Votre question

message VIRUS ALERT! dans la barre des taches[RESOLU

Tags :
  • barre de tache
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Octobre 2008 10:52:08

Bonjour à tous,

voilà, j'ai ce messgae apres avoir voulu installer un pack de codec!!!
j'ai arreté l'instalaltion mais ca a visiblement eu le tmùeps de faire des dégat.

j'avais norton installé, j'ai essayé de passer avast mais sans succes, j'ai toujour sle problem.

Voici mon rapport Hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24: VIRUS ALERT!, on 20/08/2006
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\DNA\btdna.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
C:\Program Files\Nikon\NkView4\NkVwMon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: rosqxvmn - {7C554665-B775-4305-BAE6-E310B361F216} - C:\WINDOWS\rosqxvmn.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [{9284C590-2364-B640-A982-E205A23DFC68}] "C:\Documents and Settings\Kinou\Mes documents\Mes images\FotoStation Easy\Edited\MSCodec.1408.13.exe" /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TaskMonitor] C:\WINDOWS\system32\TaskMonitor.exe
O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
O4 - HKCU\..\Run: [Weflirt] "C:\Program Files\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (User 'Default user')
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
O4 - Global Startup: ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
O4 - Global Startup: NkVwMon.exe.lnk = C:\Program Files\Nikon\NkView4\NkVwMon.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 13562 bytes


merci pour votre aide (ps accessoirement comment on utilise ce rapport ?

Autres pages sur : message virus alert barre taches resolu

a b 8 Sécurité
20 Octobre 2008 17:11:27

Bonjour,

Télécharge Smitfraudfix (de S!ri).
Enregistre-le sur ton bureau.
Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.

**Si le lien ne fonctionne pas, clique ici**
20 Octobre 2008 21:26:05

voila ...

SmitFraudFix v2.365

Rapport fait à 19:39:36,87, 20/08/2006
Executé à partir de G:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\DNA\btdna.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
C:\Program Files\Nikon\NkView4\NkVwMon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
C:\Program Files\Fichiers communs\Symantec Shared\SecurityHistory\mcui32.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\lomxeqsn.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Kinou


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Kinou\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Kinou\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CS2\Services\Tcpip\..\{6EE5E060-A97B-4834-9F57-DCF6AA5EA08C}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Contenus similaires
a b 8 Sécurité
21 Octobre 2008 12:42:15

Re,

On va faire tout d'un coup :) 

Télécharge Random's System Information Tool (RSIT) par (random/random[/#f]) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt [#ff0000](affiché)

  • ainsi que de info.txt (réduit dans la Barre des Tâches).
  • Veille bien à poster l'intégralité des rapports. Vérifie qu'ils soient complets une fois que tu les as postés.

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    21 Octobre 2008 14:49:50

    Le log.txt
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Kinou at 2006-08-21 14:15:34
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 71 GB (61%) free of 116 GB
    Total RAM: 767 MB (37% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:15:43, on 21/08/2006
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\DNA\btdna.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
    C:\Program Files\Nikon\NkView4\NkVwMon.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Documents and Settings\Kinou\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Kinou.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O3 - Toolbar: rosqxvmn - {7C554665-B775-4305-BAE6-E310B361F216} - C:\WINDOWS\rosqxvmn.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [{9284C590-2364-B640-A982-E205A23DFC68}] "C:\Documents and Settings\Kinou\Mes documents\Mes images\FotoStation Easy\Edited\MSCodec.1408.13.exe" /r
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [TaskMonitor] C:\WINDOWS\system32\TaskMonitor.exe
    O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background
    O4 - HKCU\..\Run: [Weflirt] "C:\Program Files\Weflirt\weflirt.exe" -background
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (User 'SYSTEM')
    O4 - .DEFAULT Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE (User 'Default user')
    O4 - .DEFAULT Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (User 'Default user')
    O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
    O4 - Global Startup: ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
    O4 - Global Startup: NkVwMon.exe.lnk = C:\Program Files\Nikon\NkView4\NkVwMon.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 13395 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Norton Internet Security - Effectuer une analyse complète du système - Kinou.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll [2008-06-30 349552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll [2008-07-31 116088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
    ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll []
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll [2008-06-30 349552]
    {7C554665-B775-4305-BAE6-E310B361F216} - rosqxvmn - C:\WINDOWS\rosqxvmn.dll [2008-10-15 212992]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
    "LaunchApp"=Alaunch []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
    "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
    ""= []
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
    "IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
    "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
    "POINTER"=point32.exe []
    "SpeedTouch USB Diagnostics"=C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe [2001-10-03 4247552]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-11-21 35328]
    "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2002-07-10 1048576]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-05-21 282624]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
    "LogitechCameraAssistant"=C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-12-07 489472]
    "LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2005-12-07 73728]
    "LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
    "ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2008-01-25 51048]
    "osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2008-02-07 718704]
    "{9284C590-2364-B640-A982-E205A23DFC68}"=C:\Documents and Settings\Kinou\Mes documents\Mes images\FotoStation Easy\Edited\MSCodec.1408.13.exe /r []
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "TaskMonitor"=C:\WINDOWS\system32\TaskMonitor.exe []
    "DialMessenger"=C:\Program Files\DialMessenger\dialmessenger.exe -background []
    "Weflirt"=C:\Program Files\Weflirt\weflirt.exe -background []
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-09-22 289088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    FotoStation Easy AutoLaunch.lnk - C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
    ImageMixer for HDD Camcorder.lnk - C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
    NkVwMon.exe.lnk - C:\Program Files\Nikon\NkView4\NkVwMon.exe
    WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

    C:\Documents and Settings\Kinou\Menu Démarrer\Programmes\Démarrage
    Démarrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
    Microsoft Recherche accélérée.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\DOCUME~1\Kinou\LOCALS~1\Temp\msnmsg.exe"="C:\DOCUME~1\Kinou\LOCALS~1\Temp\msnmsg.exe:*:Enabled:MSN Plus"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e2106b2-62dd-11dc-958c-0090d02eca4b}]
    shell\AutoRun\command - J:\sysboot.scr
    shell\open\command - J:\sysboot.scr

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0d35774-fde1-11dc-9812-0090d02eca4b}]
    shell\AutoRun\command - J:\InstallTomTomHOME.exe


    ======File associations======

    .bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"
    .ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"
    .scr - open -
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2008-10-16 00:05:26 ----D---- C:\Documents and Settings\Kinou\Application Data\TmpRecentIcons
    2008-10-16 00:05:12 ----A---- C:\WINDOWS\rosqxvmn.dll
    2008-10-16 00:05:12 ----A---- C:\WINDOWS\lomxeqsn.exe
    2008-10-16 00:05:12 ----A---- C:\WINDOWS\efdv.exe
    2008-10-12 23:06:34 ----A---- C:\Documents and Settings\All Users\Application Data\ISx55B.tmp
    2008-10-12 23:01:25 ----A---- C:\Documents and Settings\All Users\Application Data\ISx2B4.tmp
    2008-10-04 11:17:50 ----A---- C:\WINDOWS\system32\Filzip.ini
    2008-09-25 00:13:39 ----D---- C:\Program Files\Neuf
    2008-09-23 23:05:53 ----D---- C:\Documents and Settings\All Users\Application Data\Google
    2008-09-22 23:15:07 ----D---- C:\Documents and Settings\Kinou\Application Data\BitTorrent
    2008-09-22 23:14:03 ----D---- C:\Program Files\DNA
    2008-09-22 23:14:03 ----D---- C:\Documents and Settings\Kinou\Application Data\DNA
    2008-09-22 23:14:02 ----D---- C:\Program Files\BitTorrent
    2008-09-13 23:35:35 ----D---- C:\Program Files\Sun
    2008-09-13 23:34:54 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-09-13 23:34:54 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-09-13 23:34:54 ----A---- C:\WINDOWS\system32\java.exe
    2008-09-10 10:01:06 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-09-10 10:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2008-09-04 23:19:08 ----D---- C:\Program Files\ATnotes
    2008-08-14 10:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-08-14 10:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-08-14 10:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
    2008-08-14 10:02:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-08-14 10:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
    2008-08-14 10:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-08-14 10:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-07-31 01:24:57 ----D---- C:\Documents and Settings\Kinou\Application Data\Symantec
    2008-07-31 01:23:04 ----D---- C:\Program Files\Windows Sidebar
    2008-07-31 01:22:17 ----D---- C:\Program Files\Norton Internet Security
    2008-07-31 01:21:23 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
    2008-07-23 22:29:56 ----D---- C:\Downloads
    2008-07-23 22:29:17 ----D---- C:\Program Files\BitComet
    2008-07-23 01:46:15 ----D---- C:\BJPrinter
    2008-07-23 00:47:17 ----D---- C:\Program Files\eMule
    2008-07-12 22:02:52 ----D---- C:\Program Files\YesMessenger
    2008-07-09 15:44:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-07-09 15:44:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-06-20 08:28:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-06-19 00:17:27 ----D---- C:\WINDOWS\Prefetch
    2008-06-19 00:14:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-06-19 00:14:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
    2008-06-19 00:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-06-19 00:08:44 ----D---- C:\Program Files\msn
    2008-06-19 00:08:43 ----D---- C:\WINDOWS\system32\fr
    2008-06-19 00:08:43 ----D---- C:\WINDOWS\l2schemas
    2008-06-19 00:08:42 ----D---- C:\WINDOWS\system32\bits
    2008-06-19 00:05:47 ----D---- C:\WINDOWS\ServicePackFiles
    2008-06-18 23:59:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-06-18 23:53:04 ----N---- C:\WINDOWS\system32\wmphoto.dll
    2008-06-18 23:53:02 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-06-18 23:53:00 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
    2008-06-18 23:53:00 ----N---- C:\WINDOWS\system32\windowscodecs.dll
    2008-06-18 23:52:51 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-06-18 23:52:51 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-06-18 23:52:43 ----N---- C:\WINDOWS\system32\spupdwxp.exe
    2008-06-18 23:52:42 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
    2008-06-18 23:52:40 ----N---- C:\WINDOWS\system32\slserv.exe
    2008-06-18 23:52:40 ----N---- C:\WINDOWS\system32\slrundll.exe
    2008-06-18 23:52:40 ----N---- C:\WINDOWS\system32\slgen.dll
    2008-06-18 23:52:40 ----N---- C:\WINDOWS\system32\slextspk.dll
    2008-06-18 23:52:40 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2008-06-18 23:52:40 ----N---- C:\WINDOWS\slrundll.exe
    2008-06-18 23:52:37 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-06-18 23:52:34 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2008-06-18 23:52:33 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-06-18 23:52:31 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-06-18 23:52:30 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-06-18 23:52:29 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-06-18 23:52:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-06-18 23:52:29 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-06-18 23:52:27 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
    2008-06-18 23:52:24 ----N---- C:\WINDOWS\system32\onex.dll
    2008-06-18 23:52:21 ----N---- C:\WINDOWS\system32\nv4_disp.dll
    2008-06-18 23:52:15 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-06-18 23:52:15 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-06-18 23:52:15 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-06-18 23:52:14 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2008-06-18 23:52:13 ----A---- C:\WINDOWS\system32\msxml6r.dll
    2008-06-18 23:52:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-06-18 23:52:12 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-06-18 23:51:58 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-06-18 23:51:58 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-06-18 23:51:58 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-06-18 23:51:58 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-06-18 23:51:56 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2008-06-18 23:51:46 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-06-18 23:51:45 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-06-18 23:51:45 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-06-18 23:51:45 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-06-18 23:51:44 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-06-18 23:51:44 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-06-18 23:51:40 ----N---- C:\WINDOWS\system32\smtpapi.dll
    2008-06-18 23:51:40 ----N---- C:\WINDOWS\system32\rwnh.dll
    2008-06-18 23:51:37 ----N---- C:\WINDOWS\system32\comsdupd.exe
    2008-06-18 23:51:33 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2008-06-18 23:51:27 ----A---- C:\WINDOWS\003095_.tmp
    2008-06-18 23:51:26 ----N---- C:\WINDOWS\system32\faxpatch.exe
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-06-18 23:51:24 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-06-18 23:51:22 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-06-18 23:51:22 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-06-18 23:51:21 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-06-18 23:51:21 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-06-18 23:51:21 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-06-18 23:51:21 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-06-18 23:51:21 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-06-18 23:51:20 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-06-18 23:51:20 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-06-18 23:51:19 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-06-18 23:51:16 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-06-18 23:51:10 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-06-18 23:51:10 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-06-18 23:51:09 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2008-06-18 23:51:08 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2008-06-18 23:51:08 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2008-06-18 23:51:01 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-06-18 19:52:28 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-06-13 14:45:48 ----A---- C:\WINDOWS\system32\SymNeti.dll
    2008-06-13 14:45:44 ----A---- C:\WINDOWS\system32\SymRedir.dll
    2008-06-11 16:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
    2008-06-11 16:19:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
    2008-06-11 16:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
    2008-06-11 16:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
    2008-06-11 02:07:24 ----A---- C:\WINDOWS\system32\DivXsm.exe
    2008-06-11 02:07:20 ----A---- C:\WINDOWS\system32\qt-dx331.dll
    2008-06-11 02:04:26 ----A---- C:\WINDOWS\system32\ssldivx.dll
    2008-06-11 02:04:26 ----A---- C:\WINDOWS\system32\libdivx.dll
    2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dtu100.dll.manifest
    2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dtu100.dll
    2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dpl100.dll.manifest
    2008-06-11 02:03:26 ----A---- C:\WINDOWS\system32\dpl100.dll
    2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpv11.dll
    2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpus11.dll
    2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpuGUI11.dll
    2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpuGUI10.dll
    2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpu11.dll
    2008-06-11 02:03:22 ----A---- C:\WINDOWS\system32\dpu10.dll
    2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx11.dll
    2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
    2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
    2008-06-11 02:03:20 ----A---- C:\WINDOWS\system32\divx_xx07.dll
    2008-06-11 02:03:18 ----A---- C:\WINDOWS\system32\DivX.dll
    2008-05-30 10:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
    2008-05-23 00:18:54 ----A---- C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-05-14 08:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
    2008-04-22 11:16:57 ----D---- C:\Program Files\Dofus
    2008-04-08 23:36:12 ----HDC---- C:\WINDOWS\$NtUninstallKB948881$
    2008-04-08 23:36:07 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
    2008-04-08 23:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
    2008-04-08 23:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
    2008-03-30 00:50:47 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
    2008-03-30 00:45:52 ----D---- C:\Documents and Settings\Kinou\Application Data\TomTom
    2008-03-30 00:45:21 ----D---- C:\Program Files\TomTom HOME 2
    2008-03-02 10:51:18 ----SHDC---- C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-03-02 10:50:53 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-02-13 16:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
    2008-02-13 16:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
    2008-01-19 01:10:10 ----D---- C:\Documents and Settings\Kinou\Application Data\Mozilla
    2008-01-19 01:10:09 ----D---- C:\Documents and Settings\Kinou\Application Data\Participatory Culture Foundation
    2008-01-10 02:49:29 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
    2008-01-10 02:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
    2007-12-28 11:17:49 ----A---- C:\debugInstaller.txt
    2007-12-12 16:21:50 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
    2007-12-12 16:20:54 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
    2007-12-12 16:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2007-12-12 16:20:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$
    2007-12-12 16:20:02 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
    2007-11-14 09:23:06 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
    2007-11-11 17:38:42 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2007-11-11 15:09:01 ----D---- C:\Program Files\Windows Live
    2007-11-11 15:09:01 ----D---- C:\Program Files\Messenger Plus! Live
    2007-11-11 15:05:42 ----A---- C:\Program Files\Install_Messenger.exe
    2007-11-09 09:40:13 ----D---- C:\Program Files\Filzip3.06
    2007-11-03 04:25:28 ----N---- C:\WINDOWS\system32\spmsg.dll
    2007-10-26 16:30:03 ----D---- C:\Documents and Settings\Kinou\Application Data\Weflirt
    2007-10-18 12:31:46 ----A---- C:\WINDOWS\system32\sirenacm.dll
    2007-10-10 14:26:35 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
    2007-10-10 14:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB941202$
    2007-10-02 18:19:01 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2007-10-02 18:11:15 ----D---- C:\Program Files\Hip Interactive
    2007-09-29 10:15:55 ----D---- C:\Documents and Settings\Kinou\Application Data\DialMessenger
    2007-09-21 23:59:13 ----A---- C:\WINDOWS\SYMGAMES.INI
    2007-08-31 20:31:09 ----D---- C:\WINDOWS\Minidump
    2007-08-30 08:57:30 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2007-08-29 10:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
    2007-08-24 10:52:53 ----A---- C:\Documents and Settings\All Users\Application Data\ISx2F0.tmp
    2007-08-24 10:00:35 ----D---- C:\Program Files\MSXML 4.0
    2007-08-23 11:07:56 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
    2007-08-23 11:07:56 ----RA---- C:\WINDOWS\system32\LVUI2.dll
    2007-08-23 11:07:56 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
    2007-08-23 11:07:56 ----RA---- C:\WINDOWS\system32\lvcoinst.dll
    2007-08-23 11:07:56 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
    2007-08-23 11:07:55 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
    2007-08-23 11:02:16 ----RA---- C:\WINDOWS\Instexec.exe
    2007-08-23 11:02:14 ----RA---- C:\WINDOWS\system32\InstExec.ini
    2007-08-23 11:02:14 ----RA---- C:\WINDOWS\system32\InstExec.exe
    2007-08-23 11:01:47 ----D---- C:\Program Files\Fichiers communs\Logitech
    2007-08-23 11:01:08 ----A---- C:\WINDOWS\system32\ElkCtrl.exe
    2007-08-23 11:01:08 ----A---- C:\WINDOWS\system32\ElkCtlPS.dll
    2007-08-23 11:01:08 ----A---- C:\WINDOWS\system32\CamCplRes.dll
    2007-08-23 11:01:07 ----A---- C:\WINDOWS\system32\msxml4r.dll
    2007-08-23 11:01:07 ----A---- C:\WINDOWS\system32\msxml4a.dll
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
    2007-08-23 11:01:06 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
    2007-08-23 11:01:05 ----A---- C:\WINDOWS\system32\VxLib.dll
    2007-08-23 11:01:05 ----A---- C:\WINDOWS\system32\VLib.dll
    2007-08-23 11:01:05 ----A---- C:\WINDOWS\system32\gdiplus.dll
    2007-08-23 11:01:04 ----A---- C:\WINDOWS\system32\VxLibRes.dll
    2007-08-23 11:01:03 ----D---- C:\Program Files\Logitech
    2007-08-22 15:17:02 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
    2007-08-22 15:16:52 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
    2007-08-18 16:25:38 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$
    2007-08-18 16:25:33 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
    2007-08-18 16:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB921503$
    2007-08-18 16:25:20 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$
    2007-08-18 16:25:13 ----D---- C:\Program Files\MSXML 6.0
    2007-08-18 16:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
    2007-07-12 00:45:15 ----D---- C:\Documents and Settings\Kinou\Application Data\gtk-2.0
    2007-07-12 00:41:22 ----D---- C:\Program Files\GIMP-2.0
    2007-07-12 00:38:55 ----D---- C:\Program Files\Fichiers communs\GTK
    2007-07-11 18:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
    2007-07-11 18:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
    2007-07-04 15:02:56 ----D---- C:\Documents and Settings\Kinou\Application Data\DivX
    2007-06-22 08:31:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2007-06-21 12:54:37 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2007-06-21 12:54:37 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2007-06-21 12:54:37 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2007-06-13 18:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
    2007-06-13 18:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
    2007-06-13 18:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
    2007-06-05 19:38:53 ----D---- C:\Program Files\WarRock
    2007-06-05 19:38:32 ----D---- C:\Documents and Settings\Kinou\Application Data\InstallShield
    2007-05-24 23:54:43 ----D---- C:\ZMSoft
    2007-05-24 23:46:21 ----D---- C:\Program Files\Capturino 1.4
    2007-05-23 12:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
    2007-05-21 17:26:27 ----A---- C:\WINDOWS\yesmessenger.ini
    2007-05-16 18:08:30 ----D---- C:\Documents and Settings\Kinou\Application Data\Screenshot Sender
    2007-05-15 15:43:10 ----A---- C:\WINDOWS\system32\msxml6.dll
    2007-05-10 21:44:26 ----A---- C:\WINDOWS\dial-messenger.ini
    2007-05-08 23:11:22 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-05-08 23:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
    2007-05-08 15:03:04 ----A---- C:\WINDOWS\system32\msxml4.dll
    2007-04-22 23:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB920342$
    2007-04-22 23:20:51 ----D---- C:\WINDOWS\network diagnostic
    2007-04-22 23:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2007-04-22 23:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
    2007-04-22 23:20:31 ----HDC---- C:\WINDOWS\$NtUninstallKB912024$
    2007-04-12 09:04:34 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
    2007-04-12 09:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
    2007-04-12 09:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
    2007-04-12 09:04:16 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
    2007-04-12 09:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
    2007-04-11 13:11:20 ----A---- C:\WINDOWS\system32\capicom.dll
    2007-04-04 10:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
    2007-04-02 16:54:13 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2007-03-30 12:17:33 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2007-03-29 21:18:06 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2007-03-29 21:17:27 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2007-03-29 21:17:12 ----D---- C:\Program Files\Windows Media Connect 2
    2007-03-29 21:17:03 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2007-03-29 21:16:26 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2007-03-29 21:16:07 ----D---- C:\WINDOWS\system32\LogFiles
    2007-03-29 21:16:00 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2007-03-29 21:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
    2007-03-25 11:08:26 ----RA---- C:\WINDOWS\system32\xmltok.dll.off
    2007-03-25 11:08:26 ----RA---- C:\WINDOWS\system32\xmlparse.dll.off
    2007-03-25 11:08:26 ----RA---- C:\WINDOWS\system32\xmlinst.exe
    2007-03-25 11:08:26 ----RA---- C:\WINDOWS\system32\VB5DB.DLL
    2007-03-25 11:08:26 ----RA---- C:\WINDOWS\system32\msxml3a.dll
    2007-03-25 10:58:43 ----D---- C:\Program Files\Ubi Soft
    2007-03-15 18:17:20 ----N---- C:\WINDOWS\system32\WgaTray.exe
    2007-03-15 18:16:48 ----N---- C:\WINDOWS\system32\WgaLogon.dll
    2007-03-15 10:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB929338$
    2007-02-22 09:19:35 ----D---- C:\Documents and Settings\Kinou\Application Data\MSNInstaller
    2007-02-22 09:15:29 ----A---- C:\WINDOWS\INSTALL_MSN_MESSENGER_NT.EXE
    2007-02-15 11:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
    2007-02-15 11:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
    2007-02-15 11:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
    2007-02-15 11:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
    2007-02-15 11:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB931836$
    2007-02-15 11:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
    2007-02-15 11:01:09 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
    2007-02-15 11:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
    2007-02-10 16:30:21 ----D---- C:\Documents and Settings\Kinou\Application Data\Leadertech
    2007-02-10 16:28:25 ----D---- C:\Program Files\NovaLogic
    2007-02-04 13:02:06 ----D---- C:\Program Files\Leroy Merlin
    2007-01-29 10:58:06 ----N---- C:\WINDOWS\system32\tzchange.exe
    2007-01-28 17:25:52 ----D---- C:\Program Files\Microsoft Money 2005
    2007-01-26 00:04:06 ----D---- C:\Program Files\TribalWeb.net
    2007-01-11 01:15:26 ----D---- C:\WINDOWS\ie7updates
    2007-01-06 00:19:45 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2007-01-05 23:39:54 ----A---- C:\Program Files\wt3d.ini
    2007-01-05 11:10:59 ----D---- C:\WINDOWS\Sun
    2007-01-05 11:10:59 ----D---- C:\Documents and Settings\Kinou\Application Data\Sun
    2007-01-04 00:14:49 ----A---- C:\WINDOWS\IPUI_DivXG400.exe
    2007-01-04 00:13:07 ----D---- C:\Program Files\DivX
    2007-01-02 13:14:34 ----A---- C:\WINDOWS\system32\mucltui.dll
    2007-01-01 18:41:57 ----A---- C:\WINDOWS\system32\vb5stkit.dll
    2007-01-01 18:41:57 ----A---- C:\WINDOWS\system32\vb5fr.dll
    2007-01-01 18:41:57 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
    2007-01-01 18:41:49 ----A---- C:\WINDOWS\system32\FLXGDFR.DLL
    2007-01-01 18:41:49 ----A---- C:\WINDOWS\system32\CMCTLFR.DLL
    2007-01-01 18:41:48 ----D---- C:\Program Files\Converio 2.0
    2007-01-01 18:41:48 ----A---- C:\WINDOWS\system32\VB6FR.DLL
    2006-12-30 11:02:15 ----D---- C:\Documents and Settings\Kinou\Application Data\CyberLink
    2006-12-30 10:52:45 ----A---- C:\WINDOWS\JCMKR32.INI
    2006-12-22 12:28:14 ----A---- C:\WINDOWS\system32\mscoree.dll
    2006-12-16 01:39:31 ----D---- C:\WINDOWS\Performance
    2006-12-16 01:38:58 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
    2006-12-16 01:38:16 ----D---- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
    2006-12-13 00:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
    2006-12-13 00:10:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
    2006-12-13 00:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB923694$
    2006-12-13 00:10:23 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
    2006-12-13 00:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB926251$
    2006-12-12 11:21:55 ----D---- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
    2006-12-10 01:11:48 ----D---- C:\Documents and Settings\Kinou\Application Data\Google
    2006-12-10 01:11:16 ----D---- C:\Program Files\Google
    2006-12-09 03:39:28 ----A---- C:\WINDOWS\Filzip.ini
    2006-12-09 03:36:04 ----D---- C:\Program Files\Filzip
    2006-12-08 23:56:27 ----D---- C:\Program Files\Xvid
    2006-12-08 23:56:27 ----A---- C:\WINDOWS\system32\xvidvfw.dll
    2006-12-08 23:56:27 ----A---- C:\WINDOWS\system32\xvidcore.dll
    2006-12-08 23:49:29 ----D---- C:\Program Files\KC Softwares
    2006-12-02 00:36:32 ----N---- C:\WINDOWS\system32\MultiSZ.dll
    2006-11-28 19:45:35 ----N---- C:\WINDOWS\NuNinst.exe
    2006-11-27 16:00:55 ----D---- C:\Documents and Settings\Kinou\Application Data\Help
    2006-11-27 00:34:07 ----HD---- C:\WINDOWS\PIF
    2006-11-26 18:53:41 ----D---- C:\Documents and Settings\Kinou\Application Data\AdobeUM
    2006-11-26 18:50:17 ----D---- C:\Program Files\Sony
    2006-11-26 18:47:44 ----D---- C:\Documents and Settings\Kinou\Application Data\Pixela
    2006-11-26 18:32:48 ----D---- C:\Program Files\PIXELA
    2006-11-26 14:46:39 ----A---- C:\WINDOWS\ODBC.INI
    2006-11-26 14:45:00 ----D---- C:\Program Files\Microsoft Office
    2006-11-26 13:07:30 ----D---- C:\Program Files\Shareaza
    2006-11-26 13:07:30 ----D---- C:\Documents and Settings\Kinou\Application Data\Shareaza
    2006-11-26 04:20:05 ----D---- C:\WINDOWS\WBEM
    2006-11-26 04:20:04 ----D---- C:\WINDOWS\system32\fr-fr
    2006-11-26 04:19:06 ----HDC---- C:\WINDOWS\ie7
    2006-11-26 04:18:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2006-11-26 04:18:42 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2006-11-26 04:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2006-11-26 04:18:06 ----A---- C:\WINDOWS\system32\xmllite.dll
    2006-11-26 04:17:49 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2006-11-26 04:16:58 ----A---- C:\WINDOWS\system32\MRT.exe
    2006-11-26 04:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
    2006-11-26 04:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
    2006-11-26 04:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
    2006-11-26 04:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
    2006-11-26 04:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB920214$
    2006-11-26 04:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
    2006-11-26 04:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
    2006-11-26 04:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
    2006-11-26 04:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
    2006-11-26 04:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
    2006-11-26 04:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
    2006-11-26 04:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
    2006-11-26 04:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB887998$
    2006-11-26 04:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
    2006-11-26 04:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
    2006-11-26 04:02:45 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
    2006-11-26 04:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
    2006-11-26 04:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
    2006-11-26 04:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
    2006-11-26 04:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
    2006-11-26 04:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
    2006-11-26 04:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
    2006-11-26 04:02:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
    2006-11-26 04:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
    2006-11-26 04:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
    2006-11-26 04:01:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
    2006-11-26 04:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
    2006-11-26 04:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
    2006-11-26 04:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
    2006-11-26 04:00:52 ----HDC---- C:\WINDOWS\$NtUninstallKB922760$
    2006-11-26 04:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
    2006-11-26 04:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
    2006-11-26 03:40:56 ----D---- C:\Program Files\Micro Application
    2006-11-26 03:40:43 ----A---- C:\WINDOWS\NAVIGMA.INI
    2006-11-26 03:38:33 ----D---- C:\Program Files\WinZip
    2006-11-26 03:17:35 ----D---- C:\Program Files\IrfanView
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\vxblock.dll
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxwave.dll
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxmas.dll
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\pxafs.dll
    2006-11-26 03:12:39 ----N---- C:\WINDOWS\system32\px.dll
    2006-11-26 03:12:35 ----D---- C:\Program Files\Winamp
    2006-11-26 03:11:25 ----N---- C:\WINDOWS\kb913800.exe
    2006-11-26 03:03:48 ----D---- C:\WINDOWS\system32\PreInstall
    2006-11-26 03:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2006-11-26 02:37:24 ----D---- C:\Program Files\Symantec
    2006-11-26 02:26:56 ----A---- C:\WINDOWS\system32\LuResult.txt
    2006-11-26 02:02:57 ----A---- C:\WINDOWS\system32\CNMLM2P.DLL
    2006-11-26 02:02:51 ----A---- C:\WINDOWS\system32\CNMS400.EXE
    2006-11-26 02:02:48 ----A---- C:\WINDOWS\IsUn040c.exe
    2006-11-26 01:57:39 ----A---- C:\WINDOWS\CoverDes.INI
    2006-11-26 01:55:08 ----HD---- C:\WINDOWS\msdownld.tmp
    2006-11-26 01:54:43 ----D---- C:\WINDOWS\Historique
    2006-11-26 01:54:42 ----A---- C:\WINDOWS\Active Setup Log.txt
    2006-11-26 01:54:42 ----A---- C:\WINDOWS\Active Setup Log.BAK
    2006-11-26 01:54:41 ----D---- C:\Program Files\Microsoft Picture It! PhotoPub
    2006-11-26 01:53:12 ----A---- C:\WINDOWS\unvise32qt.exe
    2006-11-26 01:53:05 ----D---- C:\WINDOWS\system32\QuickTime
    2006-11-26 01:53:04 ----D---- C:\Program Files\QuickTime
    2006-11-26 01:52:32 ----D---- C:\Program Files\FotoStation Easy
    2006-11-26 01:51:53 ----D---- C:\Program Files\Fichiers communs\Nikon
    2006-11-26 01:51:52 ----D---- C:\Program Files\Nikon
    2006-11-26 01:49:10 ----D---- C:\Documents and Settings\Kinou\Application Data\Adobe
    2006-11-26 01:48:08 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2006-11-26 01:47:01 ----D---- C:\Program Files\Ahead
    2006-11-26 01:45:01 ----D---- C:\WINDOWS\system32\appmgmt
    2006-11-26 01:32:17 ----A---- C:\WINDOWS\uneng.exe
    2006-11-26 01:15:30 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2006-11-25 23:55:56 ----A---- C:\WINDOWS\system32\stci.dll
    2006-11-25 23:55:46 ----D---- C:\Program Files\Alcatel
    2006-11-25 23:53:58 ----A---- C:\WINDOWS\system32\hidserv.dll
    2006-11-25 23:48:51 ----D---- C:\Program Files\Microsoft Hardware
    2006-11-25 23:42:08 ----SHD---- C:\RECYCLER
    2006-11-25 23:22:30 ----A---- C:\WINDOWS\system32\ImageItEncrypt.exe
    2006-11-25 22:55:46 ----D---- C:\Program Files\comsummer
    2006-11-25 22:55:46 ----D---- C:\Documents and Settings\Kinou\Application Data\Macromedia
    2006-11-25 22:55:46 ----A---- C:\WINDOWS\comsummer.ini
    2006-11-25 22:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB908246$
    2006-11-25 22:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
    2006-11-25 22:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB898444$
    2006-11-25 22:54:44 ----HDC---- C:\WINDOWS\$NtUninstallKB914548$
    2006-11-25 22:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911565$
    2006-11-25 22:54:21 ----HDC---- C:\WINDOWS\$NtUninstallKB910393$
    2006-11-25 22:51:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
    2006-11-25 22:51:44 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
    2006-11-25 22:51:28 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    2006-11-25 22:50:42 ----D---- C:\WINDOWS\Downloaded Installations
    2006-11-25 22:49:32 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
    2006-11-25 22:49:32 ----A---- C:\WINDOWS\system32\ERUpdateHidden.EXE
    2006-11-25 22:49:32 ----A---- C:\WINDOWS\system32\CloseProcessWindow.dll
    2006-11-25 22:49:32 ----A---- C:\WINDOWS\system32\ClearEvent.exe
    2006-11-25 22:49:32 ----A---- C:\WINDOWS\system32\CheckD2DSystem.exe
    2006-11-25 22:49:32 ----A---- C:\WINDOWS\system32\Acer EULA.txt
    2006-11-25 22:49:04 ----A---- C:\WINDOWS\system32\eRecUtil.dll
    2006-11-25 22:49:03 ----A---- C:\WINDOWS\system32\SysMonitor.exe
    2006-11-25 22:49:03 ----A---- C:\WINDOWS\system32\ScrollBarLib.dll
    2006-11-25 22:49:02 ----A---- C:\WINDOWS\system32\Interop.Shell32.dll
    2006-11-25 22:49:02 ----A---- C:\WINDOWS\system32\Acer.Empowering.Windows.Forms.dll
    2006-11-25 22:48:55 ----D---- C:\Acer
    2006-11-25 22:48:03 ----D---- C:\Program Files\Java
    2006-11-25 22:48:02 ----D---- C:\Program Files\Fichiers communs\Java
    2006-11-25 22:47:34 ----ASH---- C:\Documents and Settings\Kinou\Application Data\desktop.ini
    2006-11-25 22:47:33 ----SD---- C:\Documents and Settings\Kinou\Application Data\Microsoft
    2006-11-25 22:47:33 ----D---- C:\Documents and Settings\Kinou\Application Data\Identities
    2006-11-25 22:35:13 ----A---- C:\WINDOWS\DUMP2673.tmp
    2006-11-17 20:27:16 ----N---- C:\WINDOWS\system32\ieframe.dll.mui
    2006-11-17 20:26:44 ----A---- C:\WINDOWS\system32\advpack.dll.mui
    2006-11-07 22:03:36 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 22:03:36 ----A---- C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 22:03:36 ----A---- C:\WINDOWS\system32\ieui.dll
    2006-11-07 22:03:36 ----A---- C:\WINDOWS\system32\ieframe.dll
    2006-11-07 04:26:32 ----A---- C:\WINDOWS\system32\ieudinit.exe
    2006-11-02 11:52:12 ----N---- C:\WINDOWS\system32\wpdshextres.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WPDShServiceObj.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WpdShext.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVXENCD.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVSENCD.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVSDECD.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVENCOD.dll
    2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVDECOD.dll
    2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmpps.dll
    2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmpmde.dll
    2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmpeffects.dll
    2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
    2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
    2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceTypes.dll
    2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
    2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceApi.dll
    2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MPG4DECD.dll
    2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MP4SDECD.dll
    2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MP43DECD.dll
    2006-10-18 20:00:14 ----N---- C:\WINDOWS\system32\wpdshextautoplay.exe
    2006-10-17 13:05:58 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:58:32 ----A---- C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 12:58:20 ----A---- C:\WINDOWS\system32\icardie.dll
    2006-10-17 12:57:20 ----A---- C:\WINDOWS\system32\iertutil.dll
    2006-10-17 12:27:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
    2006-10-02 15:28:42 ----N---- C:\WINDOWS\system32\msdelta.dll
    2006-09-28 20:13:26 ----N---- C:\WINDOWS\system32\WUDFCoinstaller.dll
    2006-09-28 18:56:38 ----N---- C:\WINDOWS\system32\WUDFx.dll
    2006-09-28 18:56:38 ----N---- C:\WINDOWS\system32\WudfHost.exe
    2006-09-28 18:56:16 ----N---- C:\WINDOWS\system32\WudfPlatform.dll
    2006-09-28 18:56:14 ----N---- C:\WINDOWS\system32\WudfSvc.dll
    2006-09-08 22:35:20 ----D---- C:\WINDOWS\temp
    2006-09-08 22:35:20 ----D---- C:\SYSINFO
    2006-09-08 22:35:20 ----AD---- C:\WINDOWS
    2006-09-08 22:35:20 ----AD---- C:\i386
    2006-09-08 14:52:06 ----A---- C:\WINDOWS\system32\h323log.txt
    2006-09-08 14:49:44 ----D---- C:\Program Files\Fichiers communs\ODBC
    2006-09-08 14:49:42 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2006-09-08 14:49:40 ----N---- C:\WINDOWS\system.ini
    2006-09-08 14:49:30 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2006-09-08 14:49:16 ----D---- C:\WINDOWS\WinSxS
    2006-09-08 14:49:10 ----D---- C:\WINDOWS\Debug
    2006-09-08 14:49:06 ----D---- C:\WINDOWS\system32\usmt
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\twain_32
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\wins
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\ShellExt
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\Setup
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\ras
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\npp
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\inetsrv
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\IME
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\icsxml
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\export
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\dhcp
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\3com_dmi
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\3076
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\2052
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1054
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1042
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1041
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1037
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1036
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1033
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1031
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1028
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\system32\1025
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\Resources
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\Provisioning
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\PeerNet
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\mui
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\java
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\Driver Cache
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\Connection Wizard
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\Config
    2006-09-08 14:44:46 ----D---- C:\WINDOWS\AppPatch
    2006-09-08 14:42:42 ----AD---- C:\GUIDE
    2006-09-08 14:42:08 ----D---- C:\drv
    2006-09-08 14:07:57 ----A---- C:\WINDOWS\system32\ijl11.dll
    2006-09-08 13:34:52 ----A---- C:\WINDOWS\SchedLgU.Txt
    2006-09-08 13:34:42 ----RASH---- C:\boot.ini
    2006-09-08 13:34:42 ----A---- C:\WINDOWS\smscfg.ini
    2006-09-08 13:34:38 ----AD---- C:\WINDOWS\system32
    2006-09-08 13:34:32 ----D---- C:\WINDOWS\system32\Restore
    2006-09-08 13:34:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2006-09-08 13:34:18 ----HD---- C:\WINDOWS\inf
    2006-09-08 13:34:16 ----AD---- C:\WINDOWS\system32\drivers
    2006-09-08 13:33:22 ----RSD---- C:\WINDOWS\Fonts
    2006-09-08 13:33:22 ----D---- C:\WINDOWS\Help
    2006-09-08 13:32:20 ----SHD---- C:\WINDOWS\Installer
    2006-09-08 13:32:20 ----D---- C:\Program Files\Acer WLAN 11g USB Dongle
    2006-09-08 13:32:20 ----D---- C:\Program Files
    2006-09-08 13:32:18 ----D---- C:\WINDOWS\AcerDRV
    2006-09-08 13:32:12 ----N---- C:\WINDOWS\system32\MWLPS.dll
    2006-09-08 13:31:42 ----D---- C:\Program Files\CyberLink
    2006-09-08 13:31:34 ----HD---- C:\Program Files\InstallShield Installation Information
    2006-09-08 13:31:32 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2006-09-08 13:31:10 ----D---- C:\Program Files\NewTech Infosystems
    2006-09-08 13:31:08 ----RH---- C:\WINDOWS\system32\NTIBUN4.dll
    2006-09-08 13:30:40 ----D---- C:\WINDOWS\system32\CatRoot2
    2006-09-08 13:30:38 ----D---- C:\Program Files\Fichiers communs\LightScribe
    2006-09-08 13:30:38 ----D---- C:\Program Files\Fichiers communs
    2006-09-08 13:30:24 ----D---- C:\Program Files\Fichiers communs\muvee Technologies
    2006-09-08 13:30:24 ----A---- C:\AUTOEXEC.BAT
    2006-09-08 13:30:04 ----D---- C:\Program Files\Fichiers communs\NewTech Infosystems
    2006-09-08 13:29:56 ----RH---- C:\WINDOWS\system32\NTIMPEG2.dll
    2006-09-08 13:29:56 ----RH---- C:\WINDOWS\system32\NTIMP3.dll
    2006-09-08 13:29:56 ----RH---- C:\WINDOWS\system32\NTIFCD3.dll
    2006-09-08 13:29:56 ----RH---- C:\WINDOWS\system32\NTICDMK7.dll
    2006-09-08 13:28:54 ----D---- C:\Program Files\Fichiers communs\Adobe
    2006-09-08 13:28:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2006-09-08 13:28:48 ----D---- C:\Program Files\Adobe
    2006-09-08 13:28:34 ----D---- C:\WINDOWS\Registration
    2006-09-08 13:28:32 ----D---- C:\WINDOWS\ehome
    2006-09-08 13:27:28 ----D---- C:\WINDOWS\security
    2006-09-08 13:24:20 ----D---- C:\Program Files\Windows Media Player
    2006-09-08 13:24:18 ----D---- C:\WINDOWS\RegisteredPackages
    2006-09-08 13:23:46 ----A---- C:\WINDOWS\imsins.BAK
    2006-09-08 13:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
    2006-09-08 13:22:28 ----HDC---- C:\WINDOWS\$NtUninstallKB902841$
    2006-09-08 13:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB888795$
    2006-09-08 13:21:58 ----HDC---- C:\WINDOWS\$NtUninstallKB899510$
    2006-09-08 13:21:46 ----HDC---- C:\WINDOWS\$NtUninstallKB899337$
    2006-09-08 13:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB895961$
    2006-09-08 13:21:22 ----D---- C:\WINDOWS\system32\CatRoot
    2006-09-08 13:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
    2006-09-08 13:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB891593$
    2006-09-08 13:20:50 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
    2006-09-08 13:19:42 ----D---- C:\Program Files\GemMasterFrench
    2006-09-08 13:19:40 ----D---- C:\Program Files\FrenchOtto
    2006-09-08 13:17:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2006-09-08 13:16:56 ----RSD---- C:\WINDOWS\assembly
    2006-09-08 13:16:32 ----D---- C:\WINDOWS\system32\mui
    2006-09-08 13:16:04 ----D---- C:\WINDOWS\system32\URTTemp
    2006-09-08 13:15:44 ----D---- C:\Program Files\Internet Explorer
    2006-09-08 13:15:20 ----D---- C:\WINDOWS\system32\Lang
    2006-09-08 13:14:00 ----D---- C:\WINDOWS\system32\RTCOM
    2006-09-08 13:13:14 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
    2006-09-08 13:13:04 ----D---- C:\Program Files\Realtek
    2006-09-08 13:12:54 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2006-09-08 13:12:50 ----A---- C:\WINDOWS\OEWABLog.txt
    2006-09-08 13:12:44 ----HD---- C:\Program Files\Uninstall Information
    2006-09-08 13:12:22 ----D---- C:\WINDOWS\msagent
    2006-09-08 13:11:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2006-09-08 13:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
    2006-09-08 13:11:04 ----HD---- C:\WINDOWS\$hf_mig$
    2006-09-08 13:10:48 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
    2006-09-08 13:10:36 ----D---- C:\Program Files\Outlook Express
    2006-09-08 13:10:34 ----D---- C:\Program Files\Fichiers communs\System
    2006-09-08 13:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB911567$
    2006-09-08 13:10:16 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
    2006-09-08 13:10:02 ----HDC---- C:\WINDOWS\$NtUninstallKB908531_0$
    2006-09-08 13:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
    2006-09-08 13:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB913446$
    2006-09-08 13:09:14 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
    2006-09-08 13:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
    2006-09-08 13:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
    2006-09-08 13:08:34 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
    2006-09-08 13:08:22 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
    2006-09-08 13:08:14 ----D---- C:\Program Files\Oca History Tool
    2006-09-08 13:08:10 ----HDC---- C:\WINDOWS\$UninstallOCA-X86Fre-ENU$
    2006-09-08 13:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
    2006-09-08 13:07:48 ----HDC---- C:\WINDOWS\$NtUninstallKB904706_0$
    2006-09-08 13:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB905915$
    2006-09-08 13:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
    2006-09-08 13:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
    2006-09-08 13:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB906569$
    2006-09-08 13:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
    2006-09-08 13:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
    2006-09-08 13:06:14 ----D---- C:\WINDOWS\system32\Com
    2006-09-08 13:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
    2006-09-08 13:05:52 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
    2006-09-08 13:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
    2006-09-08 13:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB899589$
    2006-09-08 13:05:10 ----HDC---- C:\WINDOWS\$
    a b 8 Sécurité
    21 Octobre 2008 20:12:37

    Re,

    Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :files
    C:\WINDOWS\rosqxvmn.dll
    C:\Program Files\DialMessenger
    C:\Program Files\Weflirt
    C:\WINDOWS\lomxeqsn.exe
    C:\WINDOWS\efdv.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{7C554665-B775-4305-BAE6-E310B361F216}"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "DialMessenger"=-
    "Weflirt"=-


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    21 Octobre 2008 20:51:57

    BON JE FAIS CA? JE SUIS IMPRESSIONN PAR LA LISTE DES CHOSES 0 FAIRE? J4AVAIS REGARD2 L4AUTRE MANIP D4UN DE ME SEMBLABLE QUI AVAIT GALeré (oups sorry caps lock...) mais je ne retrouve pas les memes étapes...

    je reviens .. ;-) avec le log of course..
    21 Octobre 2008 20:58:25

    ========== FILES ==========
    C:\WINDOWS\rosqxvmn.dll unregistered successfully.
    C:\WINDOWS\rosqxvmn.dll moved successfully.
    File/Folder C:\Program Files\DialMessenger not found.
    File/Folder C:\Program Files\Weflirt not found.
    C:\WINDOWS\lomxeqsn.exe moved successfully.
    C:\WINDOWS\efdv.exe moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7C554665-B775-4305-BAE6-E310B361F216} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C554665-B775-4305-BAE6-E310B361F216}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DialMessenger deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Weflirt deleted successfully.

    OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 08212006_204326


    il ne ml'a pas dit qu'il n'arrivait pas a enlever des fichiers (j'avais désactivé norton pour la manip (non connecté à internet ;-) )

    il semblerait que le message ai disparu de ma barre de tache, je vais vérifier si le fonctionnement normal est revenu.

    Y a til une autre action à faire ?
    a b 8 Sécurité
    21 Octobre 2008 21:00:52

    Chaque infection est différente.
    Reposte un rapport Hijackthis.
    21 Octobre 2008 21:44:20

    j'ai l'impression que ca va mieux... c'etait quoi du coup .. un ad ware ? un spy ware qui n'a pas été vu par norton ?

    voici le log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:30:26, on 21/08/2006
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe
    C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
    C:\Program Files\Nikon\NkView4\NkVwMon.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [{9284C590-2364-B640-A982-E205A23DFC68}] "C:\Documents and Settings\Kinou\Mes documents\Mes images\FotoStation Easy\Edited\MSCodec.1408.13.exe" /r
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [TaskMonitor] C:\WINDOWS\system32\TaskMonitor.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (User 'SYSTEM')
    O4 - .DEFAULT Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE (User 'Default user')
    O4 - .DEFAULT Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (User 'Default user')
    O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ?
    O4 - Global Startup: ImageMixer for HDD Camcorder.lnk = C:\Program Files\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe
    O4 - Global Startup: NkVwMon.exe.lnk = C:\Program Files\Nikon\NkView4\NkVwMon.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe

    --
    End of file - 12918 bytes
    a b 8 Sécurité
    22 Octobre 2008 17:18:36

    Tu as combien d'antivirus ?
    22 Octobre 2008 17:20:10

    il y en a un deuxieme, normallement c'est Norton le standard mais vu qu'il y avait ce problème on a essayé d'installer avast .. sans succès LOL ..

    C'etait quoi au final ? puis je clore le sujet ?
    22 Octobre 2008 18:25:40

    ben c que le norton il est payé ....

    donc c'etait quel probleme ?
    a b 8 Sécurité
    22 Octobre 2008 18:31:33

    Il est toujours actif Norton ? Si oui, vire juste Avast!.

    Citation :
    donc c'etait quel probleme ?

    Bah les infections qu'on a supprimé précédemment.
    22 Octobre 2008 18:35:22

    bon je vire avast, norton est toujours actif..
    si je comprend bien les problèmes résidaient là:
    C:\WINDOWS\rosqxvmn.dll
    C:\Program Files\DialMessenger
    C:\Program Files\Weflirt
    C:\WINDOWS\lomxeqsn.exe
    C:\WINDOWS\efdv.exe

    mais bon si j'avais pu mettre un nom sur cette saleté...

    Je met résolu dans le titre ?
    a b 8 Sécurité
    22 Octobre 2008 20:43:33

    Oui, ce sont ces fichiers. Tu peux mettre résolu.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS