> Tous les forums > Forum Sécurité
 Comportement bizarre de mon PCSujet résolu
Ajouter un message à la discussion
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]
lilou89
  Posté le 04/09/2009 @ 15:38 
Aller en bas de la page 
Petite astucienne

Bonjour à tous

Souvent le matin en allumant mon PC , la barre du menu en haut est sur fond noir.

J'ai noté les cookies à ne pas effacer avec CCleaner (mes identifiants et mots de passe) et je suis obligé de les remettre en ouvrant le PC.

Par moment il rame surtout depuis que j'ai mis KIS 2010, quand ça clignote ( boule orange) dans la barre des taches il n'y a plus rien qui bouge, je suis obligée d'attendre que ça s'arrête.Je trouve que ça clignote souvent.

J'ai mis une RAM de 2 Go , car il n'était pas assez puissant.

Ce matin j'ait une analyse avec Malwarebytes :RAS

Un Scan avec KIS :RAS.

Je ne sais pas ce qui se passe que pratiquement tous les matins,il se passe ces drôles de choses.

Quelqu'un pourra peut être m'aider à trouver la solution?

Merci d'avance

lilou89

Publicité
Evasion60
 Posté le 04/09/2009 à 15:51 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour

... aide toi de ce lien pour me poster les deux rapports demandés / STP :

https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm

A te lire

lilou89
 Posté le 04/09/2009 à 16:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voici le rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by Liliane et Guy at 2009-09-04 16:16:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (81%) free of 73 GB
Total RAM: 2815 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:10, on 04/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Liliane et Guy\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Liliane et Guy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249986238703
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 6811 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{8E376F74-ED74-486C-A622-A632F060699B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-08-25 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-08-10 251264]
"TClockEx"=C:\Program Files\TClockEx\TCLOCKEX.EXE [2000-03-09 89088]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
C:\Genius\ioCentre\gTaskBar.exe [2007-01-19 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]
Alaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-07-12 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [2009-08-18 868352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe [2003-05-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-08-19 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
C:\PROGRA~1\ACERWL~1\ZDWlan.exe [2005-11-16 745472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
[]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Documents and Settings\Liliane et Guy\Menu Démarrer\Programmes\Démarrage
Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=00000000
"NoRecentDocsMenu "=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6fe6ffd-8656-11de-acaf-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-09-04 16:16:05 ----D---- C:\rsit
2009-09-04 08:00:53 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-09-03 21:15:12 ----D---- C:\Program Files\ESET
2009-09-03 18:48:54 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\WinRAR
2009-09-03 18:48:05 ----D---- C:\Program Files\WinRAR
2009-09-01 09:26:21 ----A---- C:\WINDOWS\~DF8454.tmp
2009-08-30 18:44:37 ----D---- C:\Program Files\ma-config.com
2009-08-30 18:44:37 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-08-28 15:56:50 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Mozilla
2009-08-28 15:10:06 ----D---- C:\Mes Documents
2009-08-28 15:07:19 ----D---- C:\Win Généalogic
2009-08-28 15:07:18 ----D---- C:\TomTom
2009-08-28 15:07:18 ----D---- C:\Roxio
2009-08-28 15:07:17 ----D---- C:\Protectis
2009-08-28 15:07:17 ----D---- C:\Mes sites Web
2009-08-28 15:07:14 ----D---- C:\CyberLink
2009-08-26 22:11:30 ----D---- C:\WINDOWS\system32\appmgmt
2009-08-26 19:57:25 ----A---- C:\WINDOWS\system32\MSCc2FR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\StdFtFR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\DBRpRFR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\DBLstFR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\Rdo20FR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\MSDBRptR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DZIP32.DLL
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DZACTX.DLL
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DUNZIP32.DLL
2009-08-26 19:57:22 ----A---- C:\WINDOWS\system32\MSCmCFR.dll
2009-08-26 19:57:22 ----A---- C:\WINDOWS\system32\DUZACTX.DLL
2009-08-26 19:57:20 ----A---- C:\WINDOWS\system32\Vbis4032.dll
2009-08-26 19:57:19 ----D---- C:\Program Files\Win Généalogic
2009-08-26 19:57:17 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-08-26 18:57:59 ----D---- C:\WINDOWS\system32\Adobe
2009-08-24 13:16:27 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-08-24 13:16:26 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-08-24 12:04:00 ----D---- C:\Program Files\Fichiers communs\Designer
2009-08-24 12:03:26 ----D---- C:\WINDOWS\ShellNew
2009-08-24 12:03:20 ----D---- C:\Program Files\Microsoft Office
2009-08-24 11:40:11 ----D---- C:\Config.Msi
2009-08-23 15:04:37 ----D---- C:\WINDOWS\ShellNew(2)
2009-08-23 12:03:56 ----D---- C:\Program Files\IVT Corporation
2009-08-23 12:03:32 ----D---- C:\Program Files\PC Connectivity Solution
2009-08-23 12:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-08-21 23:05:35 ----D---- C:\Program Files\Secunia
2009-08-21 00:14:12 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-21 00:14:09 ----D---- C:\Program Files\MSBuild
2009-08-21 00:14:07 ----D---- C:\WINDOWS\system32\en-US
2009-08-21 00:14:04 ----D---- C:\Program Files\Reference Assemblies
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-20 20:58:27 ----A---- C:\A-Patch143b3_WLM9.exe
2009-08-20 20:44:16 ----D---- C:\Program Files\Microsoft
2009-08-20 18:10:53 ----D---- C:\Program Files\Microsoft Works
2009-08-20 17:54:59 ----D---- C:\WINDOWS\Desktop
2009-08-20 17:23:26 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-08-20 16:58:13 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Microsoft Web Folders
2009-08-18 23:49:09 ----A---- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
2009-08-18 23:35:20 ----D---- C:\Program Files\Roxio
2009-08-18 23:34:26 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-08-17 20:26:13 ----D---- C:\WINDOWS\Sun
2009-08-17 13:47:15 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-08-17 12:00:32 ----D---- C:\Program Files\Trend Micro
2009-08-16 09:38:11 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2009-08-16 09:35:48 ----D---- C:\Program Files\TomTom International B.V
2009-08-16 09:35:28 ----D---- C:\Program Files\TomTom HOME 2
2009-08-16 09:10:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\TomTom
2009-08-15 09:37:43 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\HouseCall 6.6
2009-08-15 09:37:41 ----D---- C:\WINDOWS\system32\HouseCall 6.6
2009-08-15 07:44:01 ----D---- C:\Program Files\PhotoFiltre Studio
2009-08-14 23:22:43 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Help
2009-08-14 23:21:05 ----D---- C:\Program Files\TClockEx
2009-08-14 14:09:33 ----D---- C:\Program Files\Defraggler
2009-08-14 12:05:44 ----D---- C:\Genius
2009-08-14 12:05:31 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\InstallShield
2009-08-13 22:25:31 ----D---- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
2009-08-13 15:18:26 ----A---- C:\WINDOWS\system32\GAPI32.dll
2009-08-13 15:18:23 ----A---- C:\WINDOWS\system32\msjet35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\vbar332.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\msrepl35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\Msrd2x35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2009-08-13 11:14:00 ----D---- C:\WINDOWS\SxsCaPendDel
2009-08-13 09:48:17 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-08-13 09:39:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-08-12 19:24:29 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-08-12 19:23:51 ----D---- C:\Program Files\Windows Media Connect 2
2009-08-12 19:21:39 ----D---- C:\WINDOWS\system32\LogFiles
2009-08-12 15:33:50 ----D---- C:\Program Files\MSECache
2009-08-12 14:47:39 ----D---- C:\Program Files\Jeux de cartes
2009-08-12 13:32:56 ----D---- C:\Program Files\Unlocker
2009-08-12 11:53:33 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\dvdcss
2009-08-12 10:59:31 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-12 09:21:15 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-08-12 09:21:14 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-08-12 09:21:13 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\TuneUp Software
2009-08-12 09:20:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-08-12 09:20:52 ----D---- C:\Program Files\TuneUp Utilities 2008
2009-08-12 09:19:49 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-08-12 08:54:48 ----HDC---- C:\WINDOWS\ie8
2009-08-12 05:47:00 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-08-12 05:47:00 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-08-11 23:41:26 ----D---- C:\WINDOWS\pss
2009-08-11 22:28:28 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Malwarebytes
2009-08-11 22:28:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-11 22:28:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-11 22:26:40 ----D---- C:\Program Files\e-Carte Bleue Banque Populaire
2009-08-11 21:43:11 ----D---- C:\Program Files\BVS Solitaire Collection
2009-08-11 21:28:27 ----D---- C:\Program Files\Microsoft Carioca
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\tabctfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\Rchtxfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\mcifr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\FLXGDFR.DLL
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\cmdlgfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\cmctlfr.dll
2009-08-11 21:20:12 ----D---- C:\Program Files\FoxTarot4
2009-08-11 21:11:12 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-08-11 20:09:32 ----SHD---- C:\system volume information
2009-08-11 19:09:04 ----D---- C:\Program Files\eMule
2009-08-11 18:54:42 ----D---- C:\Program Files\Neuf
2009-08-11 18:22:36 ----A---- C:\WINDOWS\system32\unicows.dll
2009-08-11 18:22:36 ----A---- C:\WINDOWS\system32\pxc25pm.dll
2009-08-11 18:22:33 ----D---- C:\Program Files\Tracker Software
2009-08-11 18:17:34 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-08-11 18:00:30 ----D---- C:\Program Files\Messenger Plus! Live
2009-08-11 17:54:14 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-11 17:53:29 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-08-11 17:53:23 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-08-11 17:52:21 ----D---- C:\Program Files\Windows Live SkyDrive
2009-08-11 17:51:58 ----D---- C:\Program Files\Windows Live
2009-08-11 17:46:58 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-08-11 16:58:36 ----D---- C:\Program Files\Kaspersky Lab
2009-08-11 16:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-08-11 16:55:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-08-11 16:45:32 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\vlc
2009-08-11 16:45:15 ----D---- C:\Program Files\VideoLAN
2009-08-11 15:44:31 ----A---- C:\WINDOWS\ODBC.INI
2009-08-11 14:56:45 ----D---- C:\Documents and Settings\All Users\Application Data\IM
2009-08-11 14:56:13 ----D---- C:\Documents and Settings\All Users\Application Data\IncrediMail
2009-08-11 14:56:12 ----D---- C:\Program Files\IncrediMail
2009-08-11 14:40:55 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\BVS Solitaire Collection
2009-08-11 14:18:00 ----A---- C:\WINDOWS\lexstat.ini
2009-08-11 14:17:45 ----A---- C:\WINDOWS\system32\lxbkvs.dll
2009-08-11 14:17:44 ----A---- C:\WINDOWS\system32\lxbkpwr.dll
2009-08-11 14:17:43 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL
2009-08-11 14:17:41 ----A---- C:\WINDOWS\system32\LXBKIH.EXE
2009-08-11 14:17:40 ----A---- C:\WINDOWS\system32\LXBKCU.DLL
2009-08-11 14:17:40 ----A---- C:\WINDOWS\system32\lxbkcomm.dll
2009-08-11 14:17:38 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE
2009-08-11 14:17:37 ----A---- C:\WINDOWS\system32\LEXPPS.EXE
2009-08-11 14:17:37 ----A---- C:\WINDOWS\system32\LEXPING.EXE
2009-08-11 14:17:36 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEXBCES.EXE
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEXBCE.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\INSTMON.EXE
2009-08-11 14:17:31 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL
2009-08-11 14:17:30 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL
2009-08-11 14:17:18 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2009-08-11 14:17:12 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL
2009-08-11 14:17:12 ----A---- C:\WINDOWS\system32\lxbkscin.dll
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\LXBKGF.DLL
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcoin.ini
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcoin.dll
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcinf.dll
2009-08-11 14:16:52 ----D---- C:\Program Files\Lexmark X1100 Series
2009-08-11 14:16:52 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL
2009-08-11 14:15:22 ----A---- C:\WINDOWS\unin040c.exe
2009-08-11 14:10:03 ----D---- C:\Program Files\CCleaner
2009-08-11 13:55:50 ----D---- C:\Program Files\VS Revo Group
2009-08-11 13:27:34 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Sun
2009-08-11 13:20:59 ----SHD---- C:\RECYCLER
2009-08-11 13:17:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-08-11 13:17:51 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-08-11 13:16:13 ----D---- C:\Program Files\NOS
2009-08-11 13:16:13 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-08-11 13:14:48 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-08-11 13:13:24 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Adobe
2009-08-11 13:02:25 ----D---- C:\WINDOWS\ie8updates
2009-08-11 12:43:27 ----A---- C:\WINDOWS\system32\SET1EB.tmp
2009-08-11 12:43:27 ----A---- C:\WINDOWS\system32\SET1EA.tmp
2009-08-11 12:43:27 ----A---- C:\WINDOWS\system32\SET1E9.tmp
2009-08-11 12:43:27 ----A---- C:\WINDOWS\system32\SET1E8.tmp
2009-08-11 12:42:36 ----A---- C:\WINDOWS\system32\SET1D2.tmp
2009-08-11 12:42:31 ----A---- C:\WINDOWS\system32\SET1CD.tmp
2009-08-11 12:42:07 ----D---- C:\WINDOWS\WBEM
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1C0.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B9.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B8.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B6.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B5.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B4.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B3.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B2.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B1.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1B0.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1AE.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1AD.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1AC.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1AB.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1AA.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A9.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A8.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A7.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A6.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A5.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A4.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A3.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A2.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET1A1.tmp
2009-08-11 12:41:18 ----A---- C:\WINDOWS\system32\SET19F.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET1B7.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET1AF.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET19E.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET19D.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET19C.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET19B.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET19A.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET199.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET198.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET197.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET196.tmp
2009-08-11 12:41:17 ----A---- C:\WINDOWS\system32\SET195.tmp
2009-08-11 12:40:27 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-11 12:38:55 ----A---- C:\WINDOWS\system32\SETD0.tmp
2009-08-11 12:38:55 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-08-11 12:38:50 ----A---- C:\WINDOWS\system32\SETC8.tmp
2009-08-11 12:38:44 ----A---- C:\WINDOWS\system32\SETC2.tmp
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\SETA5.tmp
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\services.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-08-11 12:38:20 ----A---- C:\WINDOWS\system32\SET67.tmp
2009-08-11 12:31:39 ----A---- C:\WINDOWS\system32\SET18C.tmp
2009-08-11 12:31:22 ----A---- C:\WINDOWS\system32\SET17D.tmp
2009-08-11 12:31:17 ----A---- C:\WINDOWS\system32\SET178.tmp
2009-08-11 12:31:12 ----A---- C:\WINDOWS\system32\SET173.tmp
2009-08-11 12:31:01 ----A---- C:\WINDOWS\system32\SET16A.tmp
2009-08-11 12:30:24 ----A---- C:\WINDOWS\system32\SET158.tmp
2009-08-11 12:30:24 ----A---- C:\WINDOWS\system32\SET157.tmp
2009-08-11 12:30:18 ----A---- C:\WINDOWS\system32\SET140.tmp
2009-08-11 12:28:18 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-08-11 12:11:31 ----A---- C:\WINDOWS\system32\SET7F.tmp
2009-08-11 12:08:56 ----A---- C:\WINDOWS\system32\SET11D.tmp
2009-08-11 12:08:31 ----A---- C:\WINDOWS\system32\SETC5.tmp
2009-08-11 12:07:41 ----A---- C:\WINDOWS\system32\SET170.tmp
2009-08-11 12:07:41 -------- C:\WINDOWS\system32\SET3B.tmp
2009-08-11 12:07:40 ----A---- C:\WINDOWS\system32\SET175.tmp
2009-08-11 12:07:40 -------- C:\WINDOWS\system32\SET41.tmp
2009-08-11 12:04:38 ----D---- C:\WINDOWS\Prefetch
2009-08-11 11:58:20 ----D---- C:\WINDOWS\system32\fr-fr
2009-08-11 11:58:19 ----D---- C:\WINDOWS\system32\fr
2009-08-11 11:58:19 ----D---- C:\WINDOWS\l2schemas
2009-08-11 11:58:18 ----D---- C:\WINDOWS\system32\bits
2009-08-11 11:56:21 ----D---- C:\WINDOWS\ServicePackFiles
2009-08-11 11:54:19 ----D---- C:\WINDOWS\network diagnostic
2009-08-11 11:36:48 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-08-11 11:36:36 ----D---- C:\WINDOWS\system32\PreInstall
2009-08-11 11:25:36 ----A---- C:\WINDOWS\PowerOption.ini
2009-08-11 11:25:36 ----A---- C:\WINDOWS\PowerOption.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\ERUpdateHidden.EXE
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\CloseProcessWindow.dll
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\ClearEvent.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\CheckD2DSystem.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\Acer EULA.txt
2009-08-11 11:24:37 ----D---- C:\WINDOWS\Downloaded Installations
2009-08-11 11:23:23 ----A---- C:\WINDOWS\system32\eRecUtil.dll
2009-08-11 11:23:22 ----A---- C:\WINDOWS\system32\SysMonitor.exe
2009-08-11 11:23:15 ----D---- C:\Acer
2009-08-11 11:20:35 ----A---- C:\WINDOWS\system32\capicom.dll
2009-08-11 11:20:23 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\java.exe
2009-08-11 11:19:11 ----D---- C:\Program Files\Java
2009-08-11 11:19:10 ----D---- C:\Program Files\Fichiers communs\Java
2009-08-11 11:18:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Macromedia
2009-08-11 11:18:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Identities
2009-08-11 11:18:18 ----ASH---- C:\Documents and Settings\Liliane et Guy\Application Data\desktop.ini
2009-08-11 11:18:17 ----SD---- C:\Documents and Settings\Liliane et Guy\Application Data\Microsoft
2009-08-11 11:14:25 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-08-11 11:12:01 ----A---- C:\WINDOWS\system32\hidserv.dll

======List of files/folders modified in the last 1 months======

2009-09-04 16:15:51 ----D---- C:\WINDOWS\temp
2009-09-04 11:43:55 ----D---- C:\WINDOWS\Registration
2009-09-04 11:43:27 ----AD---- C:\WINDOWS
2009-09-04 11:39:13 ----AD---- C:\WINDOWS\system32
2009-09-03 21:15:12 ----RD---- C:\Program Files
2009-08-30 23:19:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-30 18:44:41 ----SHD---- C:\WINDOWS\Installer
2009-08-30 18:44:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-30 18:44:28 ----HD---- C:\WINDOWS\inf
2009-08-28 16:37:25 ----D---- C:\Documents and Settings
2009-08-28 15:07:09 ----D---- C:\WINDOWS\system32\Restore
2009-08-27 22:41:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-27 22:40:12 ----AD---- C:\WINDOWS\system32\drivers
2009-08-25 09:10:11 ----RSD---- C:\WINDOWS\Fonts
2009-08-25 09:04:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-24 12:04:00 ----D---- C:\Program Files\Fichiers communs
2009-08-24 12:01:30 ----AD---- C:\WINDOWS\system
2009-08-24 11:45:54 ----A---- C:\WINDOWS\vbaddin.ini
2009-08-24 11:41:55 ----D---- C:\WINDOWS\system32\config
2009-08-24 11:41:51 ----D---- C:\WINDOWS\system32\wbem
2009-08-24 11:41:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-24 11:41:26 ----D---- C:\Program Files\DIFX
2009-08-24 08:40:05 ----A---- C:\WINDOWS\system32\ATHPRXY(2).DLL
2009-08-23 12:05:36 ----D---- C:\WINDOWS\security
2009-08-23 12:03:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-21 07:45:45 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-21 07:45:43 ----RSD---- C:\WINDOWS\assembly
2009-08-21 00:17:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-21 00:17:03 ----D---- C:\WINDOWS\WinSxS
2009-08-21 00:13:51 ----D---- C:\WINDOWS\system32\spool
2009-08-20 20:46:16 ----D---- C:\WINDOWS\system32\DirectX
2009-08-20 17:54:59 ----D---- C:\Program Files\MSN
2009-08-20 17:07:55 ----N---- C:\WINDOWS\win.ini
2009-08-20 16:58:01 ----D---- C:\Program Files\microsoft frontpage
2009-08-20 16:39:58 ----A---- C:\WINDOWS\ODBCINST.INI
2009-08-20 16:39:57 ----D---- C:\WINDOWS\Media
2009-08-20 16:39:55 ----D---- C:\WINDOWS\Help
2009-08-18 23:23:48 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-17 16:02:35 ----D---- C:\Program Files\Fichiers communs\System
2009-08-15 13:30:37 ----RASH---- C:\boot.ini
2009-08-15 13:30:37 ----N---- C:\WINDOWS\system.ini
2009-08-14 12:07:51 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-08-13 09:43:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-12 23:54:33 ----D---- C:\WINDOWS\Debug
2009-08-12 21:13:13 ----AD---- C:\VALUEADD
2009-08-12 19:26:32 ----D---- C:\WINDOWS\ehome
2009-08-12 19:23:50 ----D---- C:\Program Files\Windows Media Player
2009-08-12 13:26:05 ----SD---- C:\WINDOWS\Tasks
2009-08-12 08:58:56 ----D---- C:\Program Files\Internet Explorer
2009-08-12 08:47:57 ----D---- C:\Program Files\Outlook Express
2009-08-12 08:47:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-11 20:10:30 ----D---- C:\drv
2009-08-11 20:08:38 ----RD---- C:\WINDOWS\Web
2009-08-11 20:07:01 ----D---- C:\WINDOWS\system32\URTTemp
2009-08-11 20:06:59 ----D---- C:\WINDOWS\system32\RTCOM
2009-08-11 20:06:59 ----D---- C:\WINDOWS\system32\ras
2009-08-11 20:06:57 ----SD---- C:\WINDOWS\system32\Microsoft
2009-08-11 20:06:57 ----D---- C:\WINDOWS\system32\mui
2009-08-11 20:06:57 ----D---- C:\WINDOWS\system32\MsDtc
2009-08-11 20:06:56 ----D---- C:\WINDOWS\system32\Macromed
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\IME
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\icsxml
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\ias
2009-08-11 20:04:46 ----D---- C:\WINDOWS\system32\1036
2009-08-11 20:04:46 ----D---- C:\WINDOWS\system32\1033
2009-08-11 20:04:41 ----D---- C:\WINDOWS\Resources
2009-08-11 20:04:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-08-11 20:04:32 ----D---- C:\WINDOWS\Provisioning
2009-08-11 20:04:24 ----RD---- C:\WINDOWS\Offline Web Pages
2009-08-11 20:04:24 ----D---- C:\WINDOWS\OemDir
2009-08-11 20:04:24 ----D---- C:\WINDOWS\nview
2009-08-11 20:04:03 ----D---- C:\WINDOWS\java
2009-08-11 20:01:19 ----D---- C:\WINDOWS\Driver Cache
2009-08-11 20:01:19 ----D---- C:\WINDOWS\Cursors
2009-08-11 20:01:02 ----HDC---- C:\WINDOWS\$UninstallOCA-X86Fre-ENU$
2009-08-11 20:01:02 ----D---- C:\WINDOWS\addins
2009-08-11 20:01:02 ----D---- C:\WINDOWS\AcerDRV
2009-08-11 19:59:09 ----D---- C:\SYSINFO
2009-08-11 19:59:09 ----D---- C:\Program Files\xerox
2009-08-11 19:59:04 ----D---- C:\Program Files\Windows Plus
2009-08-11 19:58:58 ----D---- C:\Program Files\Services en ligne
2009-08-11 19:58:49 ----D---- C:\Program Files\Realtek
2009-08-11 19:58:48 ----D---- C:\Program Files\Online Services
2009-08-11 19:58:48 ----D---- C:\Program Files\Oca History Tool
2009-08-11 19:58:04 ----D---- C:\Program Files\MSN Gaming Zone
2009-08-11 19:57:52 ----D---- C:\Program Files\GemMasterFrench
2009-08-11 19:57:51 ----D---- C:\Program Files\FrenchOtto
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\Services
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-08-11 19:57:42 ----D---- C:\Program Files\Fichiers communs\muvee Technologies
2009-08-11 19:57:42 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-08-11 19:57:41 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-08-11 19:57:39 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-08-11 19:57:37 ----D---- C:\Program Files\CyberLink
2009-08-11 19:57:25 ----D---- C:\Program Files\commercial
2009-08-11 19:57:11 ----D---- C:\Program Files\Acer WLAN 11g USB Dongle
2009-08-11 19:57:10 ----AD---- C:\i386
2009-08-11 19:54:22 ----AD---- C:\GUIDE
2009-08-11 19:53:53 ----AD---- C:\dotnetfx
2009-08-11 19:51:44 ----AD---- C:\CMPNENTS
2009-08-11 17:51:45 ----D---- C:\WINDOWS\pchealth
2009-08-11 13:17:51 ----D---- C:\Program Files\Adobe
2009-08-11 12:56:59 ----D---- C:\WINDOWS\AppPatch
2009-08-11 12:30:51 ----D---- C:\Program Files\Messenger
2009-08-11 12:04:18 ----D---- C:\WINDOWS\system32\Setup
2009-08-11 11:58:32 ----D---- C:\WINDOWS\system32\inetsrv
2009-08-11 11:58:31 ----D---- C:\WINDOWS\ime
2009-08-11 11:58:20 ----D---- C:\WINDOWS\system32\usmt
2009-08-11 11:58:18 ----D---- C:\WINDOWS\PeerNet
2009-08-11 11:58:18 ----D---- C:\Program Files\Movie Maker
2009-08-11 11:56:11 ----D---- C:\WINDOWS\system32\npp
2009-08-11 11:56:10 ----D---- C:\WINDOWS\msagent
2009-08-11 11:56:09 ----D---- C:\WINDOWS\srchasst
2009-08-11 11:56:07 ----D---- C:\Program Files\NetMeeting
2009-08-11 11:56:06 ----D---- C:\WINDOWS\system32\Com
2009-08-11 11:56:04 ----D---- C:\Program Files\Windows NT
2009-08-11 11:55:45 ----AD---- C:\WINDOWS\system32\oobe
2009-08-11 11:34:58 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-11 11:32:12 ----A---- C:\WINDOWS\alaunch.ini
2009-08-11 11:11:13 ----D---- C:\WINDOWS\repair
2009-08-05 11:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-02-24 66992]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-02-24 24698]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2004-02-24 259200]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-07-03 296976]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-02-24 118409]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2004-02-24 213120]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-02-24 21993]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-05 4284928]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-11 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-12 3934592]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-06-29 244864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-02-24 22745]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-12 155715]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-19 92008]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-12 355584]
S3 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Evasion60
 Posté le 04/09/2009 à 17:57 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re

  • Télécharge OTM (de Old_Timer) sur ton bureau,
  • Double-clique sur OTM.exe pour lancer le programme,
  • Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Instructions for Items to be Moved" :

:Processes
explorer.exe

:Files
C:\WINDOWS\ime
C:\WINDOWS\IME
C:\WINDOWS\system32\SET1EB.tmp
C:\WINDOWS\system32\SET1EA.tmp
C:\WINDOWS\system32\SET1E9.tmp
C:\WINDOWS\system32\SET1E8.tmp
C:\WINDOWS\system32\SET1D2.tmp
C:\WINDOWS\system32\SET1CD.tmp
C:\WINDOWS\system32\SET1C0.tmp
C:\WINDOWS\system32\SET1B9.tmp
C:\WINDOWS\system32\SET1B8.tmp
C:\WINDOWS\system32\SET1B6.tmp
C:\WINDOWS\system32\SET1B5.tmp
C:\WINDOWS\system32\SET1B4.tmp
C:\WINDOWS\system32\SET1B3.tmp
C:\WINDOWS\system32\SET1B2.tmp
C:\WINDOWS\system32\SET1B1.tmp
C:\WINDOWS\system32\SET1B0.tmp
C:\WINDOWS\system32\SET1AE.tmp
C:\WINDOWS\system32\SET1AD.tmp
C:\WINDOWS\system32\SET1AC.tmp
C:\WINDOWS\system32\SET1AB.tmp
C:\WINDOWS\system32\SET1AA.tmp
C:\WINDOWS\system32\SET1A9.tmp
C:\WINDOWS\system32\SET1A8.tmp
C:\WINDOWS\system32\SET1A7.tmp
C:\WINDOWS\system32\SET1A6.tmp
C:\WINDOWS\system32\SET1A5.tmp
C:\WINDOWS\system32\SET1A4.tmp
C:\WINDOWS\system32\SET1A3.tmp
C:\WINDOWS\system32\SET1A2.tmp
C:\WINDOWS\system32\SET1A1.tmp
C:\WINDOWS\system32\SET19F.tmp
C:\WINDOWS\system32\SET1B7.tmp
C:\WINDOWS\system32\SET1AF.tmp
C:\WINDOWS\system32\SET19E.tmp
C:\WINDOWS\system32\SET19D.tmp
C:\WINDOWS\system32\SET19C.tmp
C:\WINDOWS\system32\SET19B.tmp
C:\WINDOWS\system32\SET19A.tmp
C:\WINDOWS\system32\SET199.tmp
C:\WINDOWS\system32\SET198.tmp
C:\WINDOWS\system32\SET197.tmp
C:\WINDOWS\system32\SET196.tmp
C:\WINDOWS\system32\SET195.tmp
C:\WINDOWS\system32\SETD0.tmp
C:\WINDOWS\system32\SETC8.tmp
C:\WINDOWS\system32\SETC2.tmp
C:\WINDOWS\system32\SETA5.tmp
C:\WINDOWS\system32\SET67.tmp
C:\WINDOWS\system32\SET18C.tmp
C:\WINDOWS\system32\SET17D.tmp
C:\WINDOWS\system32\SET178.tmp
C:\WINDOWS\system32\SET173.tmp
C:\WINDOWS\system32\SET16A.tmp
C:\WINDOWS\system32\SET158.tmp
C:\WINDOWS\system32\SET157.tmp
C:\WINDOWS\system32\SET140.tmp
C:\WINDOWS\system32\SET7F.tmp
C:\WINDOWS\system32\SET11D.tmp
C:\WINDOWS\system32\SETC5.tmp
C:\WINDOWS\system32\SET170.tmp
C:\WINDOWS\system32\SET3B.tmp
C:\WINDOWS\system32\SET175.tmp
C:\WINDOWS\system32\SET41.tmp


:Reg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6fe6ffd-8656-11de-acaf-806d6172696f}]

:Commands
[purity]
[emptytemp]
[start explorer]
[reboot]

  • Clique sur MoveIt! pour lancer la suppression,
  • Le résultat appraraîtra dans le cadre Results.
  • Clique sur Exit pour fermer le programme.
  • Poste le rapport qui est situé ici : C:\_OTM\MovedFiles
  • Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes..

Bonne réception, et à te lire

lilou89
 Posté le 04/09/2009 à 18:27 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

RE

Voici la suite.

J'ai redémarré et ma barre de menu est sur fond noir de nouveau

All processes killed
Error: Unable to interpret <Processes> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
========== FILES ==========
Folder move failed. C:\WINDOWS\ime\shared\res scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\shared scheduled to be moved on reboot.
C:\WINDOWS\ime\imkr6_1\HELP moved successfully.
Folder move failed. C:\WINDOWS\ime\imkr6_1\dicts scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imkr6_1\applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imkr6_1 scheduled to be moved on reboot.
C:\WINDOWS\ime\imjp8_1\HELP moved successfully.
C:\WINDOWS\ime\imjp8_1\DICTS moved successfully.
Folder move failed. C:\WINDOWS\ime\imjp8_1\applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imjp8_1 scheduled to be moved on reboot.
C:\WINDOWS\ime\imejp98 moved successfully.
C:\WINDOWS\ime\imejp\applets moved successfully.
C:\WINDOWS\ime\imejp moved successfully.
Folder move failed. C:\WINDOWS\ime\CHTIME\Applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\CHTIME scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\chsime\applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\chsime scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\shared\res scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\shared scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imkr6_1\dicts scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imkr6_1\applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imkr6_1 scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imjp8_1\applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\imjp8_1 scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\CHTIME\Applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\CHTIME scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\chsime\applets scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime\chsime scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\ime scheduled to be moved on reboot.
C:\WINDOWS\system32\SET1EB.tmp moved successfully.
C:\WINDOWS\system32\SET1EA.tmp moved successfully.
C:\WINDOWS\system32\SET1E9.tmp moved successfully.
C:\WINDOWS\system32\SET1E8.tmp moved successfully.
C:\WINDOWS\system32\SET1D2.tmp moved successfully.
C:\WINDOWS\system32\SET1CD.tmp moved successfully.
C:\WINDOWS\system32\SET1C0.tmp moved successfully.
C:\WINDOWS\system32\SET1B9.tmp moved successfully.
C:\WINDOWS\system32\SET1B8.tmp moved successfully.
C:\WINDOWS\system32\SET1B6.tmp moved successfully.
C:\WINDOWS\system32\SET1B5.tmp moved successfully.
C:\WINDOWS\system32\SET1B4.tmp moved successfully.
C:\WINDOWS\system32\SET1B3.tmp moved successfully.
C:\WINDOWS\system32\SET1B2.tmp moved successfully.
C:\WINDOWS\system32\SET1B1.tmp moved successfully.
C:\WINDOWS\system32\SET1B0.tmp moved successfully.
C:\WINDOWS\system32\SET1AE.tmp moved successfully.
C:\WINDOWS\system32\SET1AD.tmp moved successfully.
C:\WINDOWS\system32\SET1AC.tmp moved successfully.
C:\WINDOWS\system32\SET1AB.tmp moved successfully.
C:\WINDOWS\system32\SET1AA.tmp moved successfully.
C:\WINDOWS\system32\SET1A9.tmp moved successfully.
C:\WINDOWS\system32\SET1A8.tmp moved successfully.
C:\WINDOWS\system32\SET1A7.tmp moved successfully.
C:\WINDOWS\system32\SET1A6.tmp moved successfully.
C:\WINDOWS\system32\SET1A5.tmp moved successfully.
C:\WINDOWS\system32\SET1A4.tmp moved successfully.
C:\WINDOWS\system32\SET1A3.tmp moved successfully.
C:\WINDOWS\system32\SET1A2.tmp moved successfully.
C:\WINDOWS\system32\SET1A1.tmp moved successfully.
C:\WINDOWS\system32\SET19F.tmp moved successfully.
C:\WINDOWS\system32\SET1B7.tmp moved successfully.
C:\WINDOWS\system32\SET1AF.tmp moved successfully.
C:\WINDOWS\system32\SET19E.tmp moved successfully.
C:\WINDOWS\system32\SET19D.tmp moved successfully.
C:\WINDOWS\system32\SET19C.tmp moved successfully.
C:\WINDOWS\system32\SET19B.tmp moved successfully.
C:\WINDOWS\system32\SET19A.tmp moved successfully.
C:\WINDOWS\system32\SET199.tmp moved successfully.
C:\WINDOWS\system32\SET198.tmp moved successfully.
C:\WINDOWS\system32\SET197.tmp moved successfully.
C:\WINDOWS\system32\SET196.tmp moved successfully.
C:\WINDOWS\system32\SET195.tmp moved successfully.
C:\WINDOWS\system32\SETD0.tmp moved successfully.
C:\WINDOWS\system32\SETC8.tmp moved successfully.
C:\WINDOWS\system32\SETC2.tmp moved successfully.
C:\WINDOWS\system32\SETA5.tmp moved successfully.
C:\WINDOWS\system32\SET67.tmp moved successfully.
C:\WINDOWS\system32\SET18C.tmp moved successfully.
C:\WINDOWS\system32\SET17D.tmp moved successfully.
C:\WINDOWS\system32\SET178.tmp moved successfully.
C:\WINDOWS\system32\SET173.tmp moved successfully.
C:\WINDOWS\system32\SET16A.tmp moved successfully.
C:\WINDOWS\system32\SET158.tmp moved successfully.
C:\WINDOWS\system32\SET157.tmp moved successfully.
C:\WINDOWS\system32\SET140.tmp moved successfully.
C:\WINDOWS\system32\SET7F.tmp moved successfully.
C:\WINDOWS\system32\SET11D.tmp moved successfully.
C:\WINDOWS\system32\SETC5.tmp moved successfully.
C:\WINDOWS\system32\SET170.tmp moved successfully.
C:\WINDOWS\system32\SET3B.tmp moved successfully.
C:\WINDOWS\system32\SET175.tmp moved successfully.
C:\WINDOWS\system32\SET41.tmp moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6fe6ffd-8656-11de-acaf-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e6fe6ffd-8656-11de-acaf-806d6172696f}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: Liliane et Guy
->Temp folder emptied: 68827609 bytes
File delete failed. C:\Documents and Settings\Liliane et Guy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 6141681 bytes
->Java cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 32969 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 85264 bytes
%systemroot%\System32 .tmp files removed: 38752947 bytes
Windows Temp folder emptied: 40960 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 108,81 mb


OTM by OldTimer - Version 3.0.0.6 log created on 09042009_182000

Evasion60
 Posté le 04/09/2009 à 19:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re / OK

... Veux-tu me passer ce scanner en ligne ( pas d'installation ), avec IE / STP :
https://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s46.htm

Poste moi son rapport STP

Bon appétit, et à ce soir

lilou89
 Posté le 04/09/2009 à 20:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Scan BitDefender

BitDefender Online Scanner - Rapport virus en temps réel

Généré à: Fri, Sep 04, 2009 - 20:35:09


Info d'analyse

Fichiers scannés

72430

Infectés Fichiers

0

Virus Détectés

Aucun virus trouvé.


Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.

lilou89
 Posté le 04/09/2009 à 23:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir evasion60

Voilà j'ai scané avec BitDefender et apparemment il n'y a pas de virus.

J'ai toujours ma barre de menu avec un fond noir depuis que j'ai redémarré.

Si il y a une suite à donner, on verra demain, car je vais me coucher

Merci evasion60 de m'avoir guidé jusque là.

Je fais quoi avec RSIT et OTM qui sont sur le bureau?

Bonne nuit

A plus

Evasion60
 Posté le 05/09/2009 à 11:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour

Je fais quoi avec RSIT et OTM qui sont sur le bureau?

... Pour le moment nous les gardons / Ok

Repasse moi RSIT, et poste moi son nouveau rapport

Bonne réception, et à te lire

Publicité
lilou89
 Posté le 05/09/2009 à 12:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonjour

1er Rapport

aLogfile of random's system information tool 1.06 (written by random/random)
Run by Liliane et Guy at 2009-09-05 12:44:07
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 60 GB (82%) free of 73 GB
Total RAM: 2815 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:11, on 05/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Microsoft Carioca\MSCarioca.exe
C:\Documents and Settings\Liliane et Guy\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Liliane et Guy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249986238703
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7226 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{8E376F74-ED74-486C-A622-A632F060699B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-08-25 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-08-10 251264]
"TClockEx"=C:\Program Files\TClockEx\TCLOCKEX.EXE [2000-03-09 89088]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
C:\Genius\ioCentre\gTaskBar.exe [2007-01-19 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]
Alaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-07-12 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [2009-08-18 868352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe [2003-05-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-08-19 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
C:\PROGRA~1\ACERWL~1\ZDWlan.exe [2005-11-16 745472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
[]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Documents and Settings\Liliane et Guy\Menu Démarrer\Programmes\Démarrage
Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=00000000
"NoRecentDocsMenu "=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6fe6ffd-8656-11de-acaf-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-09-04 20:11:50 ----D---- C:\WINDOWS\BDOSCAN8
2009-09-04 20:11:48 ----D---- C:\WINDOWS\LastGood
2009-09-04 18:20:00 ----D---- C:\_OTM
2009-09-04 16:16:05 ----D---- C:\rsit
2009-09-04 08:00:53 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-09-03 21:15:12 ----D---- C:\Program Files\ESET
2009-09-03 18:48:54 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\WinRAR
2009-09-03 18:48:05 ----D---- C:\Program Files\WinRAR
2009-08-30 18:44:37 ----D---- C:\Program Files\ma-config.com
2009-08-30 18:44:37 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-08-28 15:56:50 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Mozilla
2009-08-28 15:10:06 ----D---- C:\Mes Documents
2009-08-28 15:07:19 ----D---- C:\Win Généalogic
2009-08-28 15:07:18 ----D---- C:\TomTom
2009-08-28 15:07:18 ----D---- C:\Roxio
2009-08-28 15:07:17 ----D---- C:\Protectis
2009-08-28 15:07:17 ----D---- C:\Mes sites Web
2009-08-28 15:07:14 ----D---- C:\CyberLink
2009-08-26 22:11:30 ----D---- C:\WINDOWS\system32\appmgmt
2009-08-26 19:57:25 ----A---- C:\WINDOWS\system32\MSCc2FR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\StdFtFR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\DBRpRFR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\DBLstFR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\Rdo20FR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\MSDBRptR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DZIP32.DLL
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DZACTX.DLL
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DUNZIP32.DLL
2009-08-26 19:57:22 ----A---- C:\WINDOWS\system32\MSCmCFR.dll
2009-08-26 19:57:22 ----A---- C:\WINDOWS\system32\DUZACTX.DLL
2009-08-26 19:57:20 ----A---- C:\WINDOWS\system32\Vbis4032.dll
2009-08-26 19:57:19 ----D---- C:\Program Files\Win Généalogic
2009-08-26 19:57:17 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-08-26 18:57:59 ----D---- C:\WINDOWS\system32\Adobe
2009-08-24 13:16:27 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-08-24 13:16:26 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-08-24 12:04:00 ----D---- C:\Program Files\Fichiers communs\Designer
2009-08-24 12:03:26 ----D---- C:\WINDOWS\ShellNew
2009-08-24 12:03:20 ----D---- C:\Program Files\Microsoft Office
2009-08-24 11:40:11 ----D---- C:\Config.Msi
2009-08-23 15:04:37 ----D---- C:\WINDOWS\ShellNew(2)
2009-08-23 12:03:56 ----D---- C:\Program Files\IVT Corporation
2009-08-23 12:03:32 ----D---- C:\Program Files\PC Connectivity Solution
2009-08-23 12:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-08-21 23:05:35 ----D---- C:\Program Files\Secunia
2009-08-21 00:14:12 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-21 00:14:09 ----D---- C:\Program Files\MSBuild
2009-08-21 00:14:07 ----D---- C:\WINDOWS\system32\en-US
2009-08-21 00:14:04 ----D---- C:\Program Files\Reference Assemblies
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-20 20:58:27 ----A---- C:\A-Patch143b3_WLM9.exe
2009-08-20 20:44:16 ----D---- C:\Program Files\Microsoft
2009-08-20 18:10:53 ----D---- C:\Program Files\Microsoft Works
2009-08-20 17:54:59 ----D---- C:\WINDOWS\Desktop
2009-08-20 17:23:26 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-08-20 16:58:13 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Microsoft Web Folders
2009-08-18 23:49:09 ----A---- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
2009-08-18 23:35:20 ----D---- C:\Program Files\Roxio
2009-08-18 23:34:26 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-08-17 20:26:13 ----D---- C:\WINDOWS\Sun
2009-08-17 13:47:15 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-08-17 12:00:32 ----D---- C:\Program Files\Trend Micro
2009-08-16 09:38:11 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2009-08-16 09:35:48 ----D---- C:\Program Files\TomTom International B.V
2009-08-16 09:35:28 ----D---- C:\Program Files\TomTom HOME 2
2009-08-16 09:10:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\TomTom
2009-08-15 09:37:43 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\HouseCall 6.6
2009-08-15 09:37:41 ----D---- C:\WINDOWS\system32\HouseCall 6.6
2009-08-15 07:44:01 ----D---- C:\Program Files\PhotoFiltre Studio
2009-08-14 23:22:43 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Help
2009-08-14 23:21:05 ----D---- C:\Program Files\TClockEx
2009-08-14 14:09:33 ----D---- C:\Program Files\Defraggler
2009-08-14 12:05:44 ----D---- C:\Genius
2009-08-14 12:05:31 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\InstallShield
2009-08-13 22:25:31 ----D---- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
2009-08-13 15:18:26 ----A---- C:\WINDOWS\system32\GAPI32.dll
2009-08-13 15:18:23 ----A---- C:\WINDOWS\system32\msjet35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\vbar332.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\msrepl35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\Msrd2x35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2009-08-13 11:14:00 ----D---- C:\WINDOWS\SxsCaPendDel
2009-08-13 09:48:17 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-08-13 09:39:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-08-12 19:24:29 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-08-12 19:23:51 ----D---- C:\Program Files\Windows Media Connect 2
2009-08-12 19:21:39 ----D---- C:\WINDOWS\system32\LogFiles
2009-08-12 15:33:50 ----D---- C:\Program Files\MSECache
2009-08-12 14:47:39 ----D---- C:\Program Files\Jeux de cartes
2009-08-12 13:32:56 ----D---- C:\Program Files\Unlocker
2009-08-12 11:53:33 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\dvdcss
2009-08-12 10:59:31 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-12 09:21:15 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-08-12 09:21:14 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-08-12 09:21:13 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\TuneUp Software
2009-08-12 09:20:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-08-12 09:20:52 ----D---- C:\Program Files\TuneUp Utilities 2008
2009-08-12 09:19:49 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-08-12 08:54:48 ----HDC---- C:\WINDOWS\ie8
2009-08-12 05:47:00 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-08-12 05:47:00 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-08-11 23:41:26 ----D---- C:\WINDOWS\pss
2009-08-11 22:28:28 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Malwarebytes
2009-08-11 22:28:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-11 22:28:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-11 22:26:40 ----D---- C:\Program Files\e-Carte Bleue Banque Populaire
2009-08-11 21:43:11 ----D---- C:\Program Files\BVS Solitaire Collection
2009-08-11 21:28:27 ----D---- C:\Program Files\Microsoft Carioca
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\tabctfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\Rchtxfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\mcifr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\FLXGDFR.DLL
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\cmdlgfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\cmctlfr.dll
2009-08-11 21:20:12 ----D---- C:\Program Files\FoxTarot4
2009-08-11 21:11:12 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-08-11 20:09:32 ----SHD---- C:\system volume information
2009-08-11 19:09:04 ----D---- C:\Program Files\eMule
2009-08-11 18:54:42 ----D---- C:\Program Files\Neuf
2009-08-11 18:22:36 ----A---- C:\WINDOWS\system32\unicows.dll
2009-08-11 18:22:36 ----A---- C:\WINDOWS\system32\pxc25pm.dll
2009-08-11 18:22:33 ----D---- C:\Program Files\Tracker Software
2009-08-11 18:17:34 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-08-11 18:00:30 ----D---- C:\Program Files\Messenger Plus! Live
2009-08-11 17:54:14 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-11 17:53:29 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-08-11 17:53:23 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-08-11 17:52:21 ----D---- C:\Program Files\Windows Live SkyDrive
2009-08-11 17:51:58 ----D---- C:\Program Files\Windows Live
2009-08-11 17:46:58 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-08-11 16:58:36 ----D---- C:\Program Files\Kaspersky Lab
2009-08-11 16:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-08-11 16:55:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-08-11 16:45:32 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\vlc
2009-08-11 16:45:15 ----D---- C:\Program Files\VideoLAN
2009-08-11 15:44:31 ----A---- C:\WINDOWS\ODBC.INI
2009-08-11 14:56:45 ----D---- C:\Documents and Settings\All Users\Application Data\IM
2009-08-11 14:56:13 ----D---- C:\Documents and Settings\All Users\Application Data\IncrediMail
2009-08-11 14:56:12 ----D---- C:\Program Files\IncrediMail
2009-08-11 14:40:55 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\BVS Solitaire Collection
2009-08-11 14:18:00 ----A---- C:\WINDOWS\lexstat.ini
2009-08-11 14:17:45 ----A---- C:\WINDOWS\system32\lxbkvs.dll
2009-08-11 14:17:44 ----A---- C:\WINDOWS\system32\lxbkpwr.dll
2009-08-11 14:17:43 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL
2009-08-11 14:17:41 ----A---- C:\WINDOWS\system32\LXBKIH.EXE
2009-08-11 14:17:40 ----A---- C:\WINDOWS\system32\LXBKCU.DLL
2009-08-11 14:17:40 ----A---- C:\WINDOWS\system32\lxbkcomm.dll
2009-08-11 14:17:38 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE
2009-08-11 14:17:37 ----A---- C:\WINDOWS\system32\LEXPPS.EXE
2009-08-11 14:17:37 ----A---- C:\WINDOWS\system32\LEXPING.EXE
2009-08-11 14:17:36 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEXBCES.EXE
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEXBCE.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\INSTMON.EXE
2009-08-11 14:17:31 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL
2009-08-11 14:17:30 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL
2009-08-11 14:17:18 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2009-08-11 14:17:12 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL
2009-08-11 14:17:12 ----A---- C:\WINDOWS\system32\lxbkscin.dll
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\LXBKGF.DLL
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcoin.ini
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcoin.dll
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcinf.dll
2009-08-11 14:16:52 ----D---- C:\Program Files\Lexmark X1100 Series
2009-08-11 14:16:52 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL
2009-08-11 14:15:22 ----A---- C:\WINDOWS\unin040c.exe
2009-08-11 14:10:03 ----D---- C:\Program Files\CCleaner
2009-08-11 13:55:50 ----D---- C:\Program Files\VS Revo Group
2009-08-11 13:27:34 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Sun
2009-08-11 13:20:59 ----SHD---- C:\RECYCLER
2009-08-11 13:17:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-08-11 13:17:51 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-08-11 13:16:13 ----D---- C:\Program Files\NOS
2009-08-11 13:16:13 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-08-11 13:14:48 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-08-11 13:13:24 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Adobe
2009-08-11 13:02:25 ----D---- C:\WINDOWS\ie8updates
2009-08-11 12:42:07 ----D---- C:\WINDOWS\WBEM
2009-08-11 12:40:27 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-11 12:38:55 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\services.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-08-11 12:28:18 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-08-11 12:04:38 ----D---- C:\WINDOWS\Prefetch
2009-08-11 11:58:20 ----D---- C:\WINDOWS\system32\fr-fr
2009-08-11 11:58:19 ----D---- C:\WINDOWS\system32\fr
2009-08-11 11:58:19 ----D---- C:\WINDOWS\l2schemas
2009-08-11 11:58:18 ----D---- C:\WINDOWS\system32\bits
2009-08-11 11:56:21 ----D---- C:\WINDOWS\ServicePackFiles
2009-08-11 11:54:19 ----D---- C:\WINDOWS\network diagnostic
2009-08-11 11:36:48 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-08-11 11:36:36 ----D---- C:\WINDOWS\system32\PreInstall
2009-08-11 11:25:36 ----A---- C:\WINDOWS\PowerOption.ini
2009-08-11 11:25:36 ----A---- C:\WINDOWS\PowerOption.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\ERUpdateHidden.EXE
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\CloseProcessWindow.dll
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\ClearEvent.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\CheckD2DSystem.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\Acer EULA.txt
2009-08-11 11:24:37 ----D---- C:\WINDOWS\Downloaded Installations
2009-08-11 11:23:23 ----A---- C:\WINDOWS\system32\eRecUtil.dll
2009-08-11 11:23:22 ----A---- C:\WINDOWS\system32\SysMonitor.exe
2009-08-11 11:23:15 ----D---- C:\Acer
2009-08-11 11:20:35 ----A---- C:\WINDOWS\system32\capicom.dll
2009-08-11 11:20:23 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\java.exe
2009-08-11 11:19:11 ----D---- C:\Program Files\Java
2009-08-11 11:19:10 ----D---- C:\Program Files\Fichiers communs\Java
2009-08-11 11:18:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Macromedia
2009-08-11 11:18:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Identities
2009-08-11 11:18:18 ----ASH---- C:\Documents and Settings\Liliane et Guy\Application Data\desktop.ini
2009-08-11 11:18:17 ----SD---- C:\Documents and Settings\Liliane et Guy\Application Data\Microsoft
2009-08-11 11:14:25 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-08-11 11:12:01 ----A---- C:\WINDOWS\system32\hidserv.dll

======List of files/folders modified in the last 1 months======

2009-09-05 12:44:08 ----D---- C:\WINDOWS\temp
2009-09-04 20:11:52 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-04 20:11:50 ----HD---- C:\WINDOWS\inf
2009-09-04 20:11:50 ----AD---- C:\WINDOWS
2009-09-04 20:11:49 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-04 18:22:48 ----D---- C:\WINDOWS\Registration
2009-09-04 18:20:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-04 18:20:45 ----D---- C:\WINDOWS\ime
2009-09-04 18:20:41 ----AD---- C:\WINDOWS\system32
2009-09-03 21:15:12 ----RD---- C:\Program Files
2009-08-30 18:44:41 ----SHD---- C:\WINDOWS\Installer
2009-08-28 16:37:25 ----D---- C:\Documents and Settings
2009-08-28 15:07:09 ----D---- C:\WINDOWS\system32\Restore
2009-08-27 22:41:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-27 22:40:12 ----AD---- C:\WINDOWS\system32\drivers
2009-08-25 09:10:11 ----RSD---- C:\WINDOWS\Fonts
2009-08-25 09:04:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-24 12:04:00 ----D---- C:\Program Files\Fichiers communs
2009-08-24 12:01:30 ----AD---- C:\WINDOWS\system
2009-08-24 11:45:54 ----A---- C:\WINDOWS\vbaddin.ini
2009-08-24 11:41:55 ----D---- C:\WINDOWS\system32\config
2009-08-24 11:41:51 ----D---- C:\WINDOWS\system32\wbem
2009-08-24 11:41:26 ----D---- C:\Program Files\DIFX
2009-08-24 08:40:05 ----A---- C:\WINDOWS\system32\ATHPRXY(2).DLL
2009-08-23 12:05:36 ----D---- C:\WINDOWS\security
2009-08-23 12:03:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-21 07:45:45 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-21 07:45:43 ----RSD---- C:\WINDOWS\assembly
2009-08-21 00:17:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-21 00:17:03 ----D---- C:\WINDOWS\WinSxS
2009-08-21 00:13:51 ----D---- C:\WINDOWS\system32\spool
2009-08-20 20:46:16 ----D---- C:\WINDOWS\system32\DirectX
2009-08-20 17:54:59 ----D---- C:\Program Files\MSN
2009-08-20 17:07:55 ----N---- C:\WINDOWS\win.ini
2009-08-20 16:58:01 ----D---- C:\Program Files\microsoft frontpage
2009-08-20 16:39:58 ----A---- C:\WINDOWS\ODBCINST.INI
2009-08-20 16:39:57 ----D---- C:\WINDOWS\Media
2009-08-20 16:39:55 ----D---- C:\WINDOWS\Help
2009-08-18 23:23:48 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-17 16:02:35 ----D---- C:\Program Files\Fichiers communs\System
2009-08-15 13:30:37 ----RASH---- C:\boot.ini
2009-08-15 13:30:37 ----N---- C:\WINDOWS\system.ini
2009-08-14 12:07:51 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-08-13 09:43:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-12 23:54:33 ----D---- C:\WINDOWS\Debug
2009-08-12 21:13:13 ----AD---- C:\VALUEADD
2009-08-12 19:26:32 ----D---- C:\WINDOWS\ehome
2009-08-12 19:23:50 ----D---- C:\Program Files\Windows Media Player
2009-08-12 13:26:05 ----SD---- C:\WINDOWS\Tasks
2009-08-12 08:58:56 ----D---- C:\Program Files\Internet Explorer
2009-08-12 08:47:57 ----D---- C:\Program Files\Outlook Express
2009-08-12 08:47:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-11 20:10:30 ----D---- C:\drv
2009-08-11 20:08:38 ----RD---- C:\WINDOWS\Web
2009-08-11 20:07:01 ----D---- C:\WINDOWS\system32\URTTemp
2009-08-11 20:06:59 ----D---- C:\WINDOWS\system32\RTCOM
2009-08-11 20:06:59 ----D---- C:\WINDOWS\system32\ras
2009-08-11 20:06:57 ----SD---- C:\WINDOWS\system32\Microsoft
2009-08-11 20:06:57 ----D---- C:\WINDOWS\system32\mui
2009-08-11 20:06:57 ----D---- C:\WINDOWS\system32\MsDtc
2009-08-11 20:06:56 ----D---- C:\WINDOWS\system32\Macromed
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\IME
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\icsxml
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\ias
2009-08-11 20:04:46 ----D---- C:\WINDOWS\system32\1036
2009-08-11 20:04:46 ----D---- C:\WINDOWS\system32\1033
2009-08-11 20:04:41 ----D---- C:\WINDOWS\Resources
2009-08-11 20:04:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-08-11 20:04:32 ----D---- C:\WINDOWS\Provisioning
2009-08-11 20:04:24 ----RD---- C:\WINDOWS\Offline Web Pages
2009-08-11 20:04:24 ----D---- C:\WINDOWS\OemDir
2009-08-11 20:04:24 ----D---- C:\WINDOWS\nview
2009-08-11 20:04:03 ----D---- C:\WINDOWS\java
2009-08-11 20:01:19 ----D---- C:\WINDOWS\Driver Cache
2009-08-11 20:01:19 ----D---- C:\WINDOWS\Cursors
2009-08-11 20:01:02 ----HDC---- C:\WINDOWS\$UninstallOCA-X86Fre-ENU$
2009-08-11 20:01:02 ----D---- C:\WINDOWS\addins
2009-08-11 20:01:02 ----D---- C:\WINDOWS\AcerDRV
2009-08-11 19:59:09 ----D---- C:\SYSINFO
2009-08-11 19:59:09 ----D---- C:\Program Files\xerox
2009-08-11 19:59:04 ----D---- C:\Program Files\Windows Plus
2009-08-11 19:58:58 ----D---- C:\Program Files\Services en ligne
2009-08-11 19:58:49 ----D---- C:\Program Files\Realtek
2009-08-11 19:58:48 ----D---- C:\Program Files\Online Services
2009-08-11 19:58:48 ----D---- C:\Program Files\Oca History Tool
2009-08-11 19:58:04 ----D---- C:\Program Files\MSN Gaming Zone
2009-08-11 19:57:52 ----D---- C:\Program Files\GemMasterFrench
2009-08-11 19:57:51 ----D---- C:\Program Files\FrenchOtto
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\Services
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-08-11 19:57:42 ----D---- C:\Program Files\Fichiers communs\muvee Technologies
2009-08-11 19:57:42 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-08-11 19:57:41 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-08-11 19:57:39 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-08-11 19:57:37 ----D---- C:\Program Files\CyberLink
2009-08-11 19:57:25 ----D---- C:\Program Files\commercial
2009-08-11 19:57:11 ----D---- C:\Program Files\Acer WLAN 11g USB Dongle
2009-08-11 19:57:10 ----AD---- C:\i386
2009-08-11 19:54:22 ----AD---- C:\GUIDE
2009-08-11 19:53:53 ----AD---- C:\dotnetfx
2009-08-11 19:51:44 ----AD---- C:\CMPNENTS
2009-08-11 17:51:45 ----D---- C:\WINDOWS\pchealth
2009-08-11 13:17:51 ----D---- C:\Program Files\Adobe
2009-08-11 12:56:59 ----D---- C:\WINDOWS\AppPatch
2009-08-11 12:30:51 ----D---- C:\Program Files\Messenger
2009-08-11 12:04:18 ----D---- C:\WINDOWS\system32\Setup
2009-08-11 11:58:32 ----D---- C:\WINDOWS\system32\inetsrv
2009-08-11 11:58:20 ----D---- C:\WINDOWS\system32\usmt
2009-08-11 11:58:18 ----D---- C:\WINDOWS\PeerNet
2009-08-11 11:58:18 ----D---- C:\Program Files\Movie Maker
2009-08-11 11:56:11 ----D---- C:\WINDOWS\system32\npp
2009-08-11 11:56:10 ----D---- C:\WINDOWS\msagent
2009-08-11 11:56:09 ----D---- C:\WINDOWS\srchasst
2009-08-11 11:56:07 ----D---- C:\Program Files\NetMeeting
2009-08-11 11:56:06 ----D---- C:\WINDOWS\system32\Com
2009-08-11 11:56:04 ----D---- C:\Program Files\Windows NT
2009-08-11 11:55:45 ----AD---- C:\WINDOWS\system32\oobe
2009-08-11 11:34:58 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-11 11:32:12 ----A---- C:\WINDOWS\alaunch.ini
2009-08-11 11:11:13 ----D---- C:\WINDOWS\repair

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-02-24 66992]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-02-24 24698]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2004-02-24 259200]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-07-03 296976]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-02-24 118409]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2004-02-24 213120]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-02-24 21993]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-05 4284928]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-11 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-12 3934592]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-06-29 244864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-02-24 22745]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-12 155715]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-19 92008]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-12 355584]
S3 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

lilou89
 Posté le 05/09/2009 à 12:54 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

2ème rapport

aLogfile of random's system information tool 1.06 (written by random/random)
Run by Liliane et Guy at 2009-09-05 12:44:07
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 60 GB (82%) free of 73 GB
Total RAM: 2815 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:11, on 05/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Microsoft Carioca\MSCarioca.exe
C:\Documents and Settings\Liliane et Guy\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Liliane et Guy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249986238703
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7226 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{8E376F74-ED74-486C-A622-A632F060699B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-08-25 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-08-10 251264]
"TClockEx"=C:\Program Files\TClockEx\TCLOCKEX.EXE [2000-03-09 89088]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
C:\Genius\ioCentre\gTaskBar.exe [2007-01-19 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]
Alaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-07-12 7626752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-07-12 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [2009-08-18 868352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe [2003-05-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-08-19 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
C:\PROGRA~1\ACERWL~1\ZDWlan.exe [2005-11-16 745472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
[]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Rappels du Calendrier Microsoft Works.lnk - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Documents and Settings\Liliane et Guy\Menu Démarrer\Programmes\Démarrage
Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=00000000
"NoRecentDocsMenu "=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6fe6ffd-8656-11de-acaf-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-09-04 20:11:50 ----D---- C:\WINDOWS\BDOSCAN8
2009-09-04 20:11:48 ----D---- C:\WINDOWS\LastGood
2009-09-04 18:20:00 ----D---- C:\_OTM
2009-09-04 16:16:05 ----D---- C:\rsit
2009-09-04 08:00:53 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-09-03 21:15:12 ----D---- C:\Program Files\ESET
2009-09-03 18:48:54 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\WinRAR
2009-09-03 18:48:05 ----D---- C:\Program Files\WinRAR
2009-08-30 18:44:37 ----D---- C:\Program Files\ma-config.com
2009-08-30 18:44:37 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-08-28 15:56:50 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Mozilla
2009-08-28 15:10:06 ----D---- C:\Mes Documents
2009-08-28 15:07:19 ----D---- C:\Win Généalogic
2009-08-28 15:07:18 ----D---- C:\TomTom
2009-08-28 15:07:18 ----D---- C:\Roxio
2009-08-28 15:07:17 ----D---- C:\Protectis
2009-08-28 15:07:17 ----D---- C:\Mes sites Web
2009-08-28 15:07:14 ----D---- C:\CyberLink
2009-08-26 22:11:30 ----D---- C:\WINDOWS\system32\appmgmt
2009-08-26 19:57:25 ----A---- C:\WINDOWS\system32\MSCc2FR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\StdFtFR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\DBRpRFR.dll
2009-08-26 19:57:24 ----A---- C:\WINDOWS\system32\DBLstFR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\Rdo20FR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\MSDBRptR.dll
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DZIP32.DLL
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DZACTX.DLL
2009-08-26 19:57:23 ----A---- C:\WINDOWS\system32\DUNZIP32.DLL
2009-08-26 19:57:22 ----A---- C:\WINDOWS\system32\MSCmCFR.dll
2009-08-26 19:57:22 ----A---- C:\WINDOWS\system32\DUZACTX.DLL
2009-08-26 19:57:20 ----A---- C:\WINDOWS\system32\Vbis4032.dll
2009-08-26 19:57:19 ----D---- C:\Program Files\Win Généalogic
2009-08-26 19:57:17 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-08-26 18:57:59 ----D---- C:\WINDOWS\system32\Adobe
2009-08-24 13:16:27 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-08-24 13:16:26 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-08-24 12:04:00 ----D---- C:\Program Files\Fichiers communs\Designer
2009-08-24 12:03:26 ----D---- C:\WINDOWS\ShellNew
2009-08-24 12:03:20 ----D---- C:\Program Files\Microsoft Office
2009-08-24 11:40:11 ----D---- C:\Config.Msi
2009-08-23 15:04:37 ----D---- C:\WINDOWS\ShellNew(2)
2009-08-23 12:03:56 ----D---- C:\Program Files\IVT Corporation
2009-08-23 12:03:32 ----D---- C:\Program Files\PC Connectivity Solution
2009-08-23 12:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-08-21 23:05:35 ----D---- C:\Program Files\Secunia
2009-08-21 00:14:12 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-21 00:14:09 ----D---- C:\Program Files\MSBuild
2009-08-21 00:14:07 ----D---- C:\WINDOWS\system32\en-US
2009-08-21 00:14:04 ----D---- C:\Program Files\Reference Assemblies
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-21 00:13:40 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-20 20:58:27 ----A---- C:\A-Patch143b3_WLM9.exe
2009-08-20 20:44:16 ----D---- C:\Program Files\Microsoft
2009-08-20 18:10:53 ----D---- C:\Program Files\Microsoft Works
2009-08-20 17:54:59 ----D---- C:\WINDOWS\Desktop
2009-08-20 17:23:26 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-08-20 16:58:13 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Microsoft Web Folders
2009-08-18 23:49:09 ----A---- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
2009-08-18 23:35:20 ----D---- C:\Program Files\Roxio
2009-08-18 23:34:26 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-08-17 20:26:13 ----D---- C:\WINDOWS\Sun
2009-08-17 13:47:15 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-08-17 12:00:32 ----D---- C:\Program Files\Trend Micro
2009-08-16 09:38:11 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2009-08-16 09:35:48 ----D---- C:\Program Files\TomTom International B.V
2009-08-16 09:35:28 ----D---- C:\Program Files\TomTom HOME 2
2009-08-16 09:10:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\TomTom
2009-08-15 09:37:43 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\HouseCall 6.6
2009-08-15 09:37:41 ----D---- C:\WINDOWS\system32\HouseCall 6.6
2009-08-15 07:44:01 ----D---- C:\Program Files\PhotoFiltre Studio
2009-08-14 23:22:43 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Help
2009-08-14 23:21:05 ----D---- C:\Program Files\TClockEx
2009-08-14 14:09:33 ----D---- C:\Program Files\Defraggler
2009-08-14 12:05:44 ----D---- C:\Genius
2009-08-14 12:05:31 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\InstallShield
2009-08-13 22:25:31 ----D---- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
2009-08-13 15:18:26 ----A---- C:\WINDOWS\system32\GAPI32.dll
2009-08-13 15:18:23 ----A---- C:\WINDOWS\system32\msjet35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\vbar332.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\msrepl35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\Msrd2x35.dll
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2009-08-13 15:18:22 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2009-08-13 11:14:00 ----D---- C:\WINDOWS\SxsCaPendDel
2009-08-13 09:48:17 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-08-13 09:39:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-08-12 19:24:29 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-08-12 19:23:51 ----D---- C:\Program Files\Windows Media Connect 2
2009-08-12 19:21:39 ----D---- C:\WINDOWS\system32\LogFiles
2009-08-12 15:33:50 ----D---- C:\Program Files\MSECache
2009-08-12 14:47:39 ----D---- C:\Program Files\Jeux de cartes
2009-08-12 13:32:56 ----D---- C:\Program Files\Unlocker
2009-08-12 11:53:33 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\dvdcss
2009-08-12 10:59:31 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-12 09:21:15 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-08-12 09:21:14 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-08-12 09:21:13 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\TuneUp Software
2009-08-12 09:20:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-08-12 09:20:52 ----D---- C:\Program Files\TuneUp Utilities 2008
2009-08-12 09:19:49 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-08-12 08:54:48 ----HDC---- C:\WINDOWS\ie8
2009-08-12 05:47:00 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-08-12 05:47:00 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-08-11 23:41:26 ----D---- C:\WINDOWS\pss
2009-08-11 22:28:28 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Malwarebytes
2009-08-11 22:28:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-11 22:28:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-11 22:26:40 ----D---- C:\Program Files\e-Carte Bleue Banque Populaire
2009-08-11 21:43:11 ----D---- C:\Program Files\BVS Solitaire Collection
2009-08-11 21:28:27 ----D---- C:\Program Files\Microsoft Carioca
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\tabctfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\Rchtxfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\mcifr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\FLXGDFR.DLL
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\cmdlgfr.dll
2009-08-11 21:20:13 ----A---- C:\WINDOWS\system32\cmctlfr.dll
2009-08-11 21:20:12 ----D---- C:\Program Files\FoxTarot4
2009-08-11 21:11:12 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-08-11 20:09:32 ----SHD---- C:\system volume information
2009-08-11 19:09:04 ----D---- C:\Program Files\eMule
2009-08-11 18:54:42 ----D---- C:\Program Files\Neuf
2009-08-11 18:22:36 ----A---- C:\WINDOWS\system32\unicows.dll
2009-08-11 18:22:36 ----A---- C:\WINDOWS\system32\pxc25pm.dll
2009-08-11 18:22:33 ----D---- C:\Program Files\Tracker Software
2009-08-11 18:17:34 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-08-11 18:00:30 ----D---- C:\Program Files\Messenger Plus! Live
2009-08-11 17:54:14 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-11 17:53:29 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-08-11 17:53:23 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-08-11 17:52:21 ----D---- C:\Program Files\Windows Live SkyDrive
2009-08-11 17:51:58 ----D---- C:\Program Files\Windows Live
2009-08-11 17:46:58 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-08-11 16:58:36 ----D---- C:\Program Files\Kaspersky Lab
2009-08-11 16:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-08-11 16:55:55 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-08-11 16:45:32 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\vlc
2009-08-11 16:45:15 ----D---- C:\Program Files\VideoLAN
2009-08-11 15:44:31 ----A---- C:\WINDOWS\ODBC.INI
2009-08-11 14:56:45 ----D---- C:\Documents and Settings\All Users\Application Data\IM
2009-08-11 14:56:13 ----D---- C:\Documents and Settings\All Users\Application Data\IncrediMail
2009-08-11 14:56:12 ----D---- C:\Program Files\IncrediMail
2009-08-11 14:40:55 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\BVS Solitaire Collection
2009-08-11 14:18:00 ----A---- C:\WINDOWS\lexstat.ini
2009-08-11 14:17:45 ----A---- C:\WINDOWS\system32\lxbkvs.dll
2009-08-11 14:17:44 ----A---- C:\WINDOWS\system32\lxbkpwr.dll
2009-08-11 14:17:43 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL
2009-08-11 14:17:42 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL
2009-08-11 14:17:41 ----A---- C:\WINDOWS\system32\LXBKIH.EXE
2009-08-11 14:17:40 ----A---- C:\WINDOWS\system32\LXBKCU.DLL
2009-08-11 14:17:40 ----A---- C:\WINDOWS\system32\lxbkcomm.dll
2009-08-11 14:17:38 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE
2009-08-11 14:17:37 ----A---- C:\WINDOWS\system32\LEXPPS.EXE
2009-08-11 14:17:37 ----A---- C:\WINDOWS\system32\LEXPING.EXE
2009-08-11 14:17:36 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEXBCES.EXE
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEXBCE.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL
2009-08-11 14:17:35 ----A---- C:\WINDOWS\system32\INSTMON.EXE
2009-08-11 14:17:31 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL
2009-08-11 14:17:30 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL
2009-08-11 14:17:18 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2009-08-11 14:17:12 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL
2009-08-11 14:17:12 ----A---- C:\WINDOWS\system32\lxbkscin.dll
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\LXBKGF.DLL
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcoin.ini
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcoin.dll
2009-08-11 14:17:11 ----A---- C:\WINDOWS\system32\lxbkcinf.dll
2009-08-11 14:16:52 ----D---- C:\Program Files\Lexmark X1100 Series
2009-08-11 14:16:52 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL
2009-08-11 14:15:22 ----A---- C:\WINDOWS\unin040c.exe
2009-08-11 14:10:03 ----D---- C:\Program Files\CCleaner
2009-08-11 13:55:50 ----D---- C:\Program Files\VS Revo Group
2009-08-11 13:27:34 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Sun
2009-08-11 13:20:59 ----SHD---- C:\RECYCLER
2009-08-11 13:17:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-08-11 13:17:51 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-08-11 13:16:13 ----D---- C:\Program Files\NOS
2009-08-11 13:16:13 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-08-11 13:14:48 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-08-11 13:13:24 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Adobe
2009-08-11 13:02:25 ----D---- C:\WINDOWS\ie8updates
2009-08-11 12:42:07 ----D---- C:\WINDOWS\WBEM
2009-08-11 12:40:27 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-11 12:38:55 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\services.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-08-11 12:38:33 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-08-11 12:28:18 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-08-11 12:04:38 ----D---- C:\WINDOWS\Prefetch
2009-08-11 11:58:20 ----D---- C:\WINDOWS\system32\fr-fr
2009-08-11 11:58:19 ----D---- C:\WINDOWS\system32\fr
2009-08-11 11:58:19 ----D---- C:\WINDOWS\l2schemas
2009-08-11 11:58:18 ----D---- C:\WINDOWS\system32\bits
2009-08-11 11:56:21 ----D---- C:\WINDOWS\ServicePackFiles
2009-08-11 11:54:19 ----D---- C:\WINDOWS\network diagnostic
2009-08-11 11:36:48 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-08-11 11:36:36 ----D---- C:\WINDOWS\system32\PreInstall
2009-08-11 11:25:36 ----A---- C:\WINDOWS\PowerOption.ini
2009-08-11 11:25:36 ----A---- C:\WINDOWS\PowerOption.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\ERUpdateHidden.EXE
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\CloseProcessWindow.dll
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\ClearEvent.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\CheckD2DSystem.exe
2009-08-11 11:25:07 ----A---- C:\WINDOWS\system32\Acer EULA.txt
2009-08-11 11:24:37 ----D---- C:\WINDOWS\Downloaded Installations
2009-08-11 11:23:23 ----A---- C:\WINDOWS\system32\eRecUtil.dll
2009-08-11 11:23:22 ----A---- C:\WINDOWS\system32\SysMonitor.exe
2009-08-11 11:23:15 ----D---- C:\Acer
2009-08-11 11:20:35 ----A---- C:\WINDOWS\system32\capicom.dll
2009-08-11 11:20:23 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-11 11:19:36 ----A---- C:\WINDOWS\system32\java.exe
2009-08-11 11:19:11 ----D---- C:\Program Files\Java
2009-08-11 11:19:10 ----D---- C:\Program Files\Fichiers communs\Java
2009-08-11 11:18:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Macromedia
2009-08-11 11:18:18 ----D---- C:\Documents and Settings\Liliane et Guy\Application Data\Identities
2009-08-11 11:18:18 ----ASH---- C:\Documents and Settings\Liliane et Guy\Application Data\desktop.ini
2009-08-11 11:18:17 ----SD---- C:\Documents and Settings\Liliane et Guy\Application Data\Microsoft
2009-08-11 11:14:25 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-08-11 11:12:01 ----A---- C:\WINDOWS\system32\hidserv.dll

======List of files/folders modified in the last 1 months======

2009-09-05 12:44:08 ----D---- C:\WINDOWS\temp
2009-09-04 20:11:52 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-04 20:11:50 ----HD---- C:\WINDOWS\inf
2009-09-04 20:11:50 ----AD---- C:\WINDOWS
2009-09-04 20:11:49 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-04 18:22:48 ----D---- C:\WINDOWS\Registration
2009-09-04 18:20:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-04 18:20:45 ----D---- C:\WINDOWS\ime
2009-09-04 18:20:41 ----AD---- C:\WINDOWS\system32
2009-09-03 21:15:12 ----RD---- C:\Program Files
2009-08-30 18:44:41 ----SHD---- C:\WINDOWS\Installer
2009-08-28 16:37:25 ----D---- C:\Documents and Settings
2009-08-28 15:07:09 ----D---- C:\WINDOWS\system32\Restore
2009-08-27 22:41:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-27 22:40:12 ----AD---- C:\WINDOWS\system32\drivers
2009-08-25 09:10:11 ----RSD---- C:\WINDOWS\Fonts
2009-08-25 09:04:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-24 12:04:00 ----D---- C:\Program Files\Fichiers communs
2009-08-24 12:01:30 ----AD---- C:\WINDOWS\system
2009-08-24 11:45:54 ----A---- C:\WINDOWS\vbaddin.ini
2009-08-24 11:41:55 ----D---- C:\WINDOWS\system32\config
2009-08-24 11:41:51 ----D---- C:\WINDOWS\system32\wbem
2009-08-24 11:41:26 ----D---- C:\Program Files\DIFX
2009-08-24 08:40:05 ----A---- C:\WINDOWS\system32\ATHPRXY(2).DLL
2009-08-23 12:05:36 ----D---- C:\WINDOWS\security
2009-08-23 12:03:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-21 07:45:45 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-21 07:45:43 ----RSD---- C:\WINDOWS\assembly
2009-08-21 00:17:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-21 00:17:03 ----D---- C:\WINDOWS\WinSxS
2009-08-21 00:13:51 ----D---- C:\WINDOWS\system32\spool
2009-08-20 20:46:16 ----D---- C:\WINDOWS\system32\DirectX
2009-08-20 17:54:59 ----D---- C:\Program Files\MSN
2009-08-20 17:07:55 ----N---- C:\WINDOWS\win.ini
2009-08-20 16:58:01 ----D---- C:\Program Files\microsoft frontpage
2009-08-20 16:39:58 ----A---- C:\WINDOWS\ODBCINST.INI
2009-08-20 16:39:57 ----D---- C:\WINDOWS\Media
2009-08-20 16:39:55 ----D---- C:\WINDOWS\Help
2009-08-18 23:23:48 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-17 16:02:35 ----D---- C:\Program Files\Fichiers communs\System
2009-08-15 13:30:37 ----RASH---- C:\boot.ini
2009-08-15 13:30:37 ----N---- C:\WINDOWS\system.ini
2009-08-14 12:07:51 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-08-13 09:43:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-12 23:54:33 ----D---- C:\WINDOWS\Debug
2009-08-12 21:13:13 ----AD---- C:\VALUEADD
2009-08-12 19:26:32 ----D---- C:\WINDOWS\ehome
2009-08-12 19:23:50 ----D---- C:\Program Files\Windows Media Player
2009-08-12 13:26:05 ----SD---- C:\WINDOWS\Tasks
2009-08-12 08:58:56 ----D---- C:\Program Files\Internet Explorer
2009-08-12 08:47:57 ----D---- C:\Program Files\Outlook Express
2009-08-12 08:47:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-11 20:10:30 ----D---- C:\drv
2009-08-11 20:08:38 ----RD---- C:\WINDOWS\Web
2009-08-11 20:07:01 ----D---- C:\WINDOWS\system32\URTTemp
2009-08-11 20:06:59 ----D---- C:\WINDOWS\system32\RTCOM
2009-08-11 20:06:59 ----D---- C:\WINDOWS\system32\ras
2009-08-11 20:06:57 ----SD---- C:\WINDOWS\system32\Microsoft
2009-08-11 20:06:57 ----D---- C:\WINDOWS\system32\mui
2009-08-11 20:06:57 ----D---- C:\WINDOWS\system32\MsDtc
2009-08-11 20:06:56 ----D---- C:\WINDOWS\system32\Macromed
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\IME
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\icsxml
2009-08-11 20:06:51 ----D---- C:\WINDOWS\system32\ias
2009-08-11 20:04:46 ----D---- C:\WINDOWS\system32\1036
2009-08-11 20:04:46 ----D---- C:\WINDOWS\system32\1033
2009-08-11 20:04:41 ----D---- C:\WINDOWS\Resources
2009-08-11 20:04:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-08-11 20:04:32 ----D---- C:\WINDOWS\Provisioning
2009-08-11 20:04:24 ----RD---- C:\WINDOWS\Offline Web Pages
2009-08-11 20:04:24 ----D---- C:\WINDOWS\OemDir
2009-08-11 20:04:24 ----D---- C:\WINDOWS\nview
2009-08-11 20:04:03 ----D---- C:\WINDOWS\java
2009-08-11 20:01:19 ----D---- C:\WINDOWS\Driver Cache
2009-08-11 20:01:19 ----D---- C:\WINDOWS\Cursors
2009-08-11 20:01:02 ----HDC---- C:\WINDOWS\$UninstallOCA-X86Fre-ENU$
2009-08-11 20:01:02 ----D---- C:\WINDOWS\addins
2009-08-11 20:01:02 ----D---- C:\WINDOWS\AcerDRV
2009-08-11 19:59:09 ----D---- C:\SYSINFO
2009-08-11 19:59:09 ----D---- C:\Program Files\xerox
2009-08-11 19:59:04 ----D---- C:\Program Files\Windows Plus
2009-08-11 19:58:58 ----D---- C:\Program Files\Services en ligne
2009-08-11 19:58:49 ----D---- C:\Program Files\Realtek
2009-08-11 19:58:48 ----D---- C:\Program Files\Online Services
2009-08-11 19:58:48 ----D---- C:\Program Files\Oca History Tool
2009-08-11 19:58:04 ----D---- C:\Program Files\MSN Gaming Zone
2009-08-11 19:57:52 ----D---- C:\Program Files\GemMasterFrench
2009-08-11 19:57:51 ----D---- C:\Program Files\FrenchOtto
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\Services
2009-08-11 19:57:44 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-08-11 19:57:42 ----D---- C:\Program Files\Fichiers communs\muvee Technologies
2009-08-11 19:57:42 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-08-11 19:57:41 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-08-11 19:57:39 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-08-11 19:57:37 ----D---- C:\Program Files\CyberLink
2009-08-11 19:57:25 ----D---- C:\Program Files\commercial
2009-08-11 19:57:11 ----D---- C:\Program Files\Acer WLAN 11g USB Dongle
2009-08-11 19:57:10 ----AD---- C:\i386
2009-08-11 19:54:22 ----AD---- C:\GUIDE
2009-08-11 19:53:53 ----AD---- C:\dotnetfx
2009-08-11 19:51:44 ----AD---- C:\CMPNENTS
2009-08-11 17:51:45 ----D---- C:\WINDOWS\pchealth
2009-08-11 13:17:51 ----D---- C:\Program Files\Adobe
2009-08-11 12:56:59 ----D---- C:\WINDOWS\AppPatch
2009-08-11 12:30:51 ----D---- C:\Program Files\Messenger
2009-08-11 12:04:18 ----D---- C:\WINDOWS\system32\Setup
2009-08-11 11:58:32 ----D---- C:\WINDOWS\system32\inetsrv
2009-08-11 11:58:20 ----D---- C:\WINDOWS\system32\usmt
2009-08-11 11:58:18 ----D---- C:\WINDOWS\PeerNet
2009-08-11 11:58:18 ----D---- C:\Program Files\Movie Maker
2009-08-11 11:56:11 ----D---- C:\WINDOWS\system32\npp
2009-08-11 11:56:10 ----D---- C:\WINDOWS\msagent
2009-08-11 11:56:09 ----D---- C:\WINDOWS\srchasst
2009-08-11 11:56:07 ----D---- C:\Program Files\NetMeeting
2009-08-11 11:56:06 ----D---- C:\WINDOWS\system32\Com
2009-08-11 11:56:04 ----D---- C:\Program Files\Windows NT
2009-08-11 11:55:45 ----AD---- C:\WINDOWS\system32\oobe
2009-08-11 11:34:58 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-11 11:32:12 ----A---- C:\WINDOWS\alaunch.ini
2009-08-11 11:11:13 ----D---- C:\WINDOWS\repair

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-02-24 66992]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-02-24 24698]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2004-02-24 259200]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-07-03 296976]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-02-24 118409]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2004-02-24 213120]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-02-24 21993]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-05 4284928]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-11 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-12 3934592]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-06-29 244864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-02-24 22745]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-12 155715]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-19 92008]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-12 355584]
S3 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Evasion60
 Posté le 05/09/2009 à 16:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re Lilou89

... Heummm, je ne vois pas grand chose
De plus les derniers rapports sont propres !

Regarde ici :
C:\Windows\Minidump ===> il y a-t-il des fichiers dans ce dossier ?
Merci de me répondre à cette question

... Nous pouvons essayer d'aller plus loin, mais bon
/!\ Ce logiciel très puissant n'est pas à utiliser sans une aide /!\

  • Téléchargez Combofix depuis l'un des liens ci-dessous:

    Lien 1
    Lien 2

    * IMPORTANT !!! Enregistrez ComboFix.exe sur votre Bureau

  • Désactivez vos applications antivirus et anti-spyware, en général via un clic droit sur l'icône de la Zone de notification. Sinon, elles risquent d'interférer avec nos outils
  • Faites un double clic sur combofix.exe & suivez les invites.

  • Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur votre PC avant toute suppression de nuisibles. Elle vous permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de vous aider plus facilement si jamais votre ordinateur rencontre un problème après une tentative de nettoyage.

  • Suivez les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela vous est demandé, acceptez le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.



**Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.




Réduction à 95% de la taille originale [ 536 x 154 ]




Une fois que la Console de récupération Microsoft Windows est installée via ComboFix, vous devriez voir le message suivant:





Cliquez sur Oui/Yes, pour poursuivre avec la recherche de nuisibles.

Lorsque l'outil aura terminé, il vous affichera un rapport. Veuillez copier le contenu de C:\ComboFix.txt dans votre prochaine réponse.

A te lire :
- Réponse pour le dossier " MiniDump
- Rapport de ComboFix

lilou89
 Posté le 05/09/2009 à 17:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Je n'ai pas de dossier MiniDump dans c:\Windows

Je fais la suite

à +

lilou89
 Posté le 05/09/2009 à 17:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Rapport ComboFix

ComboFix 09-09-04.02 - Liliane et Guy 05/09/2009 17:16.1.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2815.2257 [GMT 2:00]
Running from: c:\documents and settings\Liliane et Guy\Bureau\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\desktop
c:\windows\Installer\184a47e.msi
c:\windows\Installer\1935a1b.msp
c:\windows\Installer\1935a30.msp
c:\windows\Installer\1935a4b.msp
c:\windows\Installer\1935a62.msp
c:\windows\Installer\1935a63.msp
c:\windows\Installer\1935a64.msp
c:\windows\Installer\1935a7a.msp
c:\windows\Installer\1935a8f.msp
c:\windows\Installer\1935aab.msp
c:\windows\Installer\1935ac1.msp
c:\windows\Installer\1935ad7.msp
c:\windows\Installer\1935aec.msp
c:\windows\Installer\1935b01.msp
c:\windows\Installer\1935b1b.msp
c:\windows\Installer\1935b30.msp
c:\windows\Installer\1935b47.msp
c:\windows\Installer\1935b5c.msp
c:\windows\Installer\1935b73.msp
c:\windows\Installer\1935b8a.msp
c:\windows\Installer\1935ba0.msp
c:\windows\Installer\1935bb5.msp
c:\windows\Installer\1935bcb.msp
c:\windows\Installer\1935be2.msp
c:\windows\Installer\aa8c29.msp
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000019_.tmp.dll
c:\windows\system32\_000020_.tmp.dll
c:\windows\system32\_000021_.tmp.dll
c:\windows\system32\_000022_.tmp.dll
c:\windows\system32\ATHPRXY(2).DLL
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-08-05 to 2009-09-05 )))))))))))))))))))))))))))))))
.

2009-09-04 18:11 . 2009-09-04 18:35 -------- d-----w- c:\windows\BDOSCAN8
2009-09-04 16:20 . 2009-09-04 16:20 -------- d-----w- C:\_OTM
2009-09-04 14:16 . 2009-09-05 10:48 -------- d-----w- C:\rsit
2009-09-04 06:00 . 2009-09-04 06:00 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-09-03 19:15 . 2009-09-03 19:15 -------- d-----w- c:\program files\ESET
2009-08-31 20:56 . 2009-08-31 20:56 -------- d-----w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\WMTools Downloaded Files
2009-08-30 16:44 . 2009-08-30 16:44 -------- d-----w- c:\program files\ma-config.com
2009-08-30 16:44 . 2009-08-30 16:44 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-08-28 13:56 . 2009-09-01 07:48 -------- d-----r- c:\documents and settings\Liliane et Guy\Mes documents
2009-08-28 13:10 . 2009-08-31 05:18 -------- d-----w- C:\Mes Documents
2009-08-28 13:07 . 2009-08-28 13:07 -------- d-----w- C:\Win Généalogic
2009-08-28 13:07 . 2009-08-28 13:07 -------- d-----w- C:\TomTom
2009-08-28 13:07 . 2009-08-28 13:07 -------- d-----w- C:\Roxio
2009-08-28 13:07 . 2009-08-28 13:07 -------- d-----w- C:\Protectis
2009-08-28 13:07 . 2009-08-28 13:07 -------- d-----w- C:\Mes sites Web
2009-08-28 13:07 . 2009-08-28 13:07 -------- d-----w- C:\CyberLink
2009-08-26 16:57 . 2009-08-26 16:57 -------- d-----w- c:\windows\system32\Adobe
2009-08-24 11:16 . 2001-08-23 15:47 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-08-24 11:16 . 2008-04-14 02:33 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-08-24 10:03 . 2009-08-24 10:04 -------- d-----w- c:\windows\ShellNew
2009-08-24 09:41 . 2009-08-24 09:41 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-23 13:04 . 2009-08-23 13:05 -------- d-----w- c:\windows\ShellNew(2)
2009-08-23 10:05 . 2009-08-23 10:06 12 ----a-w- c:\windows\bthservsdp.dat
2009-08-23 10:03 . 2009-08-23 10:03 -------- d-----w- c:\program files\IVT Corporation
2009-08-23 10:03 . 2009-08-24 09:41 -------- d-----w- c:\program files\PC Connectivity Solution
2009-08-23 10:03 . 2009-08-23 10:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-08-21 21:05 . 2009-08-21 21:05 -------- d-----w- c:\program files\Secunia
2009-08-20 22:14 . 2009-08-20 22:14 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-20 22:14 . 2009-08-20 22:14 -------- d-----w- c:\program files\MSBuild
2009-08-20 22:14 . 2009-08-20 22:14 -------- d-----w- c:\program files\Reference Assemblies
2009-08-20 22:13 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-20 22:13 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-20 22:13 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-20 22:13 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-20 22:13 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-20 22:13 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-20 22:13 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-20 18:58 . 2009-08-20 18:58 188416 ----a-w- C:\A-Patch143b3_WLM9.exe
2009-08-20 18:44 . 2009-08-20 18:44 -------- d-----w- c:\program files\Microsoft
2009-08-20 16:10 . 2009-08-20 16:12 -------- d-----w- c:\program files\Microsoft Works
2009-08-20 15:55 . 2009-08-24 10:13 -------- d-----w- c:\documents and settings\All Users\Bureau
2009-08-20 14:58 . 2009-08-20 14:58 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\Microsoft Web Folders
2009-08-18 21:40 . 2009-08-18 21:40 -------- d-----w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\Roxio
2009-08-18 21:35 . 2009-08-18 21:36 -------- d-----w- c:\program files\Roxio
2009-08-18 21:34 . 2009-08-18 21:36 -------- d-----w- c:\program files\Fichiers communs\Roxio Shared
2009-08-17 18:26 . 2009-08-17 18:26 -------- d-----w- c:\windows\Sun
2009-08-17 11:47 . 2009-08-17 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-08-17 10:00 . 2009-08-17 10:00 -------- d-----w- c:\program files\Trend Micro
2009-08-16 07:38 . 2009-08-16 07:38 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2009-08-16 07:35 . 2009-08-16 07:35 -------- d-----w- c:\program files\TomTom International B.V
2009-08-16 07:35 . 2009-08-16 07:35 -------- d-----w- c:\program files\TomTom HOME 2
2009-08-16 07:10 . 2009-08-16 07:10 -------- d-----w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\TomTom
2009-08-16 07:10 . 2009-08-16 07:10 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\TomTom
2009-08-15 08:10 . 2007-12-24 15:37 138384 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-08-15 07:37 . 2009-08-15 10:09 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\HouseCall 6.6
2009-08-15 07:37 . 2009-08-31 21:30 -------- d-----w- c:\windows\system32\HouseCall 6.6
2009-08-15 05:44 . 2009-08-15 05:46 -------- d-----w- c:\program files\PhotoFiltre Studio
2009-08-14 21:22 . 2009-08-14 21:22 -------- d-----w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\Help
2009-08-14 21:21 . 2009-08-14 21:22 -------- d-----w- c:\program files\TClockEx
2009-08-14 18:52 . 2009-08-14 18:52 -------- d-sh--w- c:\documents and settings\Liliane et Guy\IECompatCache
2009-08-14 12:09 . 2009-08-14 12:09 -------- d-----w- c:\program files\Defraggler
2009-08-14 10:07 . 2006-07-14 05:33 9984 ----a-w- c:\windows\system32\drivers\gMouUsb.sys
2009-08-14 10:07 . 2006-07-12 02:48 17408 ----a-w- c:\windows\system32\drivers\gMouPS2.sys
2009-08-14 10:07 . 2006-07-14 05:30 14848 ----a-w- c:\windows\system32\drivers\gHidPnp.sys
2009-08-14 10:05 . 2009-08-14 10:05 -------- d-----w- C:\Genius
2009-08-14 10:05 . 2009-08-14 10:05 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\InstallShield
2009-08-13 20:25 . 2009-08-13 20:25 -------- d-----w- c:\documents and settings\All Users\Application Data\NtiDvdCopy
2009-08-13 13:27 . 2009-08-26 17:47 318 ----a-w- c:\windows\system32\IWNGFME.DRV
2009-08-13 13:24 . 2009-08-31 18:38 318 ----a-w- c:\windows\system32\IWNGFMF.DRV
2009-08-13 13:18 . 1998-04-20 22:00 88848 ----a-w- c:\windows\system32\GAPI32.dll
2009-08-13 13:18 . 2001-08-09 20:53 1046288 ----a-w- c:\windows\system32\msjet35.dll
2009-08-13 13:18 . 2001-08-09 21:01 252176 ----a-w- c:\windows\system32\Msrd2x35.dll
2009-08-13 13:18 . 2001-08-09 20:50 24848 ----a-w- c:\windows\system32\MSJTER35.DLL
2009-08-13 13:18 . 2001-08-09 20:50 123664 ----a-w- c:\windows\system32\MSJINT35.DLL
2009-08-13 13:18 . 2001-08-09 19:54 415504 ----a-w- c:\windows\system32\msrepl35.dll
2009-08-13 13:18 . 2000-01-11 14:20 368912 ----a-w- c:\windows\system32\vbar332.dll
2009-08-13 10:53 . 2009-08-13 10:53 -------- d-----w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\Microsoft Help
2009-08-13 09:14 . 2009-08-20 12:36 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-13 09:04 . 2009-08-13 09:04 -------- d-----w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\PCHealth
2009-08-13 07:48 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-08-13 07:39 . 2009-08-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-08-12 17:23 . 2009-08-13 16:40 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-12 17:21 . 2009-09-03 15:20 -------- d-----w- c:\windows\system32\LogFiles
2009-08-12 17:21 . 2009-08-12 17:22 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-08-12 13:33 . 2009-08-12 13:33 -------- d-----w- c:\program files\MSECache
2009-08-12 12:47 . 2009-08-12 12:47 -------- d-----w- c:\program files\Jeux de cartes
2009-08-12 11:32 . 2009-08-14 12:05 -------- d-----w- c:\program files\Unlocker
2009-08-12 09:53 . 2009-09-01 12:18 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\dvdcss
2009-08-12 08:59 . 2009-07-25 03:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-12 07:21 . 2008-05-29 07:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-12 07:21 . 2009-08-12 07:21 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-12 07:21 . 2009-08-12 07:21 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\TuneUp Software
2009-08-12 07:20 . 2009-08-12 07:20 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-08-12 07:20 . 2009-08-27 11:32 -------- d-----w- c:\program files\TuneUp Utilities 2008
2009-08-12 07:19 . 2009-08-12 07:19 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-08-12 06:54 . 2009-08-12 06:56 -------- dc-h--w- c:\windows\ie8
2009-08-12 03:53 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-12 03:47 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-08-11 20:28 . 2009-08-11 20:28 -------- d-----w- c:\documents and settings\Liliane et Guy\Application Data\Malwarebytes
2009-08-11 20:28 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-11 20:28 . 2009-08-11 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-11 20:28 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-11 20:28 . 2009-08-11 20:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-11 20:26 . 2009-08-11 20:26 -------- d-----w- c:\program files\e-Carte Bleue Banque Populaire
2009-08-11 19:43 . 2009-08-11 19:43 -------- d-----w- c:\program files\BVS Solitaire Collection
2009-08-11 19:28 . 2009-08-11 19:28 -------- d-----w- c:\program files\Microsoft Carioca
2009-08-11 19:20 . 2000-07-14 22:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2009-08-11 19:20 . 1998-07-12 22:00 89600 ----a-w- c:\windows\system32\cmctlfr.dll
2009-08-11 19:20 . 1998-07-12 22:00 40960 ----a-w- c:\windows\system32\FLXGDFR.DLL
2009-08-11 19:20 . 1998-07-12 22:00 34304 ----a-w- c:\windows\system32\Rchtxfr.dll
2009-08-11 19:20 . 1998-07-12 22:00 32768 ----a-w- c:\windows\system32\mcifr.dll
2009-08-11 19:20 . 1998-07-12 22:00 32768 ----a-w- c:\windows\system32\cmdlgfr.dll
2009-08-11 19:20 . 1998-07-12 22:00 21504 ----a-w- c:\windows\system32\tabctfr.dll
2009-08-11 19:20 . 2009-09-05 09:11 -------- d-----w- c:\program files\FoxTarot4
2009-08-11 19:11 . 2009-08-11 19:11 131584 ----a-w- c:\windows\system32\SpoonUninstall.exe
2009-08-11 17:09 . 2009-08-11 17:12 -------- d-----w- c:\program files\eMule
2009-08-11 16:54 . 2009-08-11 16:54 -------- d-----w- c:\program files\Neuf
2009-08-11 16:22 . 2006-01-30 07:32 5632 ----a-w- c:\windows\system32\pxc25pm.dll
2009-08-11 16:22 . 2004-12-07 05:11 258352 ----a-w- c:\windows\system32\unicows.dll
2009-08-11 16:22 . 2009-08-11 16:22 -------- d-----w- c:\program files\Tracker Software
2009-08-11 16:17 . 2009-08-11 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-08-11 16:00 . 2009-08-11 16:00 -------- d-----w- c:\program files\Messenger Plus! Live
2009-08-11 15:54 . 2009-09-05 05:24 -------- d-----w- c:\documents and settings\Liliane et Guy\Tracing
2009-08-11 15:54 . 2009-08-11 16:38 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-11 15:54 . 2009-08-05 20:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-31 18:38 . 2009-08-26 17:57 -------- d-----w- c:\program files\Win Généalogic
2009-08-24 09:41 . 2006-08-11 17:54 -------- d-----w- c:\program files\DIFX
2009-08-23 09:49 . 2006-08-11 17:43 86862 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-23 09:49 . 2006-08-11 17:43 515380 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-20 14:58 . 2006-08-11 17:29 -------- d-----w- c:\program files\microsoft frontpage
2009-08-20 11:56 . 2009-08-11 09:19 -------- d-----w- c:\program files\Java
2009-08-18 21:23 . 2006-08-11 17:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-11 17:59 . 2006-08-11 17:27 -------- d-----w- c:\program files\Windows Plus
2009-08-11 17:58 . 2006-08-11 17:28 -------- d-----w- c:\program files\Services en ligne
2009-08-11 17:58 . 2006-08-11 17:40 -------- d-----w- c:\program files\Realtek
2009-08-11 17:58 . 2006-08-11 17:36 -------- d-----w- c:\program files\Oca History Tool
2009-08-11 17:57 . 2006-08-11 17:45 -------- d-----w- c:\program files\GemMasterFrench
2009-08-11 17:57 . 2006-08-11 17:45 -------- d-----w- c:\program files\FrenchOtto
2009-08-11 17:57 . 2006-08-11 17:52 -------- d-----w- c:\program files\Fichiers communs\muvee Technologies
2009-08-11 17:57 . 2006-08-11 17:53 -------- d-----w- c:\program files\Fichiers communs\LightScribe
2009-08-11 17:57 . 2006-08-11 17:53 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-08-11 17:57 . 2006-08-11 17:53 -------- d-----w- c:\program files\CyberLink
2009-08-11 17:57 . 2006-08-11 17:54 -------- d-----w- c:\program files\commercial
2009-08-11 17:57 . 2006-08-11 17:54 -------- d-----w- c:\program files\Acer WLAN 11g USB Dongle
2009-08-11 12:29 . 2009-08-11 09:20 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-08-11 09:23 . 2009-08-11 09:18 137 ----a-w- c:\documents and settings\Liliane et Guy\Local Settings\Application Data\fusioncache.dat
2009-08-11 09:19 . 2009-08-11 09:19 -------- d-----w- c:\program files\Fichiers communs\Java
2009-08-05 09:00 . 2004-08-10 20:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:35 . 2005-10-17 21:21 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:35 . 2005-10-17 21:21 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:03 . 2004-08-10 20:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2004-08-10 20:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 11:01 . 2009-07-10 11:01 307560 ----a-w- c:\windows\WLXPGSS.SCR
2009-07-03 16:57 . 2006-03-04 04:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-03 13:48 . 2009-07-03 13:48 219664 ----a-w- c:\windows\system32\klogon.dll
2009-07-03 13:45 . 2009-07-03 13:45 27507 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-06-25 08:26 . 2004-08-10 20:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:26 . 2004-08-10 20:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:26 . 2004-08-10 20:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:26 . 2004-08-10 20:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:26 . 2005-06-15 17:50 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2004-08-10 20:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-17 12:20 . 2009-06-17 12:20 12648 ----a-w- c:\windows\system32\drivers\psi_mf.sys
2009-06-15 12:01 . 2009-06-15 12:01 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-06-15 10:44 . 2005-05-11 02:30 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2004-08-10 20:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:14 . 2004-08-10 20:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2004-08-10 20:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:15 . 2004-08-10 20:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-08-10 251264]
"TClockEx"="c:\program files\TClockEx\TCLOCKEX.EXE" [2000-03-08 89088]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-11 7626752]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]

c:\documents and settings\Liliane et Guy\Menu D‚marrer\Programmes\D‚marrage\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-6-24 803176]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Rappels du Calendrier Microsoft Works.lnk - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe [1999-8-6 53317]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\J:\0autocheck autochk *

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2008\MemOptimizer.exe" autostart

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 20:41 33808]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/08/2009 17:54 54752]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19/08/2009 17:37 92008]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [14/08/2009 12:07 14848]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [14/08/2009 12:07 9984]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 17:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 20:59 19472]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17/06/2009 14:20 12648]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 22:48 704864]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [11/08/2009 13:16 66056]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [14/08/2009 12:07 17408]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-27 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 07:23]

2009-08-24 c:\windows\Tasks\User_Feed_Synchronization-{8E376F74-ED74-486C-A622-A632F060699B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.neuf.fr/
IE: &Add animation to IncrediMail Style Box - c:\program files\IncrediMail\bin\resources\WebMenuImg.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-05 17:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-702287433-1364635003-2594015723-1005\Software\Local AppWizard-Generated Applications\Launch Tool]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{2A9FC36D-364D-4234-8C61-89B815492E9C}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{7C5EBF0C-8131-4EAC-AD82-E3A6F3C400BC}"
"Version"="7.0.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6EE4DCBB-CE99-4994-A12A-242CEBDD691C}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{5C86D070-39E8-49FE-8C38-47C5310CA31C}"
"Version"="3.0.1"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{877883EB-56B2-4736-815E-1BA97B44D3E5}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{8F30F65E-8F14-4998-AD87-4663FE04CEFD}"
"Version"="4.0.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{8C822816-06E7-4b2d-967B-7611B2AC9CC7}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{C75F515D-6EF2-4A31-A5FD-16012BBF0F98}"
"Version"="1.0.0"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{A698C8BC-E677-4030-8676-18FF0095C239}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{02E06638-7360-4215-A77C-1BBACF387B0B}"
"Version"="3.0.8"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F1DE3ED8-CC96-43BD-892A-50BAD28051CE}\ProxyStubClsid]
@DACL=(02 0000)
@SACL=
@="{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F1DE3ED8-CC96-43BD-892A-50BAD28051CE}\ProxyStubClsid32]
@DACL=(02 0000)
@SACL=
@="{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{F1DE3ED8-CC96-43BD-892A-50BAD28051CE}\TypeLib]
@DACL=(02 0000)
@SACL=
@="{4E46C120-B180-4181-ABB1-97A4492241BB}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\6.0]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\BuildInfo]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD060407-06"
"Setup"="060324"
"RC"="051226_Acer"
"Help"="050527_Acer"
"Readme"="050630(GM)"
"Skin"="ACER_050518"
"OlReg"="051122v2"
"RegRC"="050810v2 TrialDialog"
"Ver"="6.00.1530"
"Utility"="1102"
"UI"="1530h_Acer"
"UI98"="1530h_Acer"
"DShow"="2730_Acer"
"AVSetting"="3428"
"CPXM"="2207"
"Other"="1215"
"CL264"="-"
"Pou"="1423"
"TrialDialog"="-"

[HKEY_LOCAL_MACHINE\software\CyberLink\PowerDVD\UserReg]
@DACL=(02 0000)
@SACL=
"SR_No"="DVD060407-06"
"Prod_Name"="PowerDVD"
"Prod_Ver"="6.0"
"CustomerNO"="3612"
"Hardware"="Desktop PC"
"Channel"="OEM"
"RegVType"="OEM 2CH"

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Media Center 2005\SP4\KB900325\File 1]
@DACL=(02 0000)
@SACL=
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Media Center 2005\SP4\KB900325\Filelist]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Step By Step Interactive Training\SP2\KB898458\Filelist]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows Media Player\SP0\KB911564\Filelist]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows Media Player 10\SP0\KB903157\Filelist]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows Media Player 10\SP0\KB911565\Filelist]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Updates\Windows XP\SP3\KB888111WXPSP2\Filelist]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\muvee Technologies\030625]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\muvee Technologies\muvee SDK - NTI_5]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\NewTech Infosystems\NTI CD-MakerV7\OEMUrl]
@DACL=(02 0000)
@SACL=
"Home"="http://global.acer.com"

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\MediaCenterTray]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NvCplApi]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NvCplApi\Defaults]
@DACL=(02 0000)
"FlatPanelScaling"=dword:00000001

[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\nView]
@DACL=(02 0000)
@SACL=
"InitProfile"="default.tvp"

[HKEY_LOCAL_MACHINE\software\Realtek Semiconductor Corp.\Realtek High Definition Audio Driver]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2800)
c:\program files\IncrediMail\bin\B4ImApp.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\pchealth\helpctr\binaries\helpsvc.exe
c:\windows\system32\dllhost.exe
c:\program files\IncrediMail\bin\ImApp.exe
.
**************************************************************************
.
Completion time: 2009-09-05 17:26 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-05 15:26

Pre-Run: 62 821 498 880 octets libres
Post-Run: 62 813 659 136 octets libres

493 --- E O F --- 2009-08-24 09:44

Evasion60
 Posté le 05/09/2009 à 18:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re Lilou89

... Heumm, je vois pas grand chose , mise à part ce qui a été supprimé avec ComboFix !

Ok, pour le dossier MiniDump vide

Nettoyage des outils utilisés pour la désinfection; inutile de les garder sur le PC, puisque constamment mis à jour.

* Ferme toutes les applications en cours, puis télécharge ToolsCleaner (de A.Rothstein et Dj Quiou) sur ton Bureau :

  • Double clique sur ToolsCleaner2.exe -> clique sur -> Recherche et laisse le scan se terminer.
  • Clique sur -> Suppression pour finaliser
  • Clique sur -> Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
  • Note : ton bureau va disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :
    • Ctrl+Alt+Supp pour ouvrir le Gestionnaire des tâches.
    • Puis rends toi à l'onglet "Processus", clique en haut à gauche sur "Fichiers" et choisis "Exécuter"
    • Tape : explorer.exe et valide. Cela fera ré-apparaître ton Bureau.

.
**
Tu peux par contre, garder Malwarebytes'Anti-malware et CCleaner. Utilise CCleaner tous les soirs avant de couper le PC (ne prends que quelques secondes!)

.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
.

Vaccination des clés USB, disques durs externes, etc.

Cela permet d'éviter un certain nombre d'infections utilisant ce moyen pour se propager.

Tu peux lire cet article et télécharger l'application pour vacciner tes supports USB . Il faut placer le vaccin sur le support et exécuter le programme.
.

Bonne réception, et à te lire

lilou89
 Posté le 05/09/2009 à 18:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Re evasion60

Toutes les manip que tu m'as fait faire mon DD externe était branché. Donc il faut que je vaccine quand même ? par contre quand je clique sur ton "la" pour vacciner KIS se manifeste et me mets cela:

L'URL demandée ne peut être affichée

L'objet sollicité à l'adresse URL :

http://pagesperso-orange.fr/-Gof/DL/
VaccinUSB.exe

Contient une menace :

l'objet est infecté par Trojan-Dropper.Win32.Agent.aott

Pour le dossier MiniDump ce n'est pas qu'il est vide! je n'ai pas du tout ce dossier;

Donc je fais ToolsCleaner .

Pour RSIT OTM et ComboFix je clique droit et je supprime? c'est tout ?

Evasion60
 Posté le 05/09/2009 à 18:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

lilou89 a écrit :

Toutes les manip que tu m'as fait faire mon DD externe était branché. Donc il faut que je vaccine quand même ? par contre quand je clique sur ton "la" pour vacciner KIS se manifeste et me mets cela: désactive temporairement tes protections résidentes y compris Kaspersky /// Pour passer l'outil proposé

Pour le dossier MiniDump ce n'est pas qu'il est vide! je n'ai pas du tout ce dossier;

Donc je fais ToolsCleaner .

Pour RSIT OTM et ComboFix je clique droit et je supprime? c'est tout ? Non, ToolsCleaner va s'en occuper

Re Lilou

... regarde ci dessus mes notations en rouge
Tu gardes MalwareBytes et CCleaner ===> OK

... Ensuite tu arrêtes/ redémarres la machine, tu me dis comment cela se passe

Bon appétit, et à tout à l'heure

Publicité
lilou89
 Posté le 05/09/2009 à 19:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

05/09/2009 - 19:11:57,90 - Vaccin USB - Gof Lecteur détectés : Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est 8013-3180 Le volume dans le lecteur D s'appelle ACERDATA Le numéro de série du volume est C3FF-9000 Le volume dans le lecteur J s'appelle VERBATIM Le numéro de série du volume est 16E2-0F25 Répertoires et fichiers vaccins : c:\autorun.inf - Vaccin Ok c:\adober.exe - Vaccin Ok c:\copy.exe - Vaccin Ok c:\comment.htt - Vaccin Ok c:\host.exe - Vaccin Ok c:\info.exe - Vaccin Ok c:\msvcr71.dll - Vaccin Ok c:\ravmon.exe - Vaccin Ok c:\ravmon.log - Vaccin Ok c:\sqlserv.exe - Vaccin Ok c:\start.exe - Vaccin Ok c:\temp.exe - Vaccin Ok c:\temp1.exe - Vaccin Ok c:\temp2.exe - Vaccin Ok c:\winfile.exe - Vaccin Ok c:\ntdelect.com - Vaccin Ok d:\autorun.inf - Vaccin Ok d:\adober.exe - Vaccin Ok d:\copy.exe - Vaccin Ok d:\comment.htt - Vaccin Ok d:\host.exe - Vaccin Ok d:\info.exe - Vaccin Ok d:\msvcr71.dll - Vaccin Ok d:\ravmon.exe - Vaccin Ok d:\ravmon.log - Vaccin Ok d:\sqlserv.exe - Vaccin Ok d:\start.exe - Vaccin Ok d:\temp.exe - Vaccin Ok d:\temp1.exe - Vaccin Ok d:\temp2.exe - Vaccin Ok d:\winfile.exe - Vaccin Ok d:\ntdelect.com - Vaccin Ok j:\autorun.inf - Vaccin Ok j:\adober.exe - Vaccin Ok j:\copy.exe - Vaccin Ok j:\comment.htt - Vaccin Ok j:\host.exe - Vaccin Ok j:\info.exe - Vaccin Ok j:\msvcr71.dll - Vaccin Ok j:\ravmon.exe - Vaccin Ok j:\ravmon.log - Vaccin Ok j:\sqlserv.exe - Vaccin Ok j:\start.exe - Vaccin Ok j:\temp.exe - Vaccin Ok j:\temp1.exe - Vaccin Ok j:\temp2.exe - Vaccin Ok j:\winfile.exe - Vaccin Ok j:\ntdelect.com - Vaccin Ok Examen fonctions Autorun BDR : ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer HonorAutoRunSetting REG_DWORD 0x1 NoDriveTypeAutoRun REG_DWORD 0x143 NoDriveAutoRun REG_DWORD 0x3ffffff NoDrives REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run 05/09/2009 - 19:12:02,04 : Fin.
lilou89
 Posté le 05/09/2009 à 19:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voila le rapport de TCleaner

aaa[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Bon appétit à toi aussi

Je vais redémarrer et te mets au courant

à+

lilou89
 Posté le 05/09/2009 à 19:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Re Coucou

Je viens de redémarrer, déja il est long au démarrage et ensuite ma barre de menu est toujours avec un fond noir!

Je ne sais plus quoi faire.

Et la dessus KIS qui n'arrête pas de travailler et qui me fait ramer.

Bon je vais manger, tu me diras ce que tu en penses.

Merci déjà de m'avoir fait faire toutes ces manips, car on sait déjà qu'il n'y a pas d'infection!!!

Evasion60
 Posté le 06/09/2009 à 11:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour Lilou89

.... Cette barre de menu reste noire, ou elle change des fois ?
C'est la barre de menu de quelle application ? ( IE, FireFox )

C'est vrai que cela n'est pas virale

... Si tu ouvres une autre application, tu as la même chose ?

Bon dimanche, et à te lire

N.B :
- KIS 2010 ===> C'est vrai qu'il est lourd à gérer



Modifié par Evasion60 le 06/09/2009 11:18
lilou89
 Posté le 06/09/2009 à 11:27 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonjour evasion60

Surprise ce matin en ouvrant le PC, pas de feêtre noire !!!

C'était la barre de menu en haut de l'écran avec IE, et c'était toutes les applications.

Hier soir avant de fermer, j'ai nettoyé avec CCleaner et ce matin (un peu long à s'ouvrir quand même mais pas ce fond noir dans la barre de menu.

En effet KIS 2010 m'enquiquine , quand il travaille,il y a une petite boule orange qui clignote et la, je ne peux plus rien faire ça bloque, il faut que j'attende que ce soit fini pour naviguer! et ça le fait plusieurs fois dans la journée! il y a peut être une configuration à faire pour éviter ça, mais je n'ai rien trouvé sur Google.

Merci de m'avoir aidé , si tu as des idées sur KIS 2010 ou alors je change d'anti_virus! il me reste 72 jours.

Bon dimanche

Evasion60
 Posté le 06/09/2009 à 11:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re Lilou

... Je viens de reprendre ce matin, ton log RSIT d'hier ===> Je suis le roi des ânes, je ne l'avais pas vu hier
Tu as deux antivirus dans ta machine :
- KIS 2010
- HouseCall de Trend Micro, qui est pas désinstallé à fond

... Tu peux regarder dans " ajout/suppression de programmes "

A te lire

lilou89
 Posté le 06/09/2009 à 12:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Re evasion60

Oui, effectivement dans "ajout/suppression" j'ai HouseCall 6.6;

J'ai Revo Uninstaller pour le désinstaller.

J'attend ton avis.

Bon appétit.

PS tu me diras ce que je fais de ToolsCleaner qui est toujours sur le bureau!

Non, tu n'es pas un âne ! je vous admire tous de dépanner tant de gens en informatique, et ça peut arriver de passer à côté de quelque chose! (personne n'est infaillible)

A +

Evasion60
 Posté le 06/09/2009 à 12:47 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

lilou89 a écrit :

Re evasion60

Oui, effectivement dans "ajout/suppression" j'ai HouseCall 6.6; // essaie déjà par là " ajout/suppression "

J'ai Revo Uninstaller pour le désinstaller.

J'attend ton avis. // Si cela ne fonctionne pas oui en dernier

Re, cet après midi je suis absent, mais reviens ensuite

B.R. // A un peu plus tard

Evasion60
 Posté le 06/09/2009 à 17:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Hello Lilou

... tu en es ou avec la désinstallation de Trend Micro ?

B.R. /

Publicité
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
Comportement logiciel bizarre de la souris
Pc portable comportement bizarre,rapportZHPDiag
pc au comportement bizarre
PC à comportement bizarre suite à une installation d'émulation manette
Comportement bizarre de mon pc
pc portable comportement bizarre
Comportement Bizarre
Comportement bizarre de mon PC
Comportement bizarre
comportement bizarre de l'ordinateur
Plus de sujets relatifs à Comportement bizarre de mon PC
 > Tous les forums > Forum Sécurité