    Microsoft.NET (Created on 02/11/2006 at 13:33) d-----
    Minidump (Created on 23/11/2008 at 16:13) d-----
    ModemLogs (Created on 02/11/2006 at 13:33) d-----
    MSAgent (Created on 02/11/2006 at 13:33) d-----
    MSAgent64 (Created on 02/11/2006 at 13:33) d-----
    nap (Created on 02/11/2006 at 13:33) d-----
    Offline Web Pages (Created on 02/11/2006 at 13:33) dr----
    Panther (Created on 23/11/2008 at 09:49) d-----
    PCHEALTH (Created on 23/11/2008 at 11:21) d-----
    Performance (Created on 02/11/2006 at 15:06) d-----
    PLA (Created on 02/11/2006 at 13:33) d-----
    PolicyDefinitions (Created on 02/11/2006 at 13:33) d-----
    Prefetch (Created on 23/11/2008 at 09:51) d-----
    Provisioning (Created on 02/11/2006 at 13:33) d-----
    Registration (Created on 02/11/2006 at 13:33) d-----
    rescache (Created on 02/11/2006 at 13:33) d-----
    Resources (Created on 02/11/2006 at 13:33) d-----
    SchCache (Created on 02/11/2006 at 13:33) d-----
    schemas (Created on 02/11/2006 at 13:33) d-----
    security (Created on 02/11/2006 at 13:33) d-----
    ServiceProfiles (Created on 02/11/2006 at 15:21) d-----
    servicing (Created on 02/11/2006 at 13:33) d-----
    Setup (Created on 02/11/2006 at 15:21) d-----
    ShellNew (Created on 02/11/2006 at 15:06) d-----
    SoftwareDistribution (Created on 23/11/2008 at 09:53) d-----
    Speech (Created on 02/11/2006 at 13:33) d-----
    system (Created on 02/11/2006 at 13:33) d-----
    System32 (Created on 02/11/2006 at 13:33) d-----
    SysWOW64 (Created on 02/11/2006 at 13:34) d-----
    tapi (Created on 02/11/2006 at 13:34) d-----
    Tasks (Created on 02/11/2006 at 13:34) d-----
    Temp (Created on 02/11/2006 at 13:34) d-----
    tracing (Created on 02/11/2006 at 13:34) d-----
    twain_32 (Created on 02/11/2006 at 15:06) d-----
    Web (Created on 02/11/2006 at 13:34) d-----
    WindowsMobile (Created on 02/11/2006 at 15:15) d-----
    winsxs (Created on 02/11/2006 at 13:34) d-----

    ---FILES---

    AiSuite.log (162 bytes - created on 23/11/2008 at 10:53, modified on 23/11/2008 at 10:56) --a---
    Ascd_log.ini (39556 bytes - created on 23/11/2008 at 10:03, modified on 23/11/2008 at 10:53) --a---
    Ascd_tmp.ini (38793 bytes - created on 23/11/2008 at 10:03, modified on 23/11/2008 at 10:52) --a---
    ASMT_CE.dll (102400 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    AsusUpdate.log (164 bytes - created on 23/11/2008 at 10:53, modified on 23/11/2008 at 10:53) --a---
    audio.log (168 bytes - created on 23/11/2008 at 10:30, modified on 23/11/2008 at 10:32) --a---
    avisplitter.ini (38 bytes - created on 23/11/2008 at 17:24, modified on 30/07/2008 at 19:09) --a---
    bfsvc.exe (65536 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 08:00) --a---
    bootstat.dat (67584 bytes - created on 02/11/2006 at 15:35, modified on 01/03/2009 at 03:24) --a-s-
    DIFx.log (1203 bytes - created on 23/11/2008 at 10:05, modified on 23/11/2008 at 10:10) --a---
    DirectX.log (173708 bytes - created on 23/11/2008 at 11:36, modified on 11/01/2009 at 18:47) --a---
    DPINST.LOG (17312 bytes - created on 23/11/2008 at 11:54, modified on 23/11/2008 at 20:03) --a---
    DtcInstall.log (2257 bytes - created on 02/11/2006 at 15:21, modified on 23/11/2008 at 18:35) --a---
    DUMP5ba6.tmp (301840924 bytes - created on 23/11/2008 at 09:51, modified on 23/11/2008 at 13:15) --a---
    explorer.exe (3080704 bytes - created on 09/12/2008 at 20:42, modified on 29/10/2008 at 06:49) --a---
    fveupdate.exe (14848 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 08:00) --a---
    HelpPane.exe (734720 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 08:00) --a---
    hh.exe (15872 bytes - created on 02/11/2006 at 10:09, modified on 02/11/2006 at 11:15) --a---
    hpoins15.dat (158887 bytes - created on 23/11/2008 at 19:58, modified on 23/11/2008 at 20:11) --a---
    hpomdl15.dat (1039 bytes - created on 23/11/2008 at 19:58, modified on 21/09/2007 at 13:00) ------
    hpqins13.dat (19588 bytes - created on 23/11/2008 at 19:56, modified on 23/11/2008 at 19:57) --a---
    i2c.dll (71680 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    i2c_i.dll (69632 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    ie8_main.log (71025 bytes - created on 29/11/2008 at 12:02, modified on 27/01/2009 at 23:17) --a---
    MEMORY.DMP (580598325 bytes - created on 23/11/2008 at 16:13, modified on 24/02/2009 at 22:58) --a---
    mib.bin (43131 bytes - created on 02/11/2006 at 09:47, modified on 02/11/2006 at 08:26) --a---
    msdfmap.ini (1405 bytes - created on 02/11/2006 at 12:37, modified on 18/09/2006 at 21:30) --a---
    msxml4-KB954430-enu.LOG (284256 bytes - created on 23/11/2008 at 13:06, modified on 23/11/2008 at 13:07) --a---
    notepad.exe (169472 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 08:00) --a---
    nVGA_i2c.dll (68608 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    OCPalm.log (90 bytes - created on 23/11/2008 at 10:41, modified on 23/11/2008 at 10:42) --a---
    PFRO.log (37188 bytes - created on 02/11/2006 at 15:39, modified on 01/03/2009 at 01:45) --a---
    regedit.exe (161792 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 08:00) --a---
    setup.iss (666 bytes - created on 23/11/2008 at 10:40, modified on 23/11/2008 at 10:53) --a---
    setupact.log (17526 bytes - created on 02/11/2006 at 15:26, modified on 03/02/2009 at 16:32) --a---
    SETUPAPI.LOG (94 bytes - created on 02/11/2006 at 15:21, modified on 02/11/2006 at 15:21) --a---
    setuperr.log (0 bytes - created on 02/11/2006 at 15:26, modified on 02/11/2006 at 15:26) --a---
    SixEngine.log (166 bytes - created on 23/11/2008 at 10:42, modified on 23/11/2008 at 10:42) --a---
    SMinstall.log (6949 bytes - created on 23/11/2008 at 10:30, modified on 23/11/2008 at 10:32) --a---
    splwow64.exe (39936 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 08:00) --a---
    system.ini (219 bytes - created on 02/11/2006 at 12:34, modified on 18/09/2006 at 21:44) --a---
    TSSysprep.log (1313 bytes - created on 23/11/2008 at 09:54, modified on 23/11/2008 at 09:54) --a---
    TurboV.log (160 bytes - created on 23/11/2008 at 10:40, modified on 23/11/2008 at 10:41) --a---
    twain.dll (94784 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    twain_32.dll (50688 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    Twunk_16.dll (12288 bytes - created on 12/03/2007 at 02:35, modified on 12/03/2007 at 02:35) -ra---
    twunk_16.exe (49680 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    Twunk_32.dll (12288 bytes - created on 12/03/2007 at 02:35, modified on 12/03/2007 at 02:35) -ra---
    twunk_32.exe (31232 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    Ultimate.xml (4261 bytes - created on 02/11/2006 at 14:57, modified on 19/09/2006 at 11:41) --a---
    vVX3000.exe (709992 bytes - created on 10/04/2007 at 13:46, modified on 10/04/2007 at 13:46) --a---
    VX3000.ini (15498 bytes - created on 10/04/2007 at 13:46, modified on 10/04/2007 at 13:46) --a---
    VX3000.src (13023 bytes - created on 10/04/2007 at 13:46, modified on 10/04/2007 at 13:46) --a---
    win.ini (254 bytes - created on 02/11/2006 at 12:34, modified on 23/11/2008 at 20:08) --a---
    WindowsShell.Manifest (749 bytes - created on 02/11/2006 at 15:24, modified on 23/11/2008 at 18:36) -rah--
    WindowsUpdate.log (1287019 bytes - created on 02/11/2006 at 15:26, modified on 01/03/2009 at 03:23) --a---
    winhlp32.exe (9216 bytes - created on 02/11/2006 at 12:24, modified on 02/11/2006 at 09:45) --a---
    WLXPGSS.SCR (308584 bytes - created on 04/12/2008 at 23:11, modified on 04/12/2008 at 23:11) --a---
    WMSysPr9.prx (316640 bytes - created on 02/11/2006 at 15:02, modified on 02/11/2006 at 15:02) --a---
    ydi.log (10476 bytes - created on 23/11/2008 at 10:37, modified on 23/11/2008 at 10:37) --a---
    YukonInstall.log (348 bytes - created on 23/11/2008 at 10:37, modified on 23/11/2008 at 10:37) -r----

    ==================================
    =EOF=
    a c 295 8 Sécurité
    1 Mars 2009 04:40:17

    Utilise DirLook pour ceci :

    C:\Users\MERTEN~1\AppData\Roaming
    C:\Users\MERTEN~1\AppData\Microsoft
    C:\Windows\system32
    1 Mars 2009 04:41:41

    DirLook.exe v2.0 by jpshortstuff
    Log created at 04:36 on 01/03/2009
    ==================================
    Contents of "C:\Users\MERTEN~1\AppData\Roaming"

    ---FOLDERS---

    .# (Created on 28/11/2008 at 15:34) d--hs-
    Adobe (Created on 23/11/2008 at 11:49) d-----
    Corel (Created on 24/11/2008 at 17:15) d-----
    HP (Created on 23/11/2008 at 20:11) d-----
    HPAppData (Created on 23/11/2008 at 20:07) d-----
    Identities (Created on 23/11/2008 at 10:02) d-----
    InstallShield (Created on 23/11/2008 at 10:30) d-----
    Macromedia (Created on 23/11/2008 at 11:49) d-----
    Malwarebytes (Created on 01/03/2009 at 01:20) d-----
    Media Center Programs (Created on 23/11/2008 at 10:02) d-----
    Microsoft (Created on 23/11/2008 at 10:02) d---s-
    Mozilla (Created on 23/11/2008 at 12:07) d-----
    Notepad++ (Created on 15/12/2008 at 20:31) d-----
    Real (Created on 23/11/2008 at 17:24) d-----
    Skype (Created on 23/11/2008 at 11:44) d-----
    skypePM (Created on 23/11/2008 at 11:44) d-----
    TMP (Created on 23/11/2008 at 10:37) d-----
    WinRAR (Created on 25/11/2008 at 18:39) d-----

    ---FILES---

    (none found)

    ==================================
    Contents of "C:\Users\MERTEN~1\AppData\Microsoft"

    Unable to find directory.

    ==================================
    Contents of "C:\Windows\system32"

    ---FOLDERS---

    040C (Created on 02/11/2006 at 19:22) d-----
    AdvancedInstallers (Created on 02/11/2006 at 13:34) d-----
    AGEIA (Created on 23/11/2008 at 10:05) d-----
    ar-SA (Created on 02/11/2006 at 13:34) d-----
    bg-BG (Created on 02/11/2006 at 13:34) d-----
    Branding (Created on 02/11/2006 at 19:23) d-----
    com (Created on 02/11/2006 at 13:34) d-----
    config (Created on 02/11/2006 at 13:34) d-----
    cs-CZ (Created on 02/11/2006 at 13:34) d-----
    da-DK (Created on 02/11/2006 at 13:34) d-----
    de-DE (Created on 02/11/2006 at 13:34) d-----
    drivers (Created on 02/11/2006 at 13:34) d-----
    driverstore (Created on 02/11/2006 at 19:22) d-----
    el-GR (Created on 02/11/2006 at 13:34) d-----
    en-US (Created on 02/11/2006 at 13:34) d-----
    es-ES (Created on 02/11/2006 at 13:34) d-----
    et-EE (Created on 02/11/2006 at 13:34) d-----
    fi-FI (Created on 02/11/2006 at 13:34) d-----
    fr (Created on 02/11/2006 at 19:22) d-----
    fr-FR (Created on 02/11/2006 at 13:34) d-----
    FxsTmp (Created on 02/11/2006 at 15:06) d-----
    GdgEvent (Created on 23/11/2008 at 10:42) d-----
    GroupPolicy (Created on 02/11/2006 at 13:34) d-----
    GroupPolicyUsers (Created on 02/11/2006 at 13:34) d-----
    he-IL (Created on 02/11/2006 at 13:34) d-----
    hr-HR (Created on 02/11/2006 at 13:34) d-----
    hu-HU (Created on 02/11/2006 at 13:34) d-----
    ias (Created on 02/11/2006 at 13:34) d-----
    icsxml (Created on 02/11/2006 at 13:34) d-----
    IME (Created on 02/11/2006 at 13:34) d-----
    inetsrv (Created on 02/11/2006 at 13:34) d-----
    InstallShield (Created on 02/11/2006 at 13:34) d-----
    it-IT (Created on 02/11/2006 at 13:34) d-----
    ja-JP (Created on 02/11/2006 at 13:34) d-----
    ko-KR (Created on 02/11/2006 at 13:34) d-----
    licensing (Created on 02/11/2006 at 13:34) d-----
    LogFiles (Created on 02/11/2006 at 13:34) d-----
    lt-LT (Created on 02/11/2006 at 13:34) d-----
    lv-LV (Created on 02/11/2006 at 13:34) d-----
    Macromed (Created on 23/11/2008 at 11:49) d-----
    manifeststore (Created on 02/11/2006 at 13:34) d-----
    migration (Created on 02/11/2006 at 13:34) d-----
    migwiz (Created on 02/11/2006 at 13:34) d-----
    Msdtc (Created on 02/11/2006 at 13:34) d-----
    MUI (Created on 02/11/2006 at 13:34) d-----
    nb-NO (Created on 02/11/2006 at 13:34) d-----
    NDF (Created on 02/11/2006 at 13:34) d-----
    networklist (Created on 02/11/2006 at 13:34) d-----
    nl-NL (Created on 02/11/2006 at 13:34) d-----
    oobe (Created on 02/11/2006 at 13:34) d-----
    pl-PL (Created on 02/11/2006 at 13:34) d-----
    Printing_Admin_Scripts (Created on 02/11/2006 at 19:22) d-----
    pt-BR (Created on 02/11/2006 at 13:34) d-----
    pt-PT (Created on 02/11/2006 at 13:34) d-----
    ras (Created on 02/11/2006 at 13:34) d-----
    restore (Created on 02/11/2006 at 15:06) d-----
    ro-RO (Created on 02/11/2006 at 13:34) d-----
    ru-RU (Created on 02/11/2006 at 13:34) d-----
    setup (Created on 02/11/2006 at 13:34) d-----
    sk-SK (Created on 02/11/2006 at 13:34) d-----
    sl-SI (Created on 02/11/2006 at 13:34) d-----
    slmgr (Created on 02/11/2006 at 19:22) d-----
    SLUI (Created on 02/11/2006 at 13:34) d-----
    Speech (Created on 02/11/2006 at 13:34) d-----
    Spool (Created on 23/11/2008 at 10:58) d-----
    sr-Latn-CS (Created on 02/11/2006 at 13:34) d-----
    sv-SE (Created on 02/11/2006 at 13:34) d-----
    sysprep (Created on 02/11/2006 at 13:34) d-----
    Tasks (Created on 02/11/2006 at 13:34) d-----
    th-TH (Created on 02/11/2006 at 13:34) d-----
    tr-TR (Created on 02/11/2006 at 13:34) d-----
    uk-UA (Created on 02/11/2006 at 13:34) d-----
    wbem (Created on 02/11/2006 at 13:34) d-----
    WCN (Created on 02/11/2006 at 19:22) d-----
    winrm (Created on 02/11/2006 at 19:23) d-----
    XPSViewer (Created on 02/11/2006 at 15:06) d-----
    zh-CN (Created on 02/11/2006 at 13:34) d-----
    zh-HK (Created on 02/11/2006 at 13:34) d-----
    zh-TW (Created on 02/11/2006 at 13:34) d-----

    ---FILES---

    12520437.cpx (2151 bytes - created on 02/11/2006 at 12:18, modified on 18/09/2006 at 21:28) --a---
    12520850.cpx (2233 bytes - created on 02/11/2006 at 12:18, modified on 18/09/2006 at 21:28) --a---
    8point1.wav (1228100 bytes - created on 02/11/2006 at 12:13, modified on 18/09/2006 at 21:32) --a---
    aaclient.dll (136192 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    AbaleZip.dll (287256 bytes - created on 20/08/2008 at 09:54, modified on 20/08/2008 at 09:54) -ra---
    ac3acm.acm (118784 bytes - created on 23/11/2008 at 17:24, modified on 21/09/2007 at 00:52) --a---
    accessibilitycpl.dll (2515968 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    ACCTRES.dll (39424 bytes - created on 02/11/2006 at 12:17, modified on 02/11/2006 at 07:28) --a---
    acledit.dll (7680 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:46) --a---
    aclui.dll (127488 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    acppage.dll (38912 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:46) --a---
    acprgwiz.dll (2048 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 07:11) --a---
    ActionQueue.dll (167424 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    ActiveContentWizard.dll (1405952 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    activeds.dll (204800 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    activeds.tlb (111616 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 05:42) --a---
    actrpt.dll (1015808 bytes - created on 25/11/2008 at 18:46, modified on 21/11/2000 at 08:32) --a---
    actxprxy.dll (326656 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    ACW.exe (81408 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    acwizard.ico (107620 bytes - created on 02/11/2006 at 12:13, modified on 18/09/2006 at 21:31) --a---
    AdapterTroubleshooter.exe (38400 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:44) --a---
    adi_oal.dll (1503232 bytes - created on 23/11/2008 at 10:32, modified on 03/07/2007 at 12:11) ------
    Adme.dll (57856 bytes - created on 25/11/2008 at 18:46, modified on 11/01/1997 at 23:00) --a---
    admparse.dll (72704 bytes - created on 27/01/2009 at 23:17, modified on 15/01/2009 at 10:03) --a---
    adsldp.dll (185856 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    adsldpc.dll (198144 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    adsmsext.dll (76288 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    adsnt.dll (257024 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    adtschema.dll (605696 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 05:26) --a---
    advapi32.dll (798720 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    advpack.dll (128512 bytes - created on 27/01/2009 at 23:17, modified on 15/01/2009 at 10:03) --a---
    aecache.dll (6656 bytes - created on 02/11/2006 at 12:23, modified on 02/11/2006 at 09:46) --a---
    AgCPanelFrench.dll (58648 bytes - created on 12/06/2008 at 14:08, modified on 12/06/2008 at 14:08) --a---
    AgCPanelGerman.dll (58648 bytes - created on 12/06/2008 at 14:08, modified on 12/06/2008 at 14:08) --a---
    AgCPanelJapanese.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AgCPanelKorean.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AgCPanelPortugese.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AgCPanelSimplifiedChinese.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AgCPanelSpanish.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AgCPanelSwedish.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AgCPanelTraditionalChinese.dll (58648 bytes - created on 12/06/2008 at 14:09, modified on 12/06/2008 at 14:09) --a---
    AltTab.dll (43008 bytes - created on 02/11/2006 at 15:01, modified on 02/11/2006 at 15:01) --a---
    amcompat.tlb (18432 bytes - created on 02/11/2006 at 15:02, modified on 02/11/2006 at 15:02) --a---
    amstream.dll (70144 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    amxread.dll (24064 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    apds.dll (1730560 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    apilogen.dll (13824 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    apircl.dll (219648 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    apphelp.dll (171008 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    Apphlpdm.dll (28672 bytes - created on 09/12/2008 at 20:42, modified on 01/11/2008 at 03:44) --a---
    appmgmts.dll (148992 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    appmgr.dll (339456 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    appwiz.cpl (1122304 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:32) --a---
    apss.dll (198656 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    ARP.EXE (19968 bytes - created on 02/11/2006 at 12:23, modified on 02/11/2006 at 09:44) --a---
    arviewer.ocx (329600 bytes - created on 25/11/2008 at 18:46, modified on 21/11/2000 at 08:32) --a---
    ASDR.exe (61440 bytes - created on 20/03/2007 at 16:16, modified on 20/03/2007 at 16:16) --a---
    asferror.dll (2048 bytes - created on 02/11/2006 at 15:02, modified on 02/11/2006 at 15:02) --a---
    AsIO.dll (24576 bytes - created on 23/11/2008 at 10:41, modified on 10/01/2006 at 08:50) -ra---
    asycfilt.dll (66560 bytes - created on 02/11/2006 at 12:20, modified on 02/11/2006 at 09:46) --a---
    at.exe (24576 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    AtBroker.exe (28160 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    atkdxtdisp.dll (132608 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:16) --a---
    ATKLUMDISP.dll (1332224 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    ATKOGL32.dll (14848 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    ATKOSDX32.dll (5463040 bytes - created on 23/11/2008 at 12:14, modified on 28/05/2008 at 13:14) --a---
    atl.dll (71680 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    atl71.dll (89088 bytes - created on 18/03/2003 at 18:05, modified on 18/03/2003 at 18:05) --a---
    atmfd.dll (289792 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 05:36) --a---
    atmlib.dll (34304 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    attrib.exe (16384 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 09:44) --a---
    audiodev.dll (244224 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    audiodg.exe (88064 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    AudioEng.dll (397312 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    AUDIOKSE.dll (274944 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:36) --a---
    AudioSes.dll (116224 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    auditpol.exe (41472 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    Aurora.scr (1370624 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:32) --a---
    authfwcfg.dll (251904 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    AuthFWGP.dll (509952 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    AuthFWSnapin.dll (4595712 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:38) --a---
    AuthFWWizFwk.dll (274432 bytes - created on 02/11/2006 at 12:24, modified on 02/11/2006 at 09:46) --a---
    authui.dll (1985024 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    authz.dll (79360 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    autochk.exe (642560 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    autoconv.exe (656384 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    autofmt.exe (634880 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    autoplay.dll (516608 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    AuxiliaryDisplayApi.dll (103936 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    AuxiliaryDisplayCpl.dll (1186304 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:36) --a---
    avicap32.dll (65024 bytes - created on 02/11/2006 at 12:24, modified on 02/11/2006 at 09:46) --a---
    avifil32.dll (91136 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    avrt.dll (12800 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    axaltocm.dll (82432 bytes - created on 02/11/2006 at 12:39, modified on 23/11/2008 at 18:12) --a---
    Axdist.exe (803680 bytes - created on 25/11/2008 at 18:46, modified on 23/10/1996 at 23:00) --a---
    azman.msc (41587 bytes - created on 02/11/2006 at 12:13, modified on 18/09/2006 at 21:29) --a---
    azroles.dll (756736 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    azroleui.dll (317440 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    AzSqlExt.dll (28160 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    B75BF6B21C.sys (88 bytes - created on 24/11/2008 at 17:15, modified on 25/11/2008 at 19:14) -r-hs-
    basecsp.dll (131640 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:38) --a---
    batmeter.dll (737792 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:46) --a---
    BBLTmpl.ocx (195584 bytes - created on 25/11/2008 at 18:46, modified on 04/08/2000 at 07:17) --a---
    bcrypt.dll (275968 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:32) --a---
    bdaplgin.ax (18432 bytes - created on 02/11/2006 at 15:01, modified on 02/11/2006 at 15:01) --a---
    bidispl.dll (33792 bytes - created on 02/11/2006 at 12:20, modified on 02/11/2006 at 09:46) --a---
    bitsadmin.exe (192000 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    bitsperf.dll (17920 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    bitsprx2.dll (10752 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    bitsprx3.dll (9728 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    bitsprx4.dll (9216 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    bitsprx5.dll (17920 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    blackbox.dll (542720 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    bootcfg.exe (81408 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    bopomofo.uce (22984 bytes - created on 02/11/2006 at 15:01, modified on 02/11/2006 at 15:01) --a---
    browseui.dll (1324032 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    bthprops.cpl (990208 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:32) --a---
    bthudtask.exe (34304 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:44) --a---
    btpanui.dll (91648 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    Bubbles.scr (879616 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:32) --a---
    cabinet.dll (71680 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    cabview.dll (97280 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    cacls.exe (25600 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    calc.exe (176128 bytes - created on 02/11/2006 at 15:01, modified on 02/11/2006 at 15:01) --a---
    capisp.dll (17920 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    catsrv.dll (451072 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    catsrvps.dll (23552 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    catsrvut.dll (487936 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    Ccrpftv.ocx (141312 bytes - created on 25/11/2008 at 18:46, modified on 13/10/1998 at 23:02) --a---
    cdosys.dll (805888 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    cero.rs (55296 bytes - created on 02/11/2006 at 15:02, modified on 02/11/2006 at 15:02) --a---
    certcli.dll (323072 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    certenc.dll (41984 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:46) --a---
    CertEnroll.dll (1111552 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    CertEnrollCtrl.exe (6656 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    CertEnrollUI.dll (632832 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    certmgr.dll (1502720 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    certmgr.msc (63070 bytes - created on 02/11/2006 at 12:13, modified on 18/09/2006 at 21:37) --a---
    certreq.exe (215040 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    certutil.exe (798720 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    cewmdm.dll (225792 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    CF16353.exe (318976 bytes - created on 01/03/2009 at 03:10, modified on 01/03/2009 at 03:10) --a---
    CF16546.exe (318976 bytes - created on 01/03/2009 at 03:11, modified on 01/03/2009 at 03:11) --a---
    cfgbkend.dll (47104 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cfgmgr32.dll (17408 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    chajei.ime (124928 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:29) --a---
    charmap.exe (154624 bytes - created on 02/11/2006 at 15:01, modified on 02/11/2006 at 15:01) --a---
    chcp.com (11776 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 08:31) --a---
    chkdsk.exe (15872 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:44) --a---
    chkntfs.exe (16896 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:44) --a---
    choice.exe (30720 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:44) --a---
    chsbrkr.dll (1671680 bytes - created on 24/11/2008 at 14:52, modified on 27/05/2008 at 05:17) --a---
    chtbrkr.dll (6103040 bytes - created on 24/11/2008 at 14:52, modified on 27/05/2008 at 05:17) --a---
    CHxReadingStringIME.dll (10752 bytes - created on 02/11/2006 at 12:23, modified on 02/11/2006 at 09:46) --a---
    cic.dll (171520 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    cintlgnt.ime (124928 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:29) --a---
    cipher.exe (58368 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    clb.dll (13824 bytes - created on 02/11/2006 at 12:13, modified on 02/11/2006 at 09:46) --a---
    clbcatq.dll (523776 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    cleanmgr.exe (178688 bytes - created on 02/11/2006 at 15:01, modified on 02/11/2006 at 15:01) --a---
    clfsw32.dll (56832 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    cliconfg.dll (86016 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 09:46) --a---
    cliconfg.exe (40960 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 09:44) --a---
    cliconfg.rll (40960 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 08:11) --a---
    clip.exe (26624 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:44) --a---
    clusapi.dll (178176 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    cmcfg32.dll (31232 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cmd.exe (318976 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    cmd.execf (318976 bytes - created on 01/03/2009 at 03:10, modified on 01/03/2009 at 03:13) --a---
    cmdial32.dll (481792 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    cmdkey.exe (13824 bytes - created on 02/11/2006 at 12:21, modified on 02/11/2006 at 09:44) --a---
    cmdl32.exe (72704 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    CmdLineExt_x64.dll (178800 bytes - created on 28/11/2008 at 19:01, modified on 28/11/2008 at 19:01) --a---
    cmicryptinstall.dll (64512 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    cmifw.dll (67584 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    cmipnpinstall.dll (297472 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    cmlua.dll (32768 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cmmon32.exe (48640 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cmpbk32.dll (26112 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cmstp.exe (84992 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cmstplua.dll (14336 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cmutil.dll (47616 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    cngaudit.dll (11776 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    cnvfat.dll (31232 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    colbact.dll (62464 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    COLORCNV.DLL (161280 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    colorcpl.exe (84992 bytes - created on 02/11/2006 at 12:16, modified on 02/11/2006 at 09:44) --a---
    colorui.dll (686592 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    comcat.dll (7168 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    Comct232.ocx (164144 bytes - created on 25/11/2008 at 18:46, modified on 23/06/1998 at 23:00) --a---
    comctl32.dll (531968 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    Comctl32.ocx (608448 bytes - created on 25/11/2008 at 18:46, modified on 21/05/2000 at 18:00) --a---
    comdlg32.dll (450048 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    Comdlg32.ocx (140288 bytes - created on 25/11/2008 at 18:46, modified on 13/03/2001 at 12:49) --a---
    comexp.msc (124118 bytes - created on 02/11/2006 at 12:14, modified on 18/09/2006 at 21:28) --a---
    comp.exe (20480 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:44) --a---
    compact.exe (18432 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:44) --a---
    CompatUI.dll (282624 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    compmgmt.msc (113256 bytes - created on 02/11/2006 at 12:14, modified on 18/09/2006 at 21:29) --a---
    compobj.dll (27792 bytes - created on 02/11/2006 at 12:14, modified on 18/09/2006 at 21:35) --a---
    CompoundFile.cmp (209078 bytes - created on 23/11/2008 at 10:42, modified on 01/03/2009 at 03:26) --a---
    compstui.dll (276480 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    ComputerDefaults.exe (36352 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    comrepl.dll (91648 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    comres.dll (1291264 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 05:48) --a---
    comsnap.dll (220160 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    comsvcs.dll (1208320 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:33) --a---
    comuid.dll (593408 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    config.nt (0 bytes - created on 23/11/2008 at 11:05, modified on 01/03/2009 at 01:29) --a---
    conime.exe (69120 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    connect.dll (1645568 bytes - created on 26/11/2008 at 09:41, modified on 21/10/2008 at 05:25) --a---
    console.dll (95744 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    control.exe (211968 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:44) --a---
    convert.exe (17408 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    corpol.dll (18944 bytes - created on 27/01/2009 at 23:17, modified on 15/01/2009 at 10:04) --a---
    credssp.dll (15872 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    credui.dll (178176 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    credwiz.exe (27648 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:45) --a---
    crtdll.dll (149019 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    crypt32.dll (977408 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:34) --a---
    cryptdlg.dll (24576 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    cryptdll.dll (57856 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    cryptext.dll (54784 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    cryptnet.dll (97792 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    cryptsvc.dll (128000 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    cryptui.dll (970240 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    cscapi.dll (31744 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    cscdll.dll (22016 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    cscobj.dll (131584 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    cscript.exe (135168 bytes - created on 24/11/2008 at 14:32, modified on 08/05/2008 at 21:58) --a---
    CSVer.dll (53248 bytes - created on 23/11/2008 at 10:18, modified on 19/08/2008 at 02:56) -ra---
    ctfmon.exe (8704 bytes - created on 02/11/2006 at 12:23, modified on 02/11/2006 at 09:45) --a---
    ctl3d32.dll (27136 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    C_037.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10000.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10001.NLS (162850 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10002.NLS (195618 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10003.NLS (177698 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10004.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10005.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10006.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10007.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10008.NLS (173602 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10010.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10017.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10021.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10029.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10079.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10081.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_10082.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1026.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1047.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1140.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1141.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1142.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1143.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1144.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1145.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1146.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1147.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1148.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1149.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1250.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1251.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1252.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1253.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1254.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1255.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1256.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1257.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1258.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_1361.NLS (189986 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20000.NLS (180258 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20001.NLS (186402 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20002.NLS (173602 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20003.NLS (185378 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20004.NLS (180258 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20005.NLS (187938 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20105.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20106.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20107.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20108.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20127.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20261.NLS (139810 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20269.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20273.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20277.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20278.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20280.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20284.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20285.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20290.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20297.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20420.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20423.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20424.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20833.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20838.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20866.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20871.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20880.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20905.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20924.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20932.NLS (180770 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20936.NLS (173602 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_20949.NLS (177698 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_21025.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_21027.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_21866.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28591.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28592.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28593.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28594.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28595.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28596.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28597.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28598.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28599.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    c_28603.nls (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_28605.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_437.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_500.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_708.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_720.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_737.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_775.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_850.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_852.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_855.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_857.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_858.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_860.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_861.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_862.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_863.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_864.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_865.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_866.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_869.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_870.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_874.NLS (66594 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_875.NLS (66082 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_932.NLS (162850 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_936.NLS (196642 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_949.NLS (196642 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_950.NLS (196642 bytes - created on 02/11/2006 at 12:17, modified on 18/09/2006 at 21:47) --a---
    C_G18030.DLL (221696 bytes - created on 02/11/2006 at 12:17, modified on 02/11/2006 at 09:46) --a---
    C_IS2022.DLL (10240 bytes - created on 02/11/2006 at 12:17, modified on 02/11/2006 at 09:46) --a---
    C_ISCII.DLL (10752 bytes - created on 02/11/2006 at 12:17, modified on 02/11/2006 at 09:46) --a---
    d3d10.dll (1029120 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    d3d10core.dll (188416 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    d3d10_1.dll (159744 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    d3d10_1core.dll (208896 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    d3d8.dll (1039360 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    d3d8thk.dll (11264 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    d3d9.dll (1788928 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:34) --a---
    D3DCompiler_33.dll (1123696 bytes - created on 28/11/2008 at 18:42, modified on 12/03/2007 at 15:42) --a---
    D3DCompiler_34.dll (1124720 bytes - created on 28/11/2008 at 18:42, modified on 16/05/2007 at 15:45) --a---
    D3DCompiler_35.dll (1358192 bytes - created on 28/11/2008 at 18:42, modified on 19/07/2007 at 17:14) --a---
    D3DCompiler_36.dll (1374232 bytes - created on 28/11/2008 at 18:43, modified on 12/10/2007 at 14:14) --a---
    D3DCompiler_37.dll (1420824 bytes - created on 28/11/2008 at 18:43, modified on 05/03/2008 at 14:56) --a---
    D3DCompiler_38.dll (1491992 bytes - created on 28/11/2008 at 18:43, modified on 30/05/2008 at 13:11) --a---
    d3dim.dll (384512 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    d3dim700.dll (816128 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    d3dramp.dll (593920 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    d3dx10.dll (440080 bytes - created on 28/11/2008 at 18:42, modified on 29/11/2006 at 12:06) --a---
    d3dx10_33.dll (443752 bytes - created on 28/11/2008 at 18:42, modified on 15/03/2007 at 15:57) --a---
    d3dx10_34.dll (443752 bytes - created on 28/11/2008 at 18:42, modified on 16/05/2007 at 15:45) --a---
    d3dx10_35.dll (444776 bytes - created on 28/11/2008 at 18:42, modified on 19/07/2007 at 17:14) --a---
    d3dx10_36.dll (444776 bytes - created on 28/11/2008 at 18:43, modified on 02/10/2007 at 08:56) --a---
    d3dx10_37.dll (462864 bytes - created on 28/11/2008 at 18:43, modified on 05/02/2008 at 22:07) --a---
    d3dx10_38.dll (467984 bytes - created on 28/11/2008 at 18:43, modified on 30/05/2008 at 13:11) --a---
    d3dx9_24.dll (2222800 bytes - created on 23/11/2008 at 11:36, modified on 05/02/2005 at 18:45) --a---
    d3dx9_25.dll (2337488 bytes - created on 23/11/2008 at 11:36, modified on 18/03/2005 at 16:19) --a---
    d3dx9_26.dll (2297552 bytes - created on 23/11/2008 at 11:36, modified on 26/05/2005 at 14:34) --a---
    d3dx9_27.dll (2319568 bytes - created on 23/11/2008 at 11:36, modified on 22/07/2005 at 18:59) --a---
    d3dx9_28.dll (2323664 bytes - created on 23/11/2008 at 11:36, modified on 05/12/2005 at 17:09) --a---
    d3dx9_29.dll (2332368 bytes - created on 23/11/2008 at 11:36, modified on 03/02/2006 at 07:43) --a---
    d3dx9_30.dll (2388176 bytes - created on 23/11/2008 at 11:36, modified on 31/03/2006 at 11:40) --a---
    d3dx9_31.dll (2414360 bytes - created on 23/11/2008 at 11:36, modified on 28/09/2006 at 15:05) --a---
    d3dx9_32.dll (3426072 bytes - created on 28/11/2008 at 18:42, modified on 29/11/2006 at 12:06) --a---
    d3dx9_33.dll (3495784 bytes - created on 28/11/2008 at 18:42, modified on 12/03/2007 at 15:42) --a---
    d3dx9_34.dll (3497832 bytes - created on 28/11/2008 at 18:42, modified on 16/05/2007 at 15:45) --a---
    d3dx9_35.dll (3727720 bytes - created on 28/11/2008 at 18:42, modified on 19/07/2007 at 17:14) --a---
    d3dx9_36.dll (3734536 bytes - created on 28/11/2008 at 18:43, modified on 12/10/2007 at 14:14) --a---
    D3DX9_37.dll (3786760 bytes - created on 28/11/2008 at 18:43, modified on 05/03/2008 at 14:56) --a---
    D3DX9_38.dll (3850760 bytes - created on 28/11/2008 at 18:43, modified on 30/05/2008 at 13:11) --a---
    D3DX9_39.dll (3851784 bytes - created on 23/11/2008 at 16:07, modified on 12/07/2008 at 07:18) --a---
    d3dxof.dll (53248 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dataclen.dll (45056 bytes - created on 24/11/2008 at 14:32, modified on 26/06/2008 at 03:29) --a---
    davclnt.dll (48640 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    dbgeng.dll (1855488 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dbghelp.dll (798208 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dbnetlib.dll (135168 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dbnmpntw.dll (32768 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 09:46) --a---
    dciman32.dll (10240 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:46) --a---
    dcomcnfg.exe (8704 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:45) --a---
    DDACLSys.dll (15360 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    ddraw.dll (522752 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    ddrawex.dll (30208 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    deploytk.dll (410984 bytes - created on 11/12/2008 at 19:51, modified on 11/12/2008 at 19:51) --a---
    desk.cpl (368640 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:32) --a---
    deskadp.dll (47616 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    deskmon.dll (44544 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    deskperf.dll (39424 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    devenum.dll (64000 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    DeviceProperties.exe (9728 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:45) --a---
    devmgmt.msc (145640 bytes - created on 02/11/2006 at 12:20, modified on 18/09/2006 at 21:45) --a---
    devmgr.dll (377344 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dfrgfat.exe (96768 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    dfrgifc.exe (58880 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    dfrgifps.dll (10240 bytes - created on 02/11/2006 at 12:23, modified on 02/11/2006 at 09:46) --a---
    DfrgNtfs.exe (163840 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    DfrgRes.dll (31744 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:39) --a---
    dfrgui.exe (671232 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    dfshim.dll (96760 bytes - created on 26/02/2009 at 18:23, modified on 27/07/2008 at 18:03) --a---
    DfsShlEx.dll (53760 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:34) --a---
    dhcpcmonitor.dll (10240 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dhcpcsvc.dll (204288 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dhcpcsvc6.dll (128000 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    DHCPQEC.DLL (66048 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dhcpsapi.dll (61440 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dhcpsoc.dll (23552 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dialer.exe (31232 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:45) --a---
    diantz.exe (94208 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    dimsjob.dll (35328 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dimsroam.dll (54784 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dinput.dll (136192 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    dinput8.dll (159232 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    diskcomp.com (13824 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 08:32) --a---
    diskcopy.com (11264 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 08:32) --a---
    diskcopy.dll (1502720 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    diskmgmt.msc (47679 bytes - created on 02/11/2006 at 12:15, modified on 18/09/2006 at 21:34) --a---
    diskpart.exe (120320 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    diskperf.exe (17408 bytes - created on 02/11/2006 at 12:20, modified on 02/11/2006 at 09:45) --a---
    diskraid.exe (230912 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    dispex.dll (32768 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    divx.dll (683520 bytes - created on 23/11/2008 at 17:24, modified on 25/07/2008 at 08:34) --a---
    dllhost.exe (7168 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:45) --a---
    dllhst3g.exe (7168 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:45) --a---
    dmband.dll (30208 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    dmcompos.dll (62976 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    dmdlgs.dll (388096 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dmdskmgr.dll (184320 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dmdskres.dll (536576 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:39) --a---
    dmdskres2.dll (2048 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 05:49) --a---
    dmime.dll (178688 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmintf.dll (23040 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dmloader.dll (38400 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmocx.dll (42496 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmscript.dll (84480 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmstyle.dll (105472 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    dmsynth.dll (105472 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmusic.dll (101888 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmutil.dll (18944 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dmvdsitf.dll (131584 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dmview.ocx (88064 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    dnsapi.dll (165888 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dnscacheugc.exe (25088 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    dnshc.dll (48128 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    docprop.dll (36864 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    doskey.exe (15360 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 09:45) --a---
    dot3api.dll (45056 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dot3cfg.dll (49664 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dot3dlg.dll (45568 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dot3gpclnt.dll (43008 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dot3gpui.dll (235520 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dot3msm.dll (74752 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dot3ui.dll (142848 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dpapimig.exe (407040 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    DpiScaling.exe (160768 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    dpl100.dll (81920 bytes - created on 23/11/2008 at 17:24, modified on 25/07/2008 at 08:34) --a---
    dplaysvr.exe (18944 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    dplayx.dll (212992 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dpmodemx.dll (23040 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dpnaddr.dll (3072 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:03) --a---
    dpnathlp.dll (56832 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dpnet.dll (376320 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dpnhpast.dll (7168 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dpnhupnp.dll (7168 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dpnlobby.dll (3072 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:03) --a---
    dpnsvr.exe (23040 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    dpwsockx.dll (44032 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    dpx.dll (258560 bytes - created on 23/11/2008 at 17:54, modified on 19/01/2008 at 07:34) --a---
    driverquery.exe (66048 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:33) --a---
    drmmgrtn.dll (284672 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    drmv2clt.dll (978432 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:34) --a---
    drprov.dll (17920 bytes - created on 02/11/2006 at 12:23, modified on 02/11/2006 at 09:46) --a---
    drvinst.exe (101888 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    drvstore.dll (246784 bytes - created on 23/11/2008 at 17:54, modified on 19/01/2008 at 07:34) --a---
    ds16gt.dLL (4656 bytes - created on 02/11/2006 at 12:18, modified on 18/09/2006 at 21:28) --a---
    ds32gt.dll (20480 bytes - created on 02/11/2006 at 12:18, modified on 02/11/2006 at 09:46) --a---
    dsauth.dll (29696 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dsdmo.dll (173568 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dskquota.dll (86528 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dskquoui.dll (190976 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dsound.dll (444416 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dsprop.dll (137728 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dsquery.dll (394240 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dssec.dat (215943 bytes - created on 02/11/2006 at 12:37, modified on 18/09/2006 at 21:39) --a---
    dssec.dll (44032 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dssenh.dll (155704 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:38) --a---
    dsuiext.dll (616448 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    dswave.dll (20992 bytes - created on 02/11/2006 at 15:00, modified on 02/11/2006 at 15:00) --a---
    Dtccm.dll (194048 bytes - created on 25/11/2008 at 18:46, modified on 11/01/1997 at 23:00) --a---
    Dtctrace.dll (7168 bytes - created on 25/11/2008 at 18:46, modified on 11/01/1997 at 23:00) --a---
    Dtcutil.dll (48128 bytes - created on 25/11/2008 at 18:46, modified on 11/01/1997 at 23:00) --a---
    dtsh.dll (28672 bytes - created on 02/11/2006 at 12:14, modified on 02/11/2006 at 09:46) --a---
    Dunzip32.dll (98064 bytes - created on 25/11/2008 at 18:46, modified on 18/06/2002 at 15:33) --a---
    duser.dll (183808 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    Duzactx.dll (110592 bytes - created on 25/11/2008 at 18:46, modified on 05/10/1998 at 11:31) --a---
    dvdplay.exe (9728 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    dvdupgrd.exe (21504 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    dwmapi.dll (39936 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    DWWIN.EXE (104448 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    dxdiag.exe (252928 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:33) --a---
    dxdiagn.dll (195072 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    dxgi.dll (171520 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    dxmasf.dll (4096 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:36) --a---
    dxtmsft.dll (348160 bytes - created on 27/01/2009 at 23:17, modified on 15/01/2009 at 10:01) --a---
    dxtrans.dll (216064 bytes - created on 27/01/2009 at 23:17, modified on 15/01/2009 at 10:01) --a---
    dxva2.dll (64512 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    Dzactx.dll (114688 bytes - created on 25/11/2008 at 18:46, modified on 05/10/1998 at 11:32) --a---
    Dzip32.dll (130320 bytes - created on 25/11/2008 at 18:46, modified on 18/06/2002 at 15:33) --a---
    ealregsnapshot1.reg (662 bytes - created on 28/11/2008 at 18:43, modified on 28/11/2008 at 18:43) --a---
    eapp3hst.dll (187904 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    eappcfg.dll (135680 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    eappgnui.dll (93696 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    eapphost.dll (181760 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    eappprxy.dll (41472 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    EAPQEC.DLL (67584 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    efsadu.dll (86528 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    efsui.exe (11776 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    els.dll (179200 bytes - created on 23/11/2008 at 17:56, modified on 19/01/2008 at 07:34) --a---
    encapi.dll (20480 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:46) --a---
    EncDec.dll (428544 bytes - created on 13/02/2009 at 11:52, modified on 05/12/2008 at 04:32) --a---
    EndPaint.bmp (205494 bytes - created on 23/11/2008 at 10:42, modified on 01/03/2009 at 03:26) --a---
    eqossnap.dll (54784 bytes - created on 02/11/2006 at 12:20, modified on 02/11/2006 at 09:46) --a---
    es.dll (269312 bytes - created on 23/11/2008 at 16:04, modified on 23/11/2008 at 16:04) --a---
    esent.dll (1452544 bytes - created on 23/11/2008 at 17:58, modified on 19/01/2008 at 07:34) --a---
    esentprf.dll (36352 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    esentutl.exe (93184 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    esrb.rs (51712 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 05:45) --a---
    eudcedit.exe (205824 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    eventcls.dll (19968 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:34) --a---
    eventcreate.exe (35840 bytes - created on 02/11/2006 at 12:15, modified on 02/11/2006 at 09:45) --a---
    EventViewer_EventDetails.xsl (17952 bytes - created on 02/11/2006 at 12:12, modified on 18/09/2006 at 21:37) --a---
    eventvwr.exe (79872 bytes - created on 02/11/2006 at 12:12, modified on 02/11/2006 at 09:45) --a---
    eventvwr.msc (145127 bytes - created on 02/11/2006 at 12:12, modified on 18/09/2006 at 21:37) --a---
    evr.dll (485888 bytes - created on 23/11/2008 at 17:57, modified on 19/01/2008 at 07:34) --a---
    expand.exe (52736 bytes - created on 23/11/2008 at 17:55, modified on 19/01/2008 at 07:33) --a---
    explorer.exe (2927104 bytes - created on 09/12/2008 at 20:42, modified on 29/10/2008 at 06:29) --a---
    ExplorerFrame.dll (20992 bytes - created on 23/11/2008 at
    a c 295 8 Sécurité
    1 Mars 2009 04:50:34

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Clique droit sur OTMoveIt3.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    %AppData%\cisvc.exe
    %AppData%\cmstp.exe
    %AppData%\comrepl.exe
    %AppData%\dllhst3g.exe
    %AppData%\esentutl.exe
    %AppData%\ieudinit.exe
    %AppData%\microsoft\clipsrv.exe
    %AppData%\microsoft\comrepl.exe
    %AppData%\microsoft\dllhst3g.exe
    %AppData%\microsoft\ieudinit.exe
    %AppData%\microsoft\logman.exe
    %AppData%\microsoft\mqtgsvc.exe
    %AppData%\microsoft\rsvp.exe
    %AppData%\mstsc.exe
    %AppData%\rsvp.exe
    %AppData%\sessmgr.exe
    %AppData%\spoolsv.exe
    %System%\drivers\cmstp.exe
    %System%\drivers\ieudinit.exe
    %System%\drivers\sessmgr.exe
    %Temp%\cisvc.exe
    %Temp%\dllhst3g.exe
    %Temp%\esentutl.exe
    %Temp%\mstinit.exe
    %Windir%\esentutl.exe
    %Windir%\logman.exe
    %Windir%\mstinit.exe
    %Windir%\rsvp.exe
    %Windir%\system\ieudinit.exe
    %Windir%\system\mqtgsvc.exe
    %Windir%\system\spoolsv.exe
    %AppData%\clipsrv.exe
    %AppData%\cmstp.exe
    %AppData%\esentutl.exe
    %AppData%\logman.exe
    %AppData%\microsoft\cisvc.exe
    %AppData%\microsoft\esentutl.exe
    %AppData%\microsoft\ieudinit.exe
    %AppData%\microsoft\logman.exe
    %AppData%\microsoft\mstinit.exe
    %AppData%\microsoft\rsvp.exe
    %AppData%\microsoft\spoolsv.exe
    %AppData%\sessmgr.exe
    %AppData%\spoolsv.exe
    %CommonPrograms%\startup\adobe.com
    %System%\drivers\ieudinit.exe
    %System%\triangle.scr
    %Temp%\cisvc.exe
    %Temp%\cmstp.exe
    %Temp%\logman.exe
    %Temp%\mstinit.exe
    %Temp%\mstsc.exe
    %Temp%\sessmgr.exe
    %Temp%\spoolsv.exe
    %Windir%\cisvc.exe
    %Windir%\cmstp.exe
    %Windir%\ctfmon.exe
    %Windir%\dfrgntfs.exe
    %Windir%\dllhst3g.exe
    %Windir%\dora.exe
    %Windir%\esentutl.exe
    %Windir%\help\help.exe
    %Windir%\logman.exe
    %Windir%\mstinit.exe
    %Windir%\narrator.exe
    %Windir%\proxycfg.exe
    %Windir%\qprocess.exe
    %Windir%\reg.exe
    %Windir%\sessmgr.exe
    %Windir%\spoolsv.exe
    %Windir%\system\cisvc.exe
    %Windir%\system\clipsrv.exe
    %Windir%\system\comrepl.exe
    %Windir%\system\csrss.exe
    %Windir%\system\debug.com
    %Windir%\system\ieudinit.exe
    %Windir%\system\logman.exe
    %Windir%\system\lsass.exe
    %Windir%\system\mqtgsvc.exe
    %Windir%\system\smss.exe
    %Windir%\system\winlogon.exe
    c:\windows.exe

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    1 Mars 2009 05:03:40

    ========== PROCESSES ==========
    Unable to kill process: explorer.exe
    ========== FILES ==========
    Folder C:\Users\Mertens Franck\AppData\Roaming\cisvc.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\cmstp.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\comrepl.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\dllhst3g.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\esentutl.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\ieudinit.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\clipsrv.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\comrepl.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\dllhst3g.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\ieudinit.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\logman.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\mqtgsvc.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\rsvp.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\mstsc.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\rsvp.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\sessmgr.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\spoolsv.exe not found.
    Invalid Environment Variable: System
    Invalid Environment Variable: System
    Invalid Environment Variable: System
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\cisvc.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\dllhst3g.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\esentutl.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\mstinit.exe not found.
    Folder C:\Windows\esentutl.exe not found.
    Folder C:\Windows\logman.exe not found.
    Folder C:\Windows\mstinit.exe not found.
    Folder C:\Windows\rsvp.exe not found.
    Folder C:\Windows\system\ieudinit.exe not found.
    Folder C:\Windows\system\mqtgsvc.exe not found.
    Folder C:\Windows\system\spoolsv.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\clipsrv.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\cmstp.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\esentutl.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\logman.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\cisvc.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\esentutl.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\ieudinit.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\logman.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\mstinit.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\rsvp.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\microsoft\spoolsv.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\sessmgr.exe not found.
    Folder C:\Users\Mertens Franck\AppData\Roaming\spoolsv.exe not found.
    Invalid Environment Variable: CommonPrograms
    Invalid Environment Variable: System
    Invalid Environment Variable: System
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\cisvc.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\cmstp.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\mstinit.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\mstsc.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\sessmgr.exe not found.
    Folder C:\Users\MERTEN~1\AppData\Local\Temp\spoolsv.exe not found.
    Folder C:\Windows\cisvc.exe not found.
    Folder C:\Windows\cmstp.exe not found.
    Folder C:\Windows\ctfmon.exe not found.
    Folder C:\Windows\dfrgntfs.exe not found.
    Folder C:\Windows\dllhst3g.exe not found.
    Folder C:\Windows\dora.exe not found.
    Folder C:\Windows\esentutl.exe not found.
    Folder C:\Windows\help\help.exe not found.
    Folder C:\Windows\logman.exe not found.
    Folder C:\Windows\mstinit.exe not found.
    Folder C:\Windows\narrator.exe not found.
    Folder C:\Windows\proxycfg.exe not found.
    Folder C:\Windows\qprocess.exe not found.
    Folder C:\Windows\reg.exe not found.
    Folder C:\Windows\sessmgr.exe not found.
    Folder C:\Windows\spoolsv.exe not found.
    Folder C:\Windows\system\cisvc.exe not found.
    Folder C:\Windows\system\clipsrv.exe not found.
    Folder C:\Windows\system\comrepl.exe not found.
    Folder C:\Windows\system\csrss.exe not found.
    Folder C:\Windows\system\debug.com not found.
    Folder C:\Windows\system\ieudinit.exe not found.
    Folder C:\Windows\system\logman.exe not found.
    Folder C:\Windows\system\lsass.exe not found.
    Folder C:\Windows\system\mqtgsvc.exe not found.
    Folder C:\Windows\system\smss.exe not found.
    Folder C:\Windows\system\winlogon.exe not found.
    File/Folder c:\windows.exe not found.
    ========== COMMANDS ==========
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_HC84dSztmFDvAw5FpKq1 scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_HC84dSztmFDvAw5FpKq1-journal scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DFE361.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DFE36A.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DFE3C7.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DFE3D0.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DFE400.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Users\MERTEN~1\AppData\Local\Temp\~DFE40B.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03012009_044736

    Files moved on Reboot...
    File C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_HC84dSztmFDvAw5FpKq1 not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\etilqs_HC84dSztmFDvAw5FpKq1-journal not found!
    C:\Users\MERTEN~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DFE361.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DFE36A.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DFE3C7.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DFE3D0.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DFE400.tmp not found!
    File C:\Users\MERTEN~1\AppData\Local\Temp\~DFE40B.tmp not found!
    a c 295 8 Sécurité
    1 Mars 2009 05:09:52

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).

  • Refais un scan RSIT et poste le rapport log.
    1 Mars 2009 05:15:17

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Mertens Franck at 2009-03-01 05:09:22
    Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
    System drive C: has 30 GB (21%) free of 143 GB
    Total RAM: 6134 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:09:23, on 1/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files (x86)\ASUS\OC Palm\AsG_Manager.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\LaunchApplication\AsG_LaunchApplication.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\TurboV\AsG_TurboV.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\HardwareMonitoring\AsG_HardwareMonitor.exe
    C:\Program Files (x86)\Asus\OC Palm\Gadgets\ywidget\ywidget.exe
    C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
    C:\Windows\vVX3000.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Mertens Franck\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Mertens Franck.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] "C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9975 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A3003B3A-7AC8-4454-B2FD-BACB953DBB8F}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-02 1082880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-11 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-11 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-09-12 4039168]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2008-05-28 380928%
    1 Mars 2009 05:15:37

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Mertens Franck at 2009-03-01 05:09:22
    Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
    System drive C: has 30 GB (21%) free of 143 GB
    Total RAM: 6134 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:09:23, on 1/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files (x86)\ASUS\OC Palm\AsG_Manager.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\LaunchApplication\AsG_LaunchApplication.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\TurboV\AsG_TurboV.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\HardwareMonitoring\AsG_HardwareMonitor.exe
    C:\Program Files (x86)\Asus\OC Palm\Gadgets\ywidget\ywidget.exe
    C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
    C:\Windows\vVX3000.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Mertens Franck\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Mertens Franck.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] "C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9975 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A3003B3A-7AC8-4454-B2FD-BACB953DBB8F}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-02 1082880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-11 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-11 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-09-12 4039168]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2008-05-28 380928]
    "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2008-04-15 1310720]
    "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "Corel File Shell Monitor"=C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [2007-12-01 38400]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-11 136600]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1555968]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\SysWOW64\Notepad.exe %1
    .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-03-01 05:06:42 ----D---- C:\Program Files (x86)\CCleaner
    2009-03-01 04:36:27 ----A---- C:\DirLook2.txt
    2009-03-01 04:28:11 ----A---- C:\DirLook1.txt
    2009-03-01 04:27:23 ----A---- C:\DirLook.txt
    2009-03-01 04:13:40 ----D---- C:\32788R22FWJFW
    2009-03-01 04:11:04 ----D---- C:\ComboFix
    2009-03-01 04:11:04 ----A---- C:\Windows\system32\CF16546.exe
    2009-03-01 04:10:05 ----A---- C:\Windows\system32\swsc.exe
    2009-03-01 04:10:05 ----A---- C:\Windows\system32\CF16353.exe
    2009-03-01 04:10:04 ----A---- C:\Bug.txt
    2009-03-01 04:10:02 ----A---- C:\Windows\system32\cmd.execf
    2009-03-01 02:50:23 ----D---- C:\ProgramData\Avira
    2009-03-01 02:50:23 ----D---- C:\Program Files (x86)\Avira
    2009-03-01 02:20:37 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\ProgramData\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-03-01 02:09:00 ----D---- C:\_OTMoveIt
    2009-03-01 01:34:12 ----D---- C:\Program Files (x86)\trend micro
    2009-03-01 01:34:11 ----D---- C:\rsit
    2009-02-26 19:28:46 ----A---- C:\Windows\system32\icardres.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\infocardapi.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\icardagt.exe
    2009-02-26 19:28:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-26 19:28:39 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-02-26 19:23:36 ----A---- C:\Windows\system32\netfxperf.dll
    2009-02-26 19:23:21 ----A---- C:\Windows\system32\dfshim.dll
    2009-02-26 19:23:12 ----A---- C:\Windows\system32\mscoree.dll
    2009-02-26 19:23:03 ----A---- C:\Windows\system32\mscorier.dll
    2009-02-26 19:22:58 ----A---- C:\Windows\system32\mscories.dll
    2009-02-13 12:52:43 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-13 12:52:40 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files\Skype
    2009-02-03 17:36:49 ----RD---- C:\Program Files (x86)\Skype

    ======List of files/folders modified in the last 1 months======

    2009-03-01 05:09:22 ----D---- C:\Windows\Temp
    2009-03-01 05:08:20 ----D---- C:\Windows\Minidump
    2009-03-01 05:08:20 ----D---- C:\Windows\Debug
    2009-03-01 05:08:20 ----D---- C:\Windows
    2009-03-01 05:06:42 ----RD---- C:\Program Files (x86)
    2009-03-01 04:30:48 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Skype
    2009-03-01 04:11:04 ----D---- C:\Windows\SysWOW64
    2009-03-01 02:50:25 ----D---- C:\Windows\Prefetch
    2009-03-01 02:50:23 ----HD---- C:\ProgramData
    2009-03-01 02:50:23 ----D---- C:\Windows\system32\drivers
    2009-03-01 02:43:18 ----D---- C:\Windows\System32
    2009-03-01 02:13:08 ----D---- C:\Windows\system32\GdgEvent
    2009-03-01 00:18:24 ----D---- C:\Program Files (x86)\Warhammer Online - Age of Reckoning
    2009-02-27 01:53:42 ----SHD---- C:\System Volume Information
    2009-02-26 21:22:59 ----D---- C:\Windows\rescache
    2009-02-26 21:11:29 ----RSD---- C:\Windows\assembly
    2009-02-26 21:11:29 ----D---- C:\Windows\Microsoft.NET
    2009-02-26 21:06:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
    2009-02-26 21:00:20 ----D---- C:\Windows\system32\fr-FR
    2009-02-26 21:00:19 ----D---- C:\Windows\system32\XPSViewer
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\wbem
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\en-US
    2009-02-26 19:37:03 ----SHD---- C:\Windows\Installer
    2009-02-26 19:37:03 ----HD---- C:\Config.Msi
    2009-02-26 19:36:49 ----D---- C:\Windows\winsxs
    2009-02-24 10:05:23 ----D---- C:\Program Files (x86)\Steam
    2009-02-24 09:22:57 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-02-20 10:56:53 ----D---- C:\Windows\inf
    2009-02-17 19:55:52 ----SD---- C:\Windows\Downloaded Program Files
    2009-02-16 18:45:30 ----D---- C:\Program Files (x86)\Messenger Plus! Live
    2009-02-13 12:55:22 ----D---- C:\Windows\ehome
    2009-02-13 12:54:26 ----D---- C:\ProgramData\Microsoft Help
    2009-02-13 12:53:48 ----D---- C:\Program Files (x86)\Windows Mail
    2009-02-09 19:54:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-02-04 00:00:46 ----D---- C:\Users\Mertens Franck\AppData\Roaming\skypePM
    2009-02-03 17:36:50 ----D---- C:\ProgramData\Skype
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
    R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
    R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys []
    R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys []
    R3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service; C:\Windows\system32\DRIVERS\AVerBDA3x_x64.sys []
    R3 dc3d;USBCCGP filter driver (dc3d); C:\Windows\system32\DRIVERS\dc3d.sys []
    R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys []
    R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys []
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
    R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
    R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2007-03-20 61440]
    R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 MSCamSvc;MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe [2007-05-17 443752]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe []
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-01-16 316664]
    S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

    -----------------EOF-----------------
    a c 295 8 Sécurité
    1 Mars 2009 05:18:21

    Avec HijackThis, fixe ces deux lignes puis redémarre :

    F3 - REG:win.ini: load=C:\Users\MERTEN~1\AppData\Local\Temp\logman.exe
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    Puis un scan RSIT avec rapport log.
    1 Mars 2009 05:24:34

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Mertens Franck at 2009-03-01 05:19:31
    Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
    System drive C: has 30 GB (21%) free of 143 GB
    Total RAM: 6134 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:19:32, on 1/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
    C:\Program Files (x86)\ASUS\OC Palm\AsG_Manager.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files (x86)\ASUS\AASP\1.00.76\aaCenter.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\LaunchApplication\AsG_LaunchApplication.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\TurboV\AsG_TurboV.exe
    C:\Program Files (x86)\ASUS\OC Palm\Gadgets\HardwareMonitoring\AsG_HardwareMonitor.exe
    C:\Program Files (x86)\Asus\OC Palm\Gadgets\ywidget\ywidget.exe
    C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
    C:\Windows\vVX3000.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ASUS\TurboV\TurboV.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Users\Mertens Franck\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Mertens Franck.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] "C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASDR - Unknown owner - C:\Windows\SysWOW64\ASDR.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
    O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9840 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{A3003B3A-7AC8-4454-B2FD-BACB953DBB8F}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-02 1082880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2008-12-11 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2008-12-11 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TurboV"=C:\Program Files\ASUS\TurboV\TurboV.exe [2008-09-12 4039168]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-26 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [2008-05-28 380928]
    "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2008-04-15 1310720]
    "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
    "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "Corel File Shell Monitor"=C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [2007-12-01 38400]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2008-12-11 136600]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1555968]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=
    "ForceActiveDesktopOn"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\SysWOW64\Notepad.exe %1
    .js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-03-01 05:06:42 ----D---- C:\Program Files (x86)\CCleaner
    2009-03-01 04:36:27 ----A---- C:\DirLook2.txt
    2009-03-01 04:28:11 ----A---- C:\DirLook1.txt
    2009-03-01 04:27:23 ----A---- C:\DirLook.txt
    2009-03-01 04:13:40 ----D---- C:\32788R22FWJFW
    2009-03-01 04:11:04 ----D---- C:\ComboFix
    2009-03-01 04:11:04 ----A---- C:\Windows\system32\CF16546.exe
    2009-03-01 04:10:05 ----A---- C:\Windows\system32\swsc.exe
    2009-03-01 04:10:05 ----A---- C:\Windows\system32\CF16353.exe
    2009-03-01 04:10:04 ----A---- C:\Bug.txt
    2009-03-01 04:10:02 ----A---- C:\Windows\system32\cmd.execf
    2009-03-01 02:50:23 ----D---- C:\ProgramData\Avira
    2009-03-01 02:50:23 ----D---- C:\Program Files (x86)\Avira
    2009-03-01 02:20:37 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\ProgramData\Malwarebytes
    2009-03-01 02:20:32 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2009-03-01 02:09:00 ----D---- C:\_OTMoveIt
    2009-03-01 01:34:12 ----D---- C:\Program Files (x86)\trend micro
    2009-03-01 01:34:11 ----D---- C:\rsit
    2009-02-26 19:28:46 ----A---- C:\Windows\system32\icardres.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\infocardapi.dll
    2009-02-26 19:28:45 ----A---- C:\Windows\system32\icardagt.exe
    2009-02-26 19:28:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-26 19:28:39 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-02-26 19:23:36 ----A---- C:\Windows\system32\netfxperf.dll
    2009-02-26 19:23:21 ----A---- C:\Windows\system32\dfshim.dll
    2009-02-26 19:23:12 ----A---- C:\Windows\system32\mscoree.dll
    2009-02-26 19:23:03 ----A---- C:\Windows\system32\mscorier.dll
    2009-02-26 19:22:58 ----A---- C:\Windows\system32\mscories.dll
    2009-02-13 12:52:43 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-13 12:52:40 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files\Skype
    2009-02-03 17:36:49 ----RD---- C:\Program Files (x86)\Skype

    ======List of files/folders modified in the last 1 months======

    2009-03-01 05:17:59 ----D---- C:\Windows\Temp
    2009-03-01 05:08:20 ----D---- C:\Windows\Minidump
    2009-03-01 05:08:20 ----D---- C:\Windows\Debug
    2009-03-01 05:08:20 ----D---- C:\Windows
    2009-03-01 05:06:42 ----RD---- C:\Program Files (x86)
    2009-03-01 04:30:48 ----D---- C:\Users\Mertens Franck\AppData\Roaming\Skype
    2009-03-01 04:11:04 ----D---- C:\Windows\SysWOW64
    2009-03-01 02:50:25 ----D---- C:\Windows\Prefetch
    2009-03-01 02:50:23 ----HD---- C:\ProgramData
    2009-03-01 02:50:23 ----D---- C:\Windows\system32\drivers
    2009-03-01 02:43:18 ----D---- C:\Windows\System32
    2009-03-01 02:13:08 ----D---- C:\Windows\system32\GdgEvent
    2009-03-01 00:18:24 ----D---- C:\Program Files (x86)\Warhammer Online - Age of Reckoning
    2009-02-27 01:53:42 ----SHD---- C:\System Volume Information
    2009-02-26 21:22:59 ----D---- C:\Windows\rescache
    2009-02-26 21:11:29 ----RSD---- C:\Windows\assembly
    2009-02-26 21:11:29 ----D---- C:\Windows\Microsoft.NET
    2009-02-26 21:06:25 ----D---- C:\Program Files (x86)\Microsoft Silverlight
    2009-02-26 21:00:20 ----D---- C:\Windows\system32\fr-FR
    2009-02-26 21:00:19 ----D---- C:\Windows\system32\XPSViewer
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\wbem
    2009-02-26 21:00:18 ----D---- C:\Windows\system32\en-US
    2009-02-26 19:37:03 ----SHD---- C:\Windows\Installer
    2009-02-26 19:37:03 ----HD---- C:\Config.Msi
    2009-02-26 19:36:49 ----D---- C:\Windows\winsxs
    2009-02-24 10:05:23 ----D---- C:\Program Files (x86)\Steam
    2009-02-24 09:22:57 ----D---- C:\Program Files (x86)\Common Files\Steam
    2009-02-20 10:56:53 ----D---- C:\Windows\inf
    2009-02-17 19:55:52 ----SD---- C:\Windows\Downloaded Program Files
    2009-02-16 18:45:30 ----D---- C:\Program Files (x86)\Messenger Plus! Live
    2009-02-13 12:55:22 ----D---- C:\Windows\ehome
    2009-02-13 12:54:26 ----D---- C:\ProgramData\Microsoft Help
    2009-02-13 12:53:48 ----D---- C:\Program Files (x86)\Windows Mail
    2009-02-09 19:54:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
    2009-02-04 00:00:46 ----D---- C:\Users\Mertens Franck\AppData\Roaming\skypePM
    2009-02-03 17:36:50 ----D---- C:\ProgramData\Skype
    2009-02-03 17:36:50 ----D---- C:\Program Files (x86)\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
    R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
    R1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys []
    R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys []
    R3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service; C:\Windows\system32\DRIVERS\AVerBDA3x_x64.sys []
    R3 dc3d;USBCCGP filter driver (dc3d); C:\Windows\system32\DRIVERS\dc3d.sys []
    R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys []
    R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
    R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
    R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys []
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []
    R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
    R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys []
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 ASDR;ASDR; C:\Windows\SysWOW64\ASDR.exe [2007-03-20 61440]
    R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 MSCamSvc;MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe [2007-05-17 443752]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe []
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
    S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-01-16 316664]
    S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

    -----------------EOF-----------------
    1 Mars 2009 05:32:43

    Bon je vais formater mon pc. C'est la meilleur chose à faire.
    Un tout grand merci pour ton aide. Bonne contination à toi.
    Et encore mille fois merci :-)
    a c 295 8 Sécurité
    1 Mars 2009 05:32:44

    C'est mieux ?
    1 Mars 2009 05:34:38

    Depuis tout à l'heure je n'ai plus rien effectivement.
    Mais si cela recommence je formaterai la machine.
    merci encore
    a c 295 8 Sécurité
    1 Mars 2009 05:37:54

    1/

  • Désinstalle HijackThis.

  • Désinstalle les programmes suivants :
    - Java(TM) 6 Update 11
    - Java(TM) 6 Update 3
    - Java(TM) 6 Update 7

  • Mets à jour Java.


    2/

  • Télécharge OTCleanIt sur ton Bureau :
  • Clique droit sur OTCleanIt et choisis Exécuter en tant qu'administrateur.
  • Clique sur CleanUp! puis clique sur Yes à la fenêtre Confirm.
  • Redémarre ton PC comme demandé.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

  • Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS