> Tous les forums > Forum Windows XP
 Mon PC redemarre tout seul
Ajouter un message à la discussion
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]
princekof
  Posté le 03/12/2009 @ 08:53 
Aller en bas de la page 
Petit astucien

Bonjour à tous les Astuciens

Mon Pc a recommencé par faire des siennes. Il se plante et quelque fois redemarre.

Mon anti virus (Microsoft Security Essential) ne trouve rien.

Malwares Anti Malwares aussi me dit qu'il n'y a pas d'infections

Je nettoie tous les soirs avec CCleaner.

J'ai fais une défragmentation des disques durs.

J'ai fais toutes mes mises à jour.

Mon problème n'est pas résolu.

Alors j'ai installé hier SUPERAntiSpyware voici son résultat après scan:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/02/2009 at 08:29 PM

Application Version : 4.31.1000

Core Rules Database Version : 4304
Trace Rules Database Version: 1978

Scan type : Complete Scan
Total Scan Time : 02:23:15

Memory items scanned : 681
Memory threats detected : 0
Registry items scanned : 16254
Registry threats detected : 0
File items scanned : 26990
File threats detected : 3

Adware.Tracking Cookie
C:\Documents and Settings\Léo\Cookies\léo@atdmt[2].txt

Trojan.SVCHost/Fake
C:\DOCUMENTS AND SETTINGS\LéO\APPLICATION DATA\THINSTALL\MICROSOFT OFFICE PROFESSIONAL EDITION 2003\1000000600002I\SVCHOST.EXE

Trojan.Agent/Gen-PennyStockChaser
D:\SYSTEM VOLUME INFORMATION\_RESTORE{FE9DB679-8B9F-4569-9471-BFCEFDF23881}\RP103\A0052424.EXE

Mon système

Windows XP Media center Edition Version 2002

SP3

Acer Intel(R) Core(TM)2CPU

T5200@ 1.60GHZ

1.60GHZ, 1.00 Go de RAM


Publicité
philae
 Posté le 03/12/2009 à 10:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

pour y voir plus clair, j'aimerais que tu fasses ceci :

Télécharge random's system information tool (RSIT) par random/random
TUTO

et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSITle téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
princekof
 Posté le 04/12/2009 à 12:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour

info.txt logfile of random's system information tool 1.06 2009-12-03 18:27:46

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer eDataSecurity Management 1.00.26-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
Acer eLock Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
Acer Empowering Technology framework-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePerformance Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer ePresentation Management-->C:\WINDOWS\UnInst32.exe AcerePrj.UNI
Acer eSettings Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
Adobe Acrobat 6.0.1 Professional-->MsiExec.exe /I{AC76BA86-1033-0000-7760-000000000001}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Acrobat and Reader 6.0.6 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000606}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Atmosphere Player for Acrobat and Adobe Reader-->C:\WINDOWS\atmoUn.exe
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\e21d2df5563f0bf421cf2cc5ec26c42\Setup.exe
Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Setup-->MsiExec.exe /I{CE67DBBB-2ED0-4F35-B482-0CFE4CFC1570}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
ArcGIS Crystal Report Wizard-->MsiExec.exe /I{15FB6880-728F-4DF6-BEBB-046302A8E25A}
ArcGIS Desktop VBA Developer Resources-->MsiExec.exe /I{34779D41-898A-43A2-8A1E-FD15DCD2166D}
ArcGIS Desktop-->"C:\Program Files\ArcGIS\Support\Setup.exe"
ArcGIS Tutorial Data-->MsiExec.exe /I{41B76534-B3C2-4FCF-B171-5291A3561051}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AutoCAD 2008 - Français-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-040C-0002-0060B0CE6BBA} /M ACAD
AutoCAD Express Tools Volumes 1-9-->MsiExec.exe /X{5783F2D7-0211-0409-0000-0060B0CE6BBA}
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
Autodesk Express Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
Bank 4.8-->C:\Program Files\Bank\uninst.exe
Canvas 6-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canvas 6\Uninst.isu"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
ChronoMap-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22E29C20-4ACB-11D5-8A86-0080C8D48B69}\setup.exe" -uninst
ChronoVia-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15193176-4ADA-11D5-8A86-0080C8D48B69}\setup.exe" -uninst
ConTEXT-->"C:\Program Files\ConTEXT\unins000.exe"
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
ECW Compressor 2.2-->C:\WINDOWS\IsUninst.exe -f"c:\program files\er mapper1\uninstNT.isu"
Filzip 3.06-->"C:\Program Files\Filzip\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.33\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{3A05B900-A3E7-11DE-A9B7-005056806466}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F\HXFSETUP.EXE -U -IWstAzlK.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java DB 10.2.2.0-->MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852}
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016F0}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Development Kit 6 Update 3-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160030}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Khi3 - Universal Scientific Calculator-->MsiExec.exe /I{86830DEC-C5E5-43AC-B5ED-2680D5C04BCF}
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MapImagery-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\MapImagery\Uninst.isu"
MapInfo Line Style Editor 2.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MapInfo\MapInfo Line Style Editor 2.0\MILine24.isu"
MapInfo Professional 7.8-->MsiExec.exe /I{CD9B92AD-F5F8-4C4D-9341-4D9B1BD5A8C0}
MapInfo Professional(r) - Jeu de données-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\MapInfo\donnees\MapInfodata65.isu"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
Micro Application - MediaDICO 12-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\12 DICOS Indispensables\Uninst.isu"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970483)-->"C:\WINDOWS\$NtUninstallKB970483$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
NTI Backup NOW! 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Philcarto 5.01-->"C:\Program Files\Philcarto\uninstall.exe"
Phildigit-->"C:\Program Files\Phildigit\uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.EXE" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Python 2.5 numpy-1.0.3-->C:\PYTHON25\\UNWISE.EXE C:\PYTHON25\\Lib\site-packages\INSTALL.LOG
Python 2.5.1-->C:\PYTHON25\\UNWISE.EXE C:\PYTHON25\\INSTALL.LOG
Python 2.6.1-->MsiExec.exe /I{9CC89170-000B-457D-91F1-53691F85B223}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
ShapeSelect 1.01-->"C:\Program Files\ShapeSelect\uninstall.exe"
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
xPhil-->MsiExec.exe /I{2E3BE9EE-F4B0-4A38-B1C8-BC2F52818865}
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\YAHOO!\common\unyt.exe

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: SUPERADA
Event Code: 1007
Message: Microsoft Antimalware a pris des mesures pour protéger cet ordinateur des logiciels espions et autres logiciels potentiellement indésirables.

Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Mabezat.B&threatid=2147598035

Utilisateur : SUPERADA\Léo

Nom : Virus:Win32/Mabezat.B

ID : 2147598035

Gravité : Grave

Catégorie : Virus

Action : Supprimer

État : Opération réussie.

Version de la signature : AV: 1.69.881.0, AS: 1.69.881.0

Version du moteur : 1.1.5202.0

Record Number: 6878
Source Name: Microsoft Antimalware
Time Written: 20091112221048.000000+060
Event Type: Informations
User:

Computer Name: SUPERADA
Event Code: 1007
Message: Microsoft Antimalware a pris des mesures pour protéger cet ordinateur des logiciels espions et autres logiciels potentiellement indésirables.

Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Mabezat.B&threatid=2147598035

Utilisateur : SUPERADA\Léo

Nom : Virus:Win32/Mabezat.B

ID : 2147598035

Gravité : Grave

Catégorie : Virus

Action : Supprimer

État : Opération réussie.

Version de la signature : AV: 1.69.881.0, AS: 1.69.881.0

Version du moteur : 1.1.5202.0

Record Number: 6877
Source Name: Microsoft Antimalware
Time Written: 20091112221048.000000+060
Event Type: Informations
User:

Computer Name: SUPERADA
Event Code: 1007
Message: Microsoft Antimalware a pris des mesures pour protéger cet ordinateur des logiciels espions et autres logiciels potentiellement indésirables.

Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Mabezat.B&threatid=2147598035

Utilisateur : SUPERADA\Léo

Nom : Virus:Win32/Mabezat.B

ID : 2147598035

Gravité : Grave

Catégorie : Virus

Action : Supprimer

État : Opération réussie.

Version de la signature : AV: 1.69.881.0, AS: 1.69.881.0

Version du moteur : 1.1.5202.0

Record Number: 6876
Source Name: Microsoft Antimalware
Time Written: 20091112221048.000000+060
Event Type: Informations
User:

Computer Name: SUPERADA
Event Code: 1007
Message: Microsoft Antimalware a pris des mesures pour protéger cet ordinateur des logiciels espions et autres logiciels potentiellement indésirables.

Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Mabezat.B&threatid=2147598035

Utilisateur : SUPERADA\Léo

Nom : Virus:Win32/Mabezat.B

ID : 2147598035

Gravité : Grave

Catégorie : Virus

Action : Supprimer

État : Opération réussie.

Version de la signature : AV: 1.69.881.0, AS: 1.69.881.0

Version du moteur : 1.1.5202.0

Record Number: 6875
Source Name: Microsoft Antimalware
Time Written: 20091112221048.000000+060
Event Type: Informations
User:

Computer Name: SUPERADA
Event Code: 1007
Message: Microsoft Antimalware a pris des mesures pour protéger cet ordinateur des logiciels espions et autres logiciels potentiellement indésirables.

Pour plus d'informations, consultez les informations suivantes :
http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win32/Mabezat.B&threatid=2147598035

Utilisateur : SUPERADA\Léo

Nom : Virus:Win32/Mabezat.B

ID : 2147598035

Gravité : Grave

Catégorie : Virus

Action : Supprimer

État : Opération réussie.

Version de la signature : AV: 1.69.881.0, AS: 1.69.881.0

Version du moteur : 1.1.5202.0

Record Number: 6874
Source Name: Microsoft Antimalware
Time Written: 20091112221048.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: SUPERADA
Event Code: 20
Message:
Record Number: 5031
Source Name: Google Update
Time Written: 20091122230908.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SUPERADA
Event Code: 20
Message:
Record Number: 5030
Source Name: Google Update
Time Written: 20091122220915.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SUPERADA
Event Code: 20
Message:
Record Number: 5029
Source Name: Google Update
Time Written: 20091122210906.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: SUPERADA
Event Code: 1904
Message:
Record Number: 5028
Source Name: HHCTRL
Time Written: 20091122204058.000000+060
Event Type: Informations
User:

Computer Name: SUPERADA
Event Code: 1904
Message:
Record Number: 5027
Source Name: HHCTRL
Time Written: 20091122204058.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"ARCGISHOME"=C:\Program Files\ArcGIS\
"PYTHONPATH"=C:\Program Files\ArcGIS\bin

-----------------EOF-----------------

princekof
 Posté le 04/12/2009 à 12:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour

Logfile of random's system information tool 1.06 (written by random/random)
Run by Léo at 2009-12-03 18:27:33
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 25 GB (46%) free of 54 GB
Total RAM: 1022 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:43, on 03/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\Léo\Bureau\RSIT.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\Léo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256888686171
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 13484 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-30 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-30 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-30 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-02-22 106496]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-30 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
""= []
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-09-23 61440]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-20 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-30 39408]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d9b5d10-c914-11de-83c2-0016d45cf262}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL shuEt.ExE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cc09b276-cfce-11de-83d1-0016d45cf262}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL HILaIRe.exE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf9feda8-c950-11de-83c5-0016d45cf262}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe cradle_of_filth.vbe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d85d5914-c93f-11de-83c4-0016d45cf262}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL shuEt.ExE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d85d5919-c93f-11de-83c4-0016d45cf262}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL aDA.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe2c06a2-c586-11de-83b5-0016d45cf262}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL aDA.eXE


======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 2 months======

2009-12-03 18:27:33 ----D---- C:\rsit
2009-12-03 18:26:58 ----D---- C:\Program Files\Trend Micro
2009-12-02 21:46:34 ----D---- C:\Program Files\SpeedFan
2009-12-02 21:35:45 ----D---- C:\Documents and Settings\Léo\Application Data\Canneverbe_Limited
2009-12-02 21:35:39 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2009-12-02 21:34:58 ----D---- C:\Program Files\CDBurnerXP
2009-12-02 20:34:52 ----SHD---- C:\FOUND.004
2009-12-02 18:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:40 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-02 18:03:39 ----D---- C:\Documents and Settings\Léo\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:11 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-27 16:25:31 ----D---- C:\temp1
2009-11-27 14:59:24 ----D---- C:\TEMP
2009-11-27 14:56:06 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-27 14:54:16 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-23 21:58:49 ----D---- C:\OutputFolder
2009-11-22 18:29:20 ----A---- C:\WINDOWS\mapimagery.INI
2009-11-22 17:30:19 ----D---- C:\Program Files\ER Mapper1
2009-11-22 17:27:19 ----D---- C:\WINDOWS\Crystal
2009-11-22 17:27:18 ----D---- C:\Program Files\Seagate Software
2009-11-22 17:27:18 ----D---- C:\Documents and Settings\All Users\Application Data\MapInfo
2009-11-22 10:56:59 ----D---- C:\Python26
2009-11-20 17:52:36 ----D---- C:\Documents and Settings\Léo\Application Data\OpenOffice.org
2009-11-20 17:48:42 ----D---- C:\Program Files\JRE
2009-11-20 17:48:26 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\java.exe
2009-11-20 16:44:38 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-19 21:06:59 ----D---- C:\Program Files\AutoCAD 2008
2009-11-19 20:51:36 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-11-12 21:45:35 ----D---- C:\JEUX MICROSOFT
2009-11-12 20:32:16 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-11-12 20:32:15 ----SHD---- C:\Documents and Settings\Léo\Application Data\.#
2009-11-12 17:05:26 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-12 16:54:41 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 19:18:14 ----A---- C:\WINDOWS\Filzip.ini
2009-11-10 19:13:18 ----D---- C:\Program Files\Filzip
2009-11-06 22:44:20 ----D---- C:\Program Files\xPhil
2009-11-04 12:35:22 ----A---- C:\WINDOWS\ArcView9x.INI
2009-11-04 11:46:25 ----D---- C:\Program Files\Fichiers communs\AnswerWorks 4.0
2009-11-04 11:44:33 ----D---- C:\Program Files\Leica Geosystems
2009-11-04 11:35:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESRI
2009-11-04 10:14:35 ----D---- C:\Program Files\EPSON
2009-11-04 10:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2009-11-04 09:03:04 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-11-04 08:51:40 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-03 18:47:24 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-03 17:56:14 ----D---- C:\Program Files\VS Revo Group
2009-11-02 21:01:32 ----D---- C:\Documents and Settings\Léo\Application Data\Intel
2009-11-02 17:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-11-02 17:37:38 ----D---- C:\arcgis
2009-11-02 17:32:56 ----D---- C:\Program Files\Business Objects
2009-11-02 17:28:41 ----A---- C:\WINDOWS\system32\python25.dll
2009-11-02 17:26:52 ----D---- C:\Program Files\ESRI
2009-11-02 17:25:20 ----D---- C:\Documents and Settings\Léo\Application Data\ESRI
2009-11-02 16:53:00 ----D---- C:\Program Files\Fichiers communs\ESRI
2009-11-02 16:50:02 ----D---- C:\Python25
2009-11-02 16:50:02 ----D---- C:\Program Files\ArcGIS
2009-10-30 08:52:41 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-10-24 20:55:42 ----D---- C:\WINDOWS\Minidump
2009-10-23 18:37:40 ----HD---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-23 18:35:55 ----HD---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-23 17:40:31 ----D---- C:\Program Files\Microsoft Sync Framework
2009-10-23 17:38:52 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-10-23 17:38:17 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-23 17:36:02 ----D---- C:\Program Files\Microsoft
2009-10-23 17:35:31 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-23 17:34:53 ----D---- C:\Program Files\Windows Live
2009-10-23 17:27:30 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-10-21 22:04:45 ----D---- C:\Program Files\ShapeSelect
2009-10-21 22:04:20 ----D---- C:\Program Files\Phildigit
2009-10-21 22:04:06 ----D---- C:\Program Files\Philcarto
2009-10-19 22:04:29 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-10-19 20:14:16 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2009-10-19 20:12:09 ----D---- C:\Program Files\Bonjour
2009-10-19 19:02:47 ----D---- C:\Documents and Settings\Léo\Application Data\DAEMON Tools Pro
2009-10-19 18:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2009-10-19 18:55:14 ----D---- C:\Program Files\DAEMON Tools Pro
2009-10-19 18:44:21 ----D---- C:\Program Files\ConTEXT
2009-10-16 23:02:31 ----D---- C:\Program Files\khi3
2009-10-16 21:50:32 ----A---- C:\WINDOWS\RACHook12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.ini
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaDico12Dll.dll
2009-10-16 21:50:21 ----D---- C:\Program Files\Micro Application
2009-10-16 21:50:04 ----A---- C:\WINDOWS\NAVIGMA.INI
2009-10-15 17:59:41 ----D---- C:\Program Files\Mozilla Firefox
2009-10-15 14:02:00 ----D---- C:\Documents and Settings\Léo\Application Data\Google
2009-10-15 13:59:37 ----D---- C:\Program Files\Google
2009-10-15 13:20:12 ----HD---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-15 13:20:06 ----HD---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-15 13:19:46 ----HD---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-15 13:04:13 ----HD---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-15 13:00:33 ----D---- C:\Program Files\MSBuild
2009-10-15 12:54:54 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-15 12:54:51 ----D---- C:\WINDOWS\system32\en-us
2009-10-15 12:52:07 ----D---- C:\Program Files\Reference Assemblies
2009-10-15 12:50:51 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-15 12:09:22 ----A---- C:\WINDOWS\atmoUn.exe
2009-10-15 12:09:21 ----D---- C:\Program Files\Viewpoint
2009-10-15 12:09:21 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-10-15 11:02:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-15 11:02:01 ----HD---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-10-15 11:01:08 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-15 11:00:09 ----HD---- C:\WINDOWS\$NtUninstallwmp11$
2009-10-15 10:58:43 ----HD---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-10-15 10:58:07 ----HD---- C:\WINDOWS\$NtUninstallWudf01000$
2009-10-15 10:57:23 ----HD---- C:\WINDOWS\$NtUninstallKB925766$
2009-10-15 10:49:04 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 10:48:56 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 10:45:22 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 10:45:05 ----HD---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 10:44:30 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 10:43:57 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 10:43:37 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 10:43:15 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 10:42:53 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 10:42:25 ----HD---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 10:39:43 ----HD---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-15 10:39:03 ----HD---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-15 10:38:57 ----D---- C:\WINDOWS\ie8updates
2009-10-15 10:38:50 ----HD---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-15 10:38:38 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-15 10:38:33 ----HD---- C:\WINDOWS\$NtUninstallKB970483$
2009-10-15 10:38:25 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-15 10:38:18 ----HD---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-15 10:38:05 ----HD---- C:\WINDOWS\$NtUninstallKB953155$
2009-10-15 10:37:52 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-14 20:06:50 ----SHD---- C:\FOUND.003
2009-10-12 22:16:22 ----D---- C:\Program Files\Sun
2009-10-12 22:12:12 ----D---- C:\Program Files\Java
2009-10-12 22:12:07 ----D---- C:\Program Files\Fichiers communs\Java
2009-10-12 22:08:35 ----D---- C:\Documents and Settings\Léo\Application Data\Sun
2009-10-11 18:30:32 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-11 18:30:07 ----D---- C:\WINDOWS\WBEM
2009-10-11 18:28:19 ----HD---- C:\WINDOWS\ie8
2009-10-10 20:27:06 ----D---- C:\Program Files\Bank
2009-10-10 11:13:33 ----D---- C:\WINDOWS\IIS Temporary Compressed Files
2009-10-10 11:13:13 ----D---- C:\WINDOWS\system32\Cache
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\snprfdll.dll
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.ini
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\regtrace.exe
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\ntfsdrct.ini
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\fcachdll.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\adsiisex.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3svapi.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\axperf.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\aspperf.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\wamregps.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.ini
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\inetsloc.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisrstap.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisreset.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iismui.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\ftpsapi2.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\convlog.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\admxprox.dll
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\msmq
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\Logfiles
2009-10-10 11:11:38 ----D---- C:\Inetpub
2009-10-09 20:44:10 ----D---- C:\WINDOWS\system32\appmgmt
2009-10-09 18:52:11 ----HD---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-09 18:41:00 ----D---- C:\WINDOWS\system32\Adobe
2009-10-09 18:41:00 ----A---- C:\WINDOWS\system32\FileOps.exe
2009-10-09 18:32:55 ----D---- C:\WINDOWS\Prefetch
2009-10-09 18:24:45 ----D---- C:\Documents and Settings\Léo\Application Data\Malwarebytes
2009-10-09 18:24:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-09 18:24:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-09 18:23:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\bits
2009-10-09 18:23:38 ----D---- C:\WINDOWS\l2schemas
2009-10-09 18:20:00 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-09 18:16:28 ----D---- C:\WINDOWS\network diagnostic
2009-10-09 18:11:49 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2009-10-09 17:59:41 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-09 17:59:36 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-09 17:59:30 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-09 17:59:24 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-09 17:59:18 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-09 17:59:13 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-09 17:59:07 ----HD---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-09 17:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB972260$
2009-10-09 17:58:48 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-09 17:58:42 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-09 17:58:36 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-09 17:58:31 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-09 17:58:26 ----HD---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-09 17:58:23 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-09 17:57:55 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-09 17:57:43 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-09 17:57:38 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-09 17:57:33 ----HD---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-10-09 17:57:28 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-09 17:57:22 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-09 17:57:14 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-09 17:56:33 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-09 17:56:28 ----HD---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-09 17:56:10 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-09 17:56:04 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-09 17:55:59 ----HD---- C:\WINDOWS\$NtUninstallKB923689$
2009-10-09 17:55:40 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-09 17:55:34 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-09 17:55:28 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-09 17:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-09 17:55:12 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-09 17:55:05 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-09 17:54:50 ----HD---- C:\WINDOWS\$NtUninstallKB973768$
2009-10-09 17:54:31 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-09 17:54:25 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-09 17:54:19 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-09 17:54:13 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-09 17:54:07 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2009-10-09 17:54:01 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-09 17:53:53 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-09 17:53:47 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-09 17:53:37 ----D---- C:\Program Files\MSXML 4.0
2009-10-09 17:53:06 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-09 17:52:49 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-10-09 17:35:05 ----D---- C:\WINDOWS\system32\PreInstall
2009-10-09 17:35:02 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2009-10-09 17:02:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-09 16:56:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-10-09 16:35:16 ----D---- C:\Program Files\Microsoft Security Essentials
2009-10-09 16:35:03 ----HD---- C:\WINDOWS\$NtUninstallKB914882$
2009-10-09 16:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-09 07:04:43 ----RASHD---- C:\autorun.inf
2009-10-09 07:00:56 ----SHD---- C:\FOUND.002
2009-10-09 06:45:10 ----D---- C:\Program Files\CCleaner
2009-10-09 06:35:52 ----SHD---- C:\FOUND.001
2009-10-07 22:37:34 ----D---- C:\Documents and Settings\Léo\Application Data\Help
2009-10-07 22:35:15 ----A---- C:\WINDOWS\whpt.dll
2009-10-07 22:35:15 ----A---- C:\WINDOWS\kpsharp.dll
2009-10-07 22:35:15 ----A---- C:\WINDOWS\kpscale.dll
2009-10-07 22:35:14 ----RA---- C:\WINDOWS\system32\CVShell.dll
2009-10-07 22:35:14 ----RA---- C:\WINDOWS\icccodes.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\sprof32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\ptpick32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\pfpick.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\pcdlib32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpsys32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpfp32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpcp32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpapi32.dll
2009-10-07 22:35:01 ----D---- C:\Program Files\Canvas 6
2009-10-07 22:35:01 ----D---- C:\KPCMS
2009-10-07 22:35:01 ----A---- C:\WINDOWS\kpcms.ini
2009-10-07 21:37:18 ----AD---- C:\Program Files\WinRAR
2009-10-07 21:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2009-10-07 21:27:02 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared
2009-10-07 20:36:47 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared
2009-10-07 20:36:47 ----D---- C:\Program Files\Autodesk
2009-10-07 20:36:05 ----D---- C:\Program Files\Fichiers communs\Designer
2009-10-07 20:35:38 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared
2009-10-07 20:35:38 ----D---- C:\Documents and Settings\Léo\Application Data\Autodesk
2009-10-07 20:35:38 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2009-10-07 19:31:14 ----D---- C:\Documents and Settings\Léo\Application Data\AdobeUM
2009-10-07 19:00:47 ----D---- C:\Documents and Settings\Léo\Application Data\Adobe
2009-10-07 18:53:33 ----D---- C:\Documents and Settings\Léo\Application Data\Mozilla
2009-10-07 18:48:10 ----D---- C:\Documents and Settings\Léo\Application Data\Thinstall
2009-10-07 18:40:29 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-10-07 18:24:58 ----D---- C:\Program Files\ER Mapper
2009-10-07 18:23:38 ----D---- C:\Program Files\GID
2009-10-07 18:23:37 ----D---- C:\Program Files\MapImagery
2009-10-07 18:22:03 ----D---- C:\Program Files\ChronoMap
2009-10-07 18:21:16 ----D---- C:\Program Files\ChronoVia
2009-10-07 18:15:45 ----A---- C:\WINDOWS\IsUn040c.exe
2009-10-07 18:15:00 ----A---- C:\WINDOWS\system32\rdocurs.dll
2009-10-07 18:14:59 ----A---- C:\WINDOWS\system32\dbmssocn.dll
2009-10-07 18:13:17 ----D---- C:\Documents and Settings\Léo\Application Data\MapInfo
2009-10-07 18:11:56 ----D---- C:\Program Files\MapInfo
2009-10-07 17:59:26 ----SHD---- C:\FOUND.000
2009-10-06 23:17:12 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-10-06 23:04:24 ----A---- C:\Program Files\wt3d.ini
2009-10-06 22:27:49 ----SHD---- C:\Recycled
2009-10-06 21:58:41 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-10-06 21:54:01 ----D---- C:\Documents and Settings\Léo\Application Data\CyberLink
2009-10-06 21:52:15 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-10-06 21:48:13 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-10-06 21:33:16 ----D---- C:\Program Files\Yahoo!
2009-10-06 21:33:09 ----D---- C:\WINDOWS\Acer
2009-10-06 21:33:09 ----D---- C:\Documents and Settings\Léo\Application Data\Macromedia
2009-10-06 21:31:32 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-10-06 21:30:11 ----D---- C:\Program Files\WinPCap
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\wpcap.dll
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\WanPacket.dll
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\pthreadVC.dll
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\packet.dll
2009-10-06 21:30:01 ----D---- C:\WINDOWS\system32\DRVSTORE
2009-10-06 21:29:51 ----A---- C:\WINDOWS\system32\results.txt
2009-10-06 21:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-10-06 21:29:07 ----A---- C:\WINDOWS\system32\acerGina.dll
2009-10-06 21:28:37 ----D---- C:\Program Files\Launch Manager
2009-10-06 21:28:35 ----A---- C:\WINDOWS\system32\FILTRCOI.DLL
2009-10-06 21:27:25 ----A---- C:\WINDOWS\system32\Epm-Po.dll
2009-10-06 21:27:25 ----A---- C:\WINDOWS\system32\acpimof.dll
2009-10-06 21:25:46 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-10-06 21:25:13 ----ASH---- C:\Documents and Settings\Léo\Application Data\desktop.ini
2009-10-06 21:25:09 ----SD---- C:\Documents and Settings\Léo\Application Data\Microsoft
2009-10-06 21:25:08 ----D---- C:\Documents and Settings\Léo\Application Data\Identities
2009-10-06 21:25:08 ----D---- C:\Documents and Settings\Léo\Application Data\Acer
2009-10-06 21:23:50 ----SHD---- C:\System Volume Information
2009-10-06 21:13:55 ----D---- C:\WINDOWS\nview
2009-10-06 21:13:55 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-10-06 21:12:06 ----A---- C:\WINDOWS\YTB.EXE
2009-10-06 21:12:06 ----A---- C:\WINDOWS\EMEAWG.EXE

======List of files/folders modified in the last 2 months======

2009-12-03 18:25:24 ----A---- C:\WINDOWS\win.ini
2009-12-03 18:23:26 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-12-02 22:39:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-04 20:25:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-28 16:07:16 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-07 18:15:02 ----A---- C:\WINDOWS\ODBCINST.INI
2009-10-06 21:33:28 ----A---- C:\WINDOWS\ALaunch.ini
2009-10-06 21:23:44 ----AH---- C:\boot.ini
2009-10-06 21:12:08 ----A---- C:\WINDOWS\CLEANUP.CMD
2009-10-06 21:12:06 ----A---- C:\WINDOWS\HotFix.bat

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-10-06 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-19 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S3 adhcm054;adhcm054; C:\WINDOWS\system32\drivers\adhcm054.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2006-01-23 32512]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 Vswtrud;Vswtrud; C:\WINDOWS\system32\drivers\Vswtrud.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-20 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-09 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-11-19 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-30 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-10 19456]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2006-01-23 86016]
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

philae
 Posté le 04/12/2009 à 14:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

bien infecté

on commence

* Télécharge et installe UsbFix (de C_XX & Chiquitine29) sur ton Bureau :

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
*
Double clic sur le raccourci UsbFix présent sur ton bureau .

* Choisis l option 1 ( Recherche )
* Laisse travailler l outil.
* Ensuite post le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus
(AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)
d'où l'alerte émise par ces antivirus.

ensuite

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
*
Double clic sur le raccourci UsbFix présent sur ton bureau
* choisis l option 2 ( Suppression )
* Ton bureau disparaitra et le pc redémarrera .
* Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
* Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt ) ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

tu reposteras à l'issu un nouveau rapport RSIT également

princekof
 Posté le 04/12/2009 à 14:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Salut


############################## | UsbFix V6.059 |

User : Léo (Administrateurs) # SUPERADA
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:27:31 | 04/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Microsoft Security Essentials 2.0.6212.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 53,2 Go (23,89 Go free) [ACER] # FAT32
D:\ -> Disque fixe local # 53,69 Go (35,77 Go free) [ACERDATA] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 465,76 Go (344,06 Go free) [MANASSE] # NTFS
G:\ -> Disque CD-ROM
H:\ -> Disque amovible # 1,86 Go (727,01 Mo free) [ANICET] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 552
C:\WINDOWS\system32\csrss.exe 884
C:\WINDOWS\system32\winlogon.exe 912
C:\WINDOWS\system32\services.exe 956
C:\WINDOWS\system32\lsass.exe 968
C:\WINDOWS\system32\svchost.exe 1128
C:\WINDOWS\system32\svchost.exe 1204
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe 1276
C:\WINDOWS\System32\svchost.exe 1316
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1396
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1460
C:\WINDOWS\system32\svchost.exe 1556
C:\WINDOWS\system32\svchost.exe 228
C:\WINDOWS\system32\spoolsv.exe 800
C:\WINDOWS\system32\svchost.exe 868
C:\WINDOWS\system32\msdtc.exe 1160
C:\Acer\Empowering Technology\admServ.exe 1544
C:\Program Files\Bonjour\mDNSResponder.exe 1880
C:\WINDOWS\system32\svchost.exe 1420
C:\WINDOWS\system32\cisvc.exe 252
C:\WINDOWS\eHome\ehRecvr.exe 352
C:\WINDOWS\eHome\ehSched.exe 616
C:\WINDOWS\system32\inetsrv\inetinfo.exe 280
C:\Program Files\Java\jre6\bin\jqs.exe 732
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 2000
C:\Program Files\CDBurnerXP\NMSAccessU.exe 2148
C:\WINDOWS\system32\nvsvc32.exe 2192
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 2616
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2796
C:\WINDOWS\System32\snmp.exe 2864
C:\WINDOWS\system32\svchost.exe 3008
C:\WINDOWS\system32\mqsvc.exe 3080
C:\WINDOWS\ehome\mcrdsvc.exe 3420
C:\WINDOWS\system32\mqtgsvc.exe 3704
C:\WINDOWS\system32\wbem\wmiprvse.exe 4080
C:\WINDOWS\system32\dllhost.exe 340
C:\WINDOWS\system32\wbem\wmiapsrv.exe 1120
C:\WINDOWS\system32\wbem\wmiprvse.exe 2680
C:\WINDOWS\System32\alg.exe 2712
C:\WINDOWS\Explorer.EXE 2212
C:\WINDOWS\ehome\ehtray.exe 2172
C:\WINDOWS\eHome\ehmsas.exe 2136
C:\WINDOWS\RTHDCPL.EXE 1752
C:\Acer\Empowering Technology\eRecovery\Monitor.exe 1844
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1924
C:\Acer\Empowering Technology\admtray.exe 2176
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 2188
C:\WINDOWS\system32\rundll32.exe 1272
C:\WINDOWS\system32\RUNDLL32.EXE 2464
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe 1656
C:\PROGRA~1\LAUNCH~1\LManager.exe 2292
C:\Program Files\Microsoft Security Essentials\msseces.exe 2324
C:\Program Files\Java\jre6\bin\jusched.exe 2456
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe 2772
C:\WINDOWS\system32\ctfmon.exe 3032
C:\WINDOWS\system32\control.exe 3276
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe 3268
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3544
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 2560
C:\WINDOWS\system32\wbem\unsecapp.exe 4008
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe 3340
C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe 1236
C:\WINDOWS\system32\cidaemon.exe 416
C:\WINDOWS\system32\cidaemon.exe 2532
C:\WINDOWS\system32\NOTEPAD.EXE 2448
C:\WINDOWS\system32\NOTEPAD.EXE 1820
C:\Program Files\Mozilla Firefox\firefox.exe 4456

################## | Fichiers # Dossiers infectieux |


################## | Spyware.OnlineGames |

C:\System Volume Information\_restore{FE9DB679-8B9F-4569-9471-BFCEFDF23881}\RP89\A0050417.dll
C:\System Volume Information\_restore{FE9DB679-8B9F-4569-9471-BFCEFDF23881}\RP89\A0050418.dll

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{4d9b5d10-c914-11de-83c2-0016d45cf262}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL shuEt.ExE

HKCU\..\..\Explorer\MountPoints2\{cc09b276-cfce-11de-83d1-0016d45cf262}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL HILaIRe.exE

HKCU\..\..\Explorer\MountPoints2\{cf9feda8-c950-11de-83c5-0016d45cf262}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe cradle_of_filth.vbe

HKCU\..\..\Explorer\MountPoints2\{d85d5914-c93f-11de-83c4-0016d45cf262}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL shuEt.ExE

HKCU\..\..\Explorer\MountPoints2\{d85d5919-c93f-11de-83c4-0016d45cf262}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL aDA.EXE

HKCU\..\..\Explorer\MountPoints2\{fe2c06a2-c586-11de-83b5-0016d45cf262}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL aDA.eXE

################## | Cracks / Keygens / Serials |

"C:\Program Files\Java\jdk1.6.0_03\bin\serialver.exe"
24/09/2007 23:13 |Size 25600 |Crc32 6dee1fe9 |Md5 b49bd3ccf6bf94a955766dfc2d9a79bf

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack\Illustrator.exe"
15/08/2009 00:47 |Size 20180648 |Crc32 0f8c481e |Md5 54f5bc3ddbf88c28676ae5f64ecd54f3

"F:\A INSTALLER\Adobe INSTALLATION\6PRO\Adobe.Acrobat.6.0.Professional.KeyGen.exe"
07/06/2003 18:35 |Size 54171 |Crc32 5e13c68e |Md5 c485d483991eecdc2bd29e40ec1d7f1c

"F:\A INSTALLER\Adobe INSTALLATION\audition\Crack\keygen.exe"
08/06/2004 21:16 |Size 17408 |Crc32 74b6e44e |Md5 a5ccbcb5f7f7b97f1f066d75aef1fe9f

"F:\A INSTALLER\AutoCAD 2006 (D)\KEYGEN\keygen.exe"
05/05/2005 18:26 |Size 71168 |Crc32 2263584c |Md5 60fdcd1106b1f70424cc141bb078f35d

"F:\A INSTALLER\Autocad_Stephane\Document\Acad2008\Crack\AutoCAD-2008-keygen.exe"
03/03/2007 19:58 |Size 94208 |Crc32 af715fab |Md5 e7f388a4a8ed4e013d2510e7ca3bac5a

"F:\A INSTALLER\Autocad_Stephane\Document\Acad2008\Crack\Kiss_CAD08.exe"
03/03/2007 19:58 |Size 94208 |Crc32 af715fab |Md5 e7f388a4a8ed4e013d2510e7ca3bac5a

"F:\UTILS\LOGICIEL PORTABLE PARIS\SECURITE\LOST KEYS\Keyfinder151\ViewNChangeVolumeSerialNumber.exe"
23/04/2005 10:02 |Size 36864 |Crc32 a5e1b024 |Md5 26c541f99219c6654c3c95a2c05f6cee

"D:\Mes documents\Mes fichiers re‡us\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Crack\Illustrator.exe

"D:\Mes documents\Mes fichiers re‡us\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Illustrator cs3.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Crack\Illustrator.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Illustrator cs3.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Contribute CS3\Contribute.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Dreamweaver CS3\Dreamweaver.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Fireworks CS3\Fireworks.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Flash CS3\Flash.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Illustrator CS3\Illustrator.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Photoshop CS3\Photoshop.exe


################## | ! Fin du rapport # UsbFix V6.059 ! |

princekof
 Posté le 04/12/2009 à 15:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Salut Philae


############################## | UsbFix V6.059 |

User : Léo (Administrateurs) # SUPERADA
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:48:24 | 04/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Microsoft Security Essentials 2.0.6212.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 53,2 Go (23,89 Go free) [ACER] # FAT32
D:\ -> Disque fixe local # 53,69 Go (35,77 Go free) [ACERDATA] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 465,76 Go (344,06 Go free) [MANASSE] # NTFS
G:\ -> Disque CD-ROM
H:\ -> Disque amovible # 1,86 Go (727,01 Mo free) [ANICET] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 552
C:\WINDOWS\system32\csrss.exe 888
C:\WINDOWS\system32\winlogon.exe 916
C:\WINDOWS\system32\services.exe 960
C:\WINDOWS\system32\lsass.exe 972
C:\WINDOWS\system32\svchost.exe 1140
C:\WINDOWS\system32\svchost.exe 1220
C:\WINDOWS\system32\logonui.exe 1248
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe 1380
C:\WINDOWS\System32\svchost.exe 1420
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1520
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1576
C:\WINDOWS\system32\svchost.exe 1680
C:\WINDOWS\system32\svchost.exe 276
C:\WINDOWS\system32\spoolsv.exe 724
C:\WINDOWS\system32\svchost.exe 1296
C:\WINDOWS\system32\msdtc.exe 1344
C:\Acer\Empowering Technology\admServ.exe 1808
C:\Program Files\Bonjour\mDNSResponder.exe 1912
C:\WINDOWS\system32\svchost.exe 1992
C:\WINDOWS\system32\cisvc.exe 1960
C:\WINDOWS\eHome\ehRecvr.exe 1504
C:\WINDOWS\eHome\ehSched.exe 344
C:\WINDOWS\system32\inetsrv\inetinfo.exe 608
C:\Program Files\Java\jre6\bin\jqs.exe 784
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 820
C:\Program Files\CDBurnerXP\NMSAccessU.exe 1620
C:\WINDOWS\system32\nvsvc32.exe 1720
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 1976
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2148
C:\WINDOWS\System32\snmp.exe 2212
C:\WINDOWS\system32\svchost.exe 2232
C:\WINDOWS\system32\mqsvc.exe 2320
C:\WINDOWS\ehome\mcrdsvc.exe 2692
C:\WINDOWS\system32\mqtgsvc.exe 2920
C:\WINDOWS\system32\wuauclt.exe 2924
C:\WINDOWS\system32\wbem\wmiprvse.exe 3160
C:\WINDOWS\system32\dllhost.exe 3236
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3304
C:\WINDOWS\system32\wbem\wmiprvse.exe 3568
C:\WINDOWS\System32\alg.exe 3600
C:\WINDOWS\system32\userinit.exe 3636
C:\WINDOWS\Explorer.EXE 3416

################## | Fichiers # Dossiers infectieux |


################## | Spyware.OnlineGames |

Supprimé ! C:\System Volume Information\_restore{FE9DB679-8B9F-4569-9471-BFCEFDF23881}\RP89\A0050417.dll
Supprimé ! C:\System Volume Information\_restore{FE9DB679-8B9F-4569-9471-BFCEFDF23881}\RP89\A0050418.dll

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{4d9b5d10-c914-11de-83c2-0016d45cf262}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{cc09b276-cfce-11de-83d1-0016d45cf262}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{cf9feda8-c950-11de-83c5-0016d45cf262}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d85d5914-c93f-11de-83c4-0016d45cf262}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d85d5919-c93f-11de-83c4-0016d45cf262}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{fe2c06a2-c586-11de-83b5-0016d45cf262}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[19/08/2006 07:00|-rahs----|83] C:\Preload.aaa
[10/08/2004 20:00|-rahs----|4952] C:\Bootfont.bin
[09/10/2009 18:16|-rahs----|252240] C:\ntldr
[10/08/2004 20:00|-rahs----|47564] C:\NTDETECT.COM
[06/10/2009 21:23|--ah-----|209] C:\boot.ini
[19/08/2006 04:44|--a------|0] C:\CONFIG.SYS
[19/08/2006 05:32|--a------|50] C:\AUTOEXEC.BAT
[19/08/2006 04:44|-rahs----|0] C:\IO.SYS
[19/08/2006 04:44|-rahs----|0] C:\MSDOS.SYS
[19/08/2006 05:22|--a------|519] C:\RHDSetup.log
[11/11/1999 00:17|--a------|49] C:\MCE.TAG
[04/12/2009 14:53|--a------|4369] C:\UsbFix.txt
[?|?|?] C:\pagefile.sys
[?|?|?] C:\hiberfil.sys
[16/10/2008 12:39|--ah-----|162] D:\~$rŠs avoir fait une vie d‚cente.doc
[05/06/2008 11:18|---h-----|24064] D:\~WRL0005.tmp
[07/10/2009 19:46|--ahs----|62] D:\Copie de desktop.ini
[25/04/2009 17:38|--a------|3872608256] F:\Windev - Webdev - Windev Mobile - v10.0 (0.37f) - Update (0.40g) - Dumpteam 4.5a6 - Packed by BigHoody.iso
[09/11/2009 08:15|--a------|516190] H:\Modele-Cahier-des-Charges-ERP.zip
[17/11/2009 07:43|--a------|36352] H:\Notes_g‚n...xls
[09/11/2009 20:50|--a------|7080064] H:\ALLELUIAH.mp3
[20/11/2009 07:09|--a------|745722] H:\stat.pdf
[03/12/2009 09:44|--a------|781909] H:\RSIT.exe
[18/11/2009 14:24|--a------|288155] H:\Lien-251.pdf
[10/11/2009 12:06|--a------|28672] H:\PERT VDM AFRIQUE DU SUD corrig‚.doc
[10/11/2009 12:24|--a------|25088] H:\PERT VDM AFRIQUE DU SUD corrig‚ A4.doc
[23/10/2009 15:06|--a------|131927] H:\variables visuelles.jpg
[10/11/2009 09:37|--a------|15360] H:\REALISATION MAQUETTE VDM.xls
[09/11/2009 16:29|--a------|21504] H:\CAHIER DE CHARGES VDM Afrique du Sud.doc
[10/11/2009 12:24|--a------|27648] H:\PERT VDM AFRIQUE DU SUD.doc
[03/12/2009 08:14|--a------|205469] H:\http___news.tara-voyance.co....pdf
[03/11/2009 09:12|--a------|5462] H:\norberte.JPG
[28/10/2009 16:54|--a------|13382] H:\ENSG.jpg
[14/11/2009 14:45|--a------|20110] H:\Document.rtf
[03/12/2009 09:47|--a------|812344] H:\HJTInstall.exe
[02/12/2009 09:44|--a------|1780792] H:\VIDEOma‡on.mp4
[05/11/2009 09:08|--a------|6483] H:\Document Koffi.rtf
[02/12/2009 12:50|--a------|4409491] H:\cdbxp_setup_4.2.7.1801.exe
[05/11/2009 21:20|--a------|26624] H:\Conseils de prudence Koffi.doc
[02/12/2009 07:59|--a------|1069220] H:\Aide au logement %E9tudiant CAF001.pdf
[01/09/2001 16:04|--a------|3566998] H:\Que tes oeuvres sont belles A219-1!.wav
[20/02/2008 17:24|--a------|193960] H:\H. MONDESIR_CARTOGRAPHIE ET SIG DANS LES COLLECTIVITES-0108.pdf
[19/11/2009 16:42|--a------|788890] H:\Infections par supports amo....pdf
[02/12/2009 14:43|--a------|7392288] H:\SUPERAntiSpywarePro.exe
[02/12/2009 22:35|--a------|835] H:\SUPERAntiSpyware Scan Log - 12-02-2009 - 20-29-28.log
[25/11/2009 09:53|--a------|194904] H:\Exemple de CV Chronologique.mht
[25/11/2009 13:48|--a------|169823] H:\plaquette_SIG2C_2009_2010.pdf
[25/11/2009 13:47|--a------|124890] H:\referentiel_SIGCC_2009.pdf
[20/11/2009 16:48|--a------|54199] H:\carte de s‚jour.pdf.pdf
[03/12/2009 08:12|--a------|237056] H:\Si vous ne pouvez pas lire ce message.doc
[04/12/2009 08:57|--a------|55551488] H:\20091203-004-v5i32.exe
[04/12/2009 08:14|--a------|64] H:\Codep77_ini.ldb
[08/10/2009 17:10|--a------|632832] H:\SIGCC_program_2009-2010.doc
[09/10/2009 19:03|--a------|95744] H:\Situation Lumiere - Alimentation du 03-10-2009 au.xls
[09/10/2009 19:04|--a------|157184] H:\Situation Lumiere - Produits BB du 03-10-2009 au.xls
[12/10/2009 17:35|--a------|286138] H:\al8.pdf
[12/10/2009 15:03|--a------|858112] H:\contraintes.ppt
[14/10/2009 17:22|--a------|158637] H:\Curriculum.pdf

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"C:\Program Files\Java\jdk1.6.0_03\bin\serialver.exe"
24/09/2007 23:13 |Size 25600 |Crc32 6dee1fe9 |Md5 b49bd3ccf6bf94a955766dfc2d9a79bf

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack\Illustrator.exe"
15/08/2009 00:47 |Size 20180648 |Crc32 0f8c481e |Md5 54f5bc3ddbf88c28676ae5f64ecd54f3

"F:\A INSTALLER\Adobe INSTALLATION\6PRO\Adobe.Acrobat.6.0.Professional.KeyGen.exe"
07/06/2003 18:35 |Size 54171 |Crc32 5e13c68e |Md5 c485d483991eecdc2bd29e40ec1d7f1c

"F:\A INSTALLER\Adobe INSTALLATION\audition\Crack\keygen.exe"
08/06/2004 21:16 |Size 17408 |Crc32 74b6e44e |Md5 a5ccbcb5f7f7b97f1f066d75aef1fe9f

"F:\A INSTALLER\AutoCAD 2006 (D)\KEYGEN\keygen.exe"
05/05/2005 18:26 |Size 71168 |Crc32 2263584c |Md5 60fdcd1106b1f70424cc141bb078f35d

"F:\A INSTALLER\Autocad_Stephane\Document\Acad2008\Crack\AutoCAD-2008-keygen.exe"
03/03/2007 19:58 |Size 94208 |Crc32 af715fab |Md5 e7f388a4a8ed4e013d2510e7ca3bac5a

"F:\A INSTALLER\Autocad_Stephane\Document\Acad2008\Crack\Kiss_CAD08.exe"
03/03/2007 19:58 |Size 94208 |Crc32 af715fab |Md5 e7f388a4a8ed4e013d2510e7ca3bac5a

"F:\UTILS\LOGICIEL PORTABLE PARIS\SECURITE\LOST KEYS\Keyfinder151\ViewNChangeVolumeSerialNumber.exe"
23/04/2005 10:02 |Size 36864 |Crc32 a5e1b024 |Md5 26c541f99219c6654c3c95a2c05f6cee

"D:\Mes documents\Mes fichiers re‡us\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Crack\Illustrator.exe

"D:\Mes documents\Mes fichiers re‡us\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Illustrator cs3.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Crack\Illustrator.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise.rar"
-> contain : Adobe Illustrator CS3 french-Incl-cerise\Illustrator cs3.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Contribute CS3\Contribute.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Dreamweaver CS3\Dreamweaver.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Fireworks CS3\Fireworks.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Flash CS3\Flash.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Illustrator CS3\Illustrator.exe

"F:\A INSTALLER\Adobe Illustrator CS3 french-Incl-cerise-Bonus Crack Adobe CS3 [ By The Best Of ]\Adobe Illustrator CS3 french-Incl-cerise\Adobe Illustrator CS3 french-Incl-cerise\Crack Adobe CS3.rar"
-> contain : Crack Adobe CS3\Crack Adobe CS3 [Acrobat 8.0_After Effects_Contribute_Dreamweaver_Fireworks_Flash_Illustrator_InDesign_Photoshop] © [camp@gnese]T\Adobe Photoshop CS3\Photoshop.exe


################## | ! Fin du rapport # UsbFix V6.059 ! |

philae
 Posté le 04/12/2009 à 15:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

OK pour USBFix, reposte un rapport RSIT maintenant

et puis

| Cracks / Keygens / Serials |

tu as ce qu'il faut........................ pour garder un pc sain, ce n'est pas la meilleure des tactiques

princekof
 Posté le 04/12/2009 à 15:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Et voila!!

Logfile of random's system information tool 1.06 (written by random/random)
Run by Léo at 2009-12-04 15:19:24
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 25 GB (45%) free of 54 GB
Total RAM: 1022 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:19:36, on 04/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Léo\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Léo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256888686171
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 12446 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-02-22 106496]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
""= []
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-09-23 61440]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-12-03 1394000]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-20 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-30 39408]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 2 months======

2009-12-04 14:53:54 ----RASHD---- C:\autorun.inf
2009-12-04 14:48:21 ----A---- C:\UsbFix.txt
2009-12-04 14:38:49 ----D---- C:\Documents and Settings\Léo\Application Data\WinRAR
2009-12-04 14:26:36 ----D---- C:\UsbFix
2009-12-03 18:27:33 ----D---- C:\rsit
2009-12-03 18:26:58 ----D---- C:\Program Files\Trend Micro
2009-12-02 21:35:45 ----D---- C:\Documents and Settings\Léo\Application Data\Canneverbe_Limited
2009-12-02 21:35:39 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2009-12-02 21:34:58 ----D---- C:\Program Files\CDBurnerXP
2009-12-02 20:34:52 ----SHD---- C:\FOUND.004
2009-12-02 18:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:40 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-02 18:03:39 ----D---- C:\Documents and Settings\Léo\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:11 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-27 16:25:31 ----D---- C:\temp1
2009-11-27 14:59:24 ----D---- C:\TEMP
2009-11-27 14:56:06 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-27 14:54:16 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-23 21:58:49 ----D---- C:\OutputFolder
2009-11-22 18:29:20 ----A---- C:\WINDOWS\mapimagery.INI
2009-11-22 17:30:19 ----D---- C:\Program Files\ER Mapper1
2009-11-22 17:27:19 ----D---- C:\WINDOWS\Crystal
2009-11-22 17:27:18 ----D---- C:\Program Files\Seagate Software
2009-11-22 17:27:18 ----D---- C:\Documents and Settings\All Users\Application Data\MapInfo
2009-11-22 10:56:59 ----D---- C:\Python26
2009-11-20 17:52:36 ----D---- C:\Documents and Settings\Léo\Application Data\OpenOffice.org
2009-11-20 17:48:42 ----D---- C:\Program Files\JRE
2009-11-20 17:48:26 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\java.exe
2009-11-20 16:44:38 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-19 21:06:59 ----D---- C:\Program Files\AutoCAD 2008
2009-11-19 20:51:36 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-11-12 21:45:35 ----D---- C:\JEUX MICROSOFT
2009-11-12 20:32:16 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-11-12 20:32:15 ----SHD---- C:\Documents and Settings\Léo\Application Data\.#
2009-11-12 17:05:26 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-12 16:54:41 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 19:18:14 ----A---- C:\WINDOWS\Filzip.ini
2009-11-10 19:13:18 ----D---- C:\Program Files\Filzip
2009-11-06 22:44:20 ----D---- C:\Program Files\xPhil
2009-11-04 12:35:22 ----A---- C:\WINDOWS\ArcView9x.INI
2009-11-04 11:46:25 ----D---- C:\Program Files\Fichiers communs\AnswerWorks 4.0
2009-11-04 11:44:33 ----D---- C:\Program Files\Leica Geosystems
2009-11-04 11:35:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESRI
2009-11-04 10:14:35 ----D---- C:\Program Files\EPSON
2009-11-04 10:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2009-11-04 09:03:04 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-11-04 08:51:40 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-03 18:47:24 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-03 17:56:14 ----D---- C:\Program Files\VS Revo Group
2009-11-02 21:01:32 ----D---- C:\Documents and Settings\Léo\Application Data\Intel
2009-11-02 17:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-11-02 17:37:38 ----D---- C:\arcgis
2009-11-02 17:32:56 ----D---- C:\Program Files\Business Objects
2009-11-02 17:28:41 ----A---- C:\WINDOWS\system32\python25.dll
2009-11-02 17:26:52 ----D---- C:\Program Files\ESRI
2009-11-02 17:25:20 ----D---- C:\Documents and Settings\Léo\Application Data\ESRI
2009-11-02 16:53:00 ----D---- C:\Program Files\Fichiers communs\ESRI
2009-11-02 16:50:02 ----D---- C:\Python25
2009-11-02 16:50:02 ----D---- C:\Program Files\ArcGIS
2009-10-30 08:52:41 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-10-24 20:55:42 ----D---- C:\WINDOWS\Minidump
2009-10-23 18:37:40 ----HD---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-23 18:35:55 ----HD---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-23 17:40:31 ----D---- C:\Program Files\Microsoft Sync Framework
2009-10-23 17:38:52 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-10-23 17:38:17 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-23 17:36:02 ----D---- C:\Program Files\Microsoft
2009-10-23 17:35:31 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-23 17:34:53 ----D---- C:\Program Files\Windows Live
2009-10-23 17:27:30 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-10-21 22:04:45 ----D---- C:\Program Files\ShapeSelect
2009-10-21 22:04:20 ----D---- C:\Program Files\Phildigit
2009-10-21 22:04:06 ----D---- C:\Program Files\Philcarto
2009-10-19 22:04:29 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-10-19 20:14:16 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2009-10-19 20:12:09 ----D---- C:\Program Files\Bonjour
2009-10-19 19:02:47 ----D---- C:\Documents and Settings\Léo\Application Data\DAEMON Tools Pro
2009-10-19 18:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2009-10-19 18:55:14 ----D---- C:\Program Files\DAEMON Tools Pro
2009-10-19 18:44:21 ----D---- C:\Program Files\ConTEXT
2009-10-16 23:02:31 ----D---- C:\Program Files\khi3
2009-10-16 21:50:32 ----A---- C:\WINDOWS\RACHook12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.ini
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaDico12Dll.dll
2009-10-16 21:50:21 ----D---- C:\Program Files\Micro Application
2009-10-16 21:50:04 ----A---- C:\WINDOWS\NAVIGMA.INI
2009-10-15 17:59:41 ----D---- C:\Program Files\Mozilla Firefox
2009-10-15 14:02:00 ----D---- C:\Documents and Settings\Léo\Application Data\Google
2009-10-15 13:59:37 ----D---- C:\Program Files\Google
2009-10-15 13:20:12 ----HD---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-15 13:20:06 ----HD---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-15 13:19:46 ----HD---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-15 13:04:13 ----HD---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-15 13:00:33 ----D---- C:\Program Files\MSBuild
2009-10-15 12:54:54 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-15 12:54:51 ----D---- C:\WINDOWS\system32\en-us
2009-10-15 12:52:07 ----D---- C:\Program Files\Reference Assemblies
2009-10-15 12:50:51 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-15 12:09:22 ----A---- C:\WINDOWS\atmoUn.exe
2009-10-15 12:09:21 ----D---- C:\Program Files\Viewpoint
2009-10-15 12:09:21 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-10-15 11:02:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-15 11:02:01 ----HD---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-10-15 11:01:08 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-15 11:00:09 ----HD---- C:\WINDOWS\$NtUninstallwmp11$
2009-10-15 10:58:43 ----HD---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-10-15 10:58:07 ----HD---- C:\WINDOWS\$NtUninstallWudf01000$
2009-10-15 10:57:23 ----HD---- C:\WINDOWS\$NtUninstallKB925766$
2009-10-15 10:49:04 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 10:48:56 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 10:45:22 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 10:45:05 ----HD---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 10:44:30 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 10:43:57 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 10:43:37 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 10:43:15 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 10:42:53 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 10:42:25 ----HD---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 10:39:43 ----HD---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-15 10:39:03 ----HD---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-15 10:38:57 ----D---- C:\WINDOWS\ie8updates
2009-10-15 10:38:50 ----HD---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-15 10:38:38 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-15 10:38:33 ----HD---- C:\WINDOWS\$NtUninstallKB970483$
2009-10-15 10:38:25 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-15 10:38:18 ----HD---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-15 10:38:05 ----HD---- C:\WINDOWS\$NtUninstallKB953155$
2009-10-15 10:37:52 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-14 20:06:50 ----SHD---- C:\FOUND.003
2009-10-12 22:16:22 ----D---- C:\Program Files\Sun
2009-10-12 22:12:12 ----D---- C:\Program Files\Java
2009-10-12 22:12:07 ----D---- C:\Program Files\Fichiers communs\Java
2009-10-12 22:08:35 ----D---- C:\Documents and Settings\Léo\Application Data\Sun
2009-10-11 18:30:32 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-11 18:30:07 ----D---- C:\WINDOWS\WBEM
2009-10-11 18:28:19 ----HD---- C:\WINDOWS\ie8
2009-10-10 20:27:06 ----D---- C:\Program Files\Bank
2009-10-10 11:13:33 ----D---- C:\WINDOWS\IIS Temporary Compressed Files
2009-10-10 11:13:13 ----D---- C:\WINDOWS\system32\Cache
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\snprfdll.dll
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.ini
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\regtrace.exe
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\ntfsdrct.ini
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\fcachdll.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\adsiisex.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3svapi.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\axperf.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\aspperf.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\wamregps.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.ini
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\inetsloc.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisrstap.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisreset.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iismui.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\ftpsapi2.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\convlog.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\admxprox.dll
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\msmq
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\Logfiles
2009-10-10 11:11:38 ----D---- C:\Inetpub
2009-10-09 20:44:10 ----D---- C:\WINDOWS\system32\appmgmt
2009-10-09 18:52:11 ----HD---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-09 18:41:00 ----D---- C:\WINDOWS\system32\Adobe
2009-10-09 18:41:00 ----A---- C:\WINDOWS\system32\FileOps.exe
2009-10-09 18:32:55 ----D---- C:\WINDOWS\Prefetch
2009-10-09 18:24:45 ----D---- C:\Documents and Settings\Léo\Application Data\Malwarebytes
2009-10-09 18:24:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-09 18:24:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-09 18:23:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\bits
2009-10-09 18:23:38 ----D---- C:\WINDOWS\l2schemas
2009-10-09 18:20:00 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-09 18:16:28 ----D---- C:\WINDOWS\network diagnostic
2009-10-09 18:11:49 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2009-10-09 17:59:41 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-09 17:59:36 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-09 17:59:30 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-09 17:59:24 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-09 17:59:18 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-09 17:59:13 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-09 17:59:07 ----HD---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-09 17:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB972260$
2009-10-09 17:58:48 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-09 17:58:42 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-09 17:58:36 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-09 17:58:31 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-09 17:58:26 ----HD---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-09 17:58:23 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-09 17:57:55 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-09 17:57:43 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-09 17:57:38 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-09 17:57:33 ----HD---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-10-09 17:57:28 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-09 17:57:22 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-09 17:57:14 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-09 17:56:33 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-09 17:56:28 ----HD---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-09 17:56:10 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-09 17:56:04 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-09 17:55:59 ----HD---- C:\WINDOWS\$NtUninstallKB923689$
2009-10-09 17:55:40 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-09 17:55:34 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-09 17:55:28 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-09 17:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-09 17:55:12 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-09 17:55:05 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-09 17:54:50 ----HD---- C:\WINDOWS\$NtUninstallKB973768$
2009-10-09 17:54:31 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-09 17:54:25 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-09 17:54:19 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-09 17:54:13 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-09 17:54:07 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2009-10-09 17:54:01 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-09 17:53:53 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-09 17:53:47 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-09 17:53:37 ----D---- C:\Program Files\MSXML 4.0
2009-10-09 17:53:06 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-09 17:52:49 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-10-09 17:35:05 ----D---- C:\WINDOWS\system32\PreInstall
2009-10-09 17:35:02 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2009-10-09 17:02:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-09 16:56:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-10-09 16:35:16 ----D---- C:\Program Files\Microsoft Security Essentials
2009-10-09 16:35:03 ----HD---- C:\WINDOWS\$NtUninstallKB914882$
2009-10-09 16:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-09 07:00:56 ----SHD---- C:\FOUND.002
2009-10-09 06:45:10 ----D---- C:\Program Files\CCleaner
2009-10-09 06:35:52 ----SHD---- C:\FOUND.001
2009-10-07 22:37:34 ----D---- C:\Documents and Settings\Léo\Application Data\Help
2009-10-07 22:35:15 ----A---- C:\WINDOWS\whpt.dll
2009-10-07 22:35:15 ----A---- C:\WINDOWS\kpsharp.dll
2009-10-07 22:35:15 ----A---- C:\WINDOWS\kpscale.dll
2009-10-07 22:35:14 ----RA---- C:\WINDOWS\system32\CVShell.dll
2009-10-07 22:35:14 ----RA---- C:\WINDOWS\icccodes.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\sprof32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\ptpick32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\pfpick.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\pcdlib32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpsys32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpfp32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpcp32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpapi32.dll
2009-10-07 22:35:01 ----D---- C:\Program Files\Canvas 6
2009-10-07 22:35:01 ----D---- C:\KPCMS
2009-10-07 22:35:01 ----A---- C:\WINDOWS\kpcms.ini
2009-10-07 21:37:18 ----AD---- C:\Program Files\WinRAR
2009-10-07 21:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2009-10-07 21:27:02 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared
2009-10-07 20:36:47 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared
2009-10-07 20:36:47 ----D---- C:\Program Files\Autodesk
2009-10-07 20:36:05 ----D---- C:\Program Files\Fichiers communs\Designer
2009-10-07 20:35:38 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared
2009-10-07 20:35:38 ----D---- C:\Documents and Settings\Léo\Application Data\Autodesk
2009-10-07 20:35:38 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2009-10-07 19:31:14 ----D---- C:\Documents and Settings\Léo\Application Data\AdobeUM
2009-10-07 19:00:47 ----D---- C:\Documents and Settings\Léo\Application Data\Adobe
2009-10-07 18:53:33 ----D---- C:\Documents and Settings\Léo\Application Data\Mozilla
2009-10-07 18:48:10 ----D---- C:\Documents and Settings\Léo\Application Data\Thinstall
2009-10-07 18:40:29 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-10-07 18:24:58 ----D---- C:\Program Files\ER Mapper
2009-10-07 18:23:38 ----D---- C:\Program Files\GID
2009-10-07 18:23:37 ----D---- C:\Program Files\MapImagery
2009-10-07 18:22:03 ----D---- C:\Program Files\ChronoMap
2009-10-07 18:21:16 ----D---- C:\Program Files\ChronoVia
2009-10-07 18:15:45 ----A---- C:\WINDOWS\IsUn040c.exe
2009-10-07 18:15:00 ----A---- C:\WINDOWS\system32\rdocurs.dll
2009-10-07 18:14:59 ----A---- C:\WINDOWS\system32\dbmssocn.dll
2009-10-07 18:13:17 ----D---- C:\Documents and Settings\Léo\Application Data\MapInfo
2009-10-07 18:11:56 ----D---- C:\Program Files\MapInfo
2009-10-07 17:59:26 ----SHD---- C:\FOUND.000
2009-10-06 23:17:12 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-10-06 23:04:24 ----A---- C:\Program Files\wt3d.ini
2009-10-06 22:27:49 ----SHD---- C:\Recycled
2009-10-06 21:58:41 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-10-06 21:54:01 ----D---- C:\Documents and Settings\Léo\Application Data\CyberLink
2009-10-06 21:52:15 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-10-06 21:48:13 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-10-06 21:33:16 ----D---- C:\Program Files\Yahoo!
2009-10-06 21:33:09 ----D---- C:\WINDOWS\Acer
2009-10-06 21:33:09 ----D---- C:\Documents and Settings\Léo\Application Data\Macromedia
2009-10-06 21:31:32 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-10-06 21:30:11 ----D---- C:\Program Files\WinPCap
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\wpcap.dll
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\WanPacket.dll
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\pthreadVC.dll
2009-10-06 21:30:11 ----A---- C:\WINDOWS\system32\packet.dll
2009-10-06 21:30:01 ----D---- C:\WINDOWS\system32\DRVSTORE
2009-10-06 21:29:51 ----A---- C:\WINDOWS\system32\results.txt
2009-10-06 21:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-10-06 21:29:07 ----A---- C:\WINDOWS\system32\acerGina.dll
2009-10-06 21:28:37 ----D---- C:\Program Files\Launch Manager
2009-10-06 21:28:35 ----A---- C:\WINDOWS\system32\FILTRCOI.DLL
2009-10-06 21:27:25 ----A---- C:\WINDOWS\system32\Epm-Po.dll
2009-10-06 21:27:25 ----A---- C:\WINDOWS\system32\acpimof.dll
2009-10-06 21:25:46 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-10-06 21:25:13 ----ASH---- C:\Documents and Settings\Léo\Application Data\desktop.ini
2009-10-06 21:25:09 ----SD---- C:\Documents and Settings\Léo\Application Data\Microsoft
2009-10-06 21:25:08 ----D---- C:\Documents and Settings\Léo\Application Data\Identities
2009-10-06 21:25:08 ----D---- C:\Documents and Settings\Léo\Application Data\Acer
2009-10-06 21:23:50 ----SHD---- C:\System Volume Information
2009-10-06 21:13:55 ----D---- C:\WINDOWS\nview
2009-10-06 21:13:55 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-10-06 21:12:06 ----A---- C:\WINDOWS\YTB.EXE
2009-10-06 21:12:06 ----A---- C:\WINDOWS\EMEAWG.EXE

======List of files/folders modified in the last 2 months======

2009-12-04 14:46:22 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-12-04 14:44:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-04 08:17:40 ----A---- C:\WINDOWS\win.ini
2009-11-04 20:25:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-28 16:07:16 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-07 18:15:02 ----A---- C:\WINDOWS\ODBCINST.INI
2009-10-06 21:33:28 ----A---- C:\WINDOWS\ALaunch.ini
2009-10-06 21:23:44 ----AH---- C:\boot.ini
2009-10-06 21:12:08 ----A---- C:\WINDOWS\CLEANUP.CMD
2009-10-06 21:12:06 ----A---- C:\WINDOWS\HotFix.bat

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-10-06 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-19 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S3 ar8nahlp;ar8nahlp; C:\WINDOWS\system32\drivers\ar8nahlp.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2006-01-23 32512]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 Vswtrud;Vswtrud; C:\WINDOWS\system32\drivers\Vswtrud.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-20 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-09 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-11-19 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-30 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-10 19456]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2006-01-23 86016]
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Publicité
princekof
 Posté le 04/12/2009 à 15:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

D'accord pour les HHHAAAH!

Mea Culpa

philae
 Posté le 04/12/2009 à 15:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

ce n'est pas pour moi que je le dis, cela ne me dérange pas du tout, sauf qu'un de ces 4 tu vas arriver sur un forum ici ou ailleurs avec une infection tellement carabinée, qu'on ne pourra rien y faire et qu'à part formater ton pc, il n'y aura pas de solutions. Donc à toi de voir. Le jeu en vaut il la chandelle ???

on continue ce n'est pas terminé

*- Pour tous les lecteurs :
-- Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
-- Ne pas utiliser en dehors de ce cas de figure : dangereux!

Téléchargez Combofix (de sUBs) sur l'un de ces liens :

Lien 1
Lien 2
Lien 3

* IMPORTANT !!! Enregistrez ComboFix.exe sur votre Bureau


/!\ Désactivez votre antivirus / antispyware résident / TeaTimer de Spybot (s'ils fonctionnent encore! ) en général via un clic droit sur l'icône de la Zone de notification.

Désactiver les protections résidentes - Tutoriel

* Faites un double clic sur combofix.exe & suivez les invites.

* Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur votre PC avant toute suppression de nuisibles. Elle vous permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de vous aider plus facilement si jamais votre ordinateur rencontre un problème après une tentative de nettoyage.

* Suivez les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela vous est demandé, acceptez le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.

**Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

* Une fois que la Console de récupération Microsoft Windows est installée via ComboFix, vous devriez voir le message suivant:

* Cliquez sur Oui/Yes, pour poursuivre avec la recherche de nuisibles.

* Lorsque l'outil aura terminé, il vous affichera un rapport. Veuillez copier le contenu de C:\ComboFix.txt dans votre prochaine réponse.

princekof
 Posté le 04/12/2009 à 17:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Voila c'est fait

ComboFix 09-12-03.06 - Léo 04/12/2009 16:45.1.2 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.311 [GMT 1:00]
Lancé depuis: c:\documents and settings\Léo\Bureau\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\windows\system32\Cache
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((((((( Fichiers créés du 2009-11-04 au 2009-12-04 ))))))))))))))))))))))))))))))))))))
.

2009-12-04 13:26 . 2009-12-04 13:26 -------- d-----w- C:\UsbFix
2009-12-03 17:27 . 2009-12-03 17:27 -------- d-----w- C:\rsit
2009-12-03 17:26 . 2009-12-03 17:27 -------- d-----w- c:\program files\Trend Micro
2009-12-02 20:35 . 2009-12-02 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited
2009-12-02 20:35 . 2009-09-28 19:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-12-02 20:34 . 2009-12-02 20:35 -------- d-----w- c:\program files\CDBurnerXP
2009-12-02 19:34 . 2009-12-02 19:34 -------- d-----w- C:\FOUND.004
2009-12-02 17:03 . 2009-12-02 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-02 17:03 . 2009-12-02 17:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-02 17:03 . 2009-12-02 17:03 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-11-27 15:25 . 2009-11-27 15:25 -------- d-----w- C:\temp1
2009-11-27 15:19 . 2009-11-27 15:24 25986174 ----a-w- c:\temp\postgresql-8.3.5-1.zip
2009-11-27 14:00 . 2009-11-27 14:00 15917473 ----a-w- c:\temp\MIPRO78patch.exe
2009-11-27 13:59 . 2009-11-27 13:59 -------- d-----w- C:\TEMP
2009-11-23 20:58 . 2009-11-23 20:58 -------- d-----w- C:\OutputFolder
2009-11-22 16:30 . 2009-11-22 16:30 -------- d-----w- c:\program files\ER Mapper1
2009-11-22 16:27 . 2009-11-22 16:27 -------- d-----w- c:\windows\Crystal
2009-11-22 16:27 . 2009-11-22 16:27 -------- d-----w- c:\program files\Seagate Software
2009-11-22 16:27 . 2009-11-22 16:27 -------- d-----w- c:\documents and settings\All Users\Application Data\MapInfo
2009-11-22 09:56 . 2009-11-22 09:57 -------- d-----w- C:\Python26
2009-11-20 16:48 . 2009-11-20 16:48 -------- d-----w- c:\program files\JRE
2009-11-20 16:48 . 2009-11-20 16:48 -------- d-----w- c:\program files\OpenOffice.org 3
2009-11-20 15:44 . 2009-11-20 15:44 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-19 20:06 . 2009-11-19 20:07 -------- d-----w- c:\program files\AutoCAD 2008
2009-11-12 20:45 . 2009-11-12 20:45 -------- d-----w- C:\JEUX MICROSOFT
2009-11-12 19:32 . 2009-11-12 19:32 -------- d-----w- c:\program files\Fichiers communs\SWF Studio
2009-11-12 16:05 . 2009-11-12 16:05 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-10 18:13 . 2009-11-10 18:13 -------- d-----w- c:\program files\Filzip
2009-11-10 17:50 . 2009-11-10 17:50 -------- d-----w- c:\documents and settings\XMENS\Application Data\Malwarebytes
2009-11-10 17:50 . 2009-11-10 17:51 113528 ----a-w- c:\documents and settings\XMENS\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-10 17:49 . 2009-11-10 17:49 -------- d-sh--w- c:\documents and settings\XMENS\IETldCache
2009-11-10 17:47 . 2009-11-10 17:47 -------- d-----w- c:\documents and settings\XMENS
2009-11-06 21:44 . 2009-11-06 21:44 -------- d-----w- c:\program files\xPhil

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-04 16:01 . 2006-08-19 05:41 12 ----a-w- c:\windows\bthservsdp.dat
2009-12-04 07:20 . 2009-10-09 17:25 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-03 15:14 . 2009-10-09 17:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 15:13 . 2009-10-09 17:24 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-10 17:50 . 2009-11-10 17:48 128 ----a-w- c:\documents and settings\XMENS\Local Settings\Application Data\fusioncache.dat
2009-11-04 19:25 . 2006-08-19 05:21 581062 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-04 19:25 . 2006-08-19 05:21 110712 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-04 10:46 . 2009-11-04 10:46 -------- d-----w- c:\program files\Fichiers communs\AnswerWorks 4.0
2009-11-04 10:44 . 2009-11-04 10:44 -------- d-----w- c:\program files\Leica Geosystems
2009-11-04 10:35 . 2009-11-04 10:35 -------- d-----w- c:\documents and settings\All Users\Application Data\ESRI
2009-11-04 09:14 . 2009-11-04 09:14 -------- d-----w- c:\program files\EPSON
2009-11-04 09:14 . 2009-11-04 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-11-04 07:51 . 2009-11-04 07:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-03 16:56 . 2009-11-03 16:56 -------- d-----w- c:\program files\VS Revo Group
2009-11-02 19:42 . 2009-10-09 16:02 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 16:55 . 2009-11-02 16:55 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-11-02 16:32 . 2009-11-02 16:32 -------- d-----w- c:\program files\Business Objects
2009-11-02 16:26 . 2009-11-02 16:26 -------- d-----w- c:\program files\ESRI
2009-11-02 15:53 . 2009-11-02 15:53 -------- d-----w- c:\program files\Fichiers communs\ESRI
2009-11-02 15:50 . 2009-11-02 15:50 -------- d-----w- c:\program files\ArcGIS
2009-11-02 15:41 . 2009-11-02 15:41 188 ----a-w- c:\windows\system32\eDataSecurity.dat
2009-10-23 16:40 . 2009-10-23 16:40 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-10-23 16:38 . 2009-10-23 16:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-10-23 16:36 . 2009-10-23 16:36 -------- d-----w- c:\program files\Microsoft
2009-10-23 16:35 . 2009-10-23 16:35 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-23 16:34 . 2009-10-23 16:34 -------- d-----w- c:\program files\Windows Live
2009-10-23 16:27 . 2009-10-23 16:27 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-10-21 21:04 . 2009-10-21 21:04 -------- d-----w- c:\program files\ShapeSelect
2009-10-21 21:04 . 2009-10-21 21:04 -------- d-----w- c:\program files\Phildigit
2009-10-21 21:04 . 2009-10-21 21:04 -------- d-----w- c:\program files\Philcarto
2009-10-19 21:04 . 2009-10-19 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-19 19:14 . 2009-10-19 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM
2009-10-19 19:12 . 2009-10-19 19:12 -------- d-----w- c:\program files\Bonjour
2009-10-19 17:58 . 2009-10-19 17:58 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-10-19 17:55 . 2009-10-19 17:55 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-10-19 17:50 . 2009-10-19 17:50 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-19 17:44 . 2009-10-19 17:44 -------- d-----w- c:\program files\ConTEXT
2009-10-16 22:02 . 2009-10-16 22:02 -------- d-----w- c:\program files\khi3
2009-10-16 20:50 . 2009-10-16 20:50 -------- d-----w- c:\program files\Micro Application
2009-10-15 17:00 . 2009-10-15 17:00 0 ----a-w- c:\windows\nsreg.dat
2009-10-15 12:59 . 2009-10-15 12:59 -------- d-----w- c:\program files\Google
2009-10-15 12:00 . 2009-10-15 12:00 -------- d-----w- c:\program files\MSBuild
2009-10-15 11:52 . 2009-10-15 11:52 -------- d-----w- c:\program files\Reference Assemblies
2009-10-15 11:09 . 2009-10-15 11:09 37027 ----a-w- c:\windows\atmoUn.exe
2009-10-15 11:09 . 2009-10-15 11:09 -------- d-----w- c:\program files\Viewpoint
2009-10-15 11:09 . 2009-10-15 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-10-15 10:01 . 2009-10-15 10:01 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-12 21:16 . 2009-10-12 21:16 -------- d-----w- c:\program files\Sun
2009-10-12 21:12 . 2009-10-12 21:12 -------- d-----w- c:\program files\Java
2009-10-12 21:12 . 2009-10-12 21:12 -------- d-----w- c:\program files\Fichiers communs\Java
2009-10-10 19:27 . 2009-10-10 19:27 -------- d-----w- c:\program files\Bank
2009-10-09 17:26 . 2006-08-19 04:08 86815 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-09 17:24 . 2009-10-09 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-09 17:24 . 2009-10-09 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-09 16:58 . 2009-10-09 16:58 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-10-09 16:53 . 2009-10-09 16:53 -------- d-----w- c:\program files\MSXML 4.0
2009-10-09 15:35 . 2009-10-09 15:35 -------- d-----w- c:\program files\Microsoft Security Essentials
2009-10-09 05:45 . 2009-10-09 05:45 -------- d-----w- c:\program files\CCleaner
2009-10-07 21:35 . 2009-10-07 21:35 -------- d-----w- c:\program files\Canvas 6
2009-10-07 20:27 . 2009-10-07 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision
2009-10-07 20:27 . 2009-10-07 20:27 -------- d-----w- c:\program files\Fichiers communs\Adobe Systems Shared
2009-10-07 19:36 . 2009-10-07 19:36 -------- d-----w- c:\program files\Fichiers communs\Macrovision Shared
2009-10-07 19:36 . 2009-10-07 19:36 -------- d-----w- c:\program files\Autodesk
2009-10-07 19:35 . 2009-10-07 19:35 -------- d-----w- c:\program files\Fichiers communs\Autodesk Shared
2009-10-07 19:35 . 2009-10-07 19:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2009-10-07 17:25 . 2009-10-07 17:24 -------- d-----w- c:\program files\ER Mapper
2009-10-07 17:23 . 2009-10-07 17:23 -------- d-----w- c:\program files\GID
2009-10-07 17:23 . 2009-10-07 17:23 -------- d-----w- c:\program files\MapImagery
2009-10-07 17:22 . 2009-10-07 17:22 -------- d-----w- c:\program files\ChronoMap
2009-10-07 17:21 . 2009-10-07 17:21 -------- d-----w- c:\program files\ChronoVia
2009-10-07 17:11 . 2009-10-07 17:11 -------- d-----w- c:\program files\MapInfo
2009-10-06 22:17 . 2009-10-06 22:17 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 22:04 . 2009-10-06 22:04 251 ----a-w- c:\program files\wt3d.ini
2009-10-06 20:58 . 2009-10-06 20:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-10-06 20:52 . 2009-10-06 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-10-06 20:33 . 2009-10-06 20:33 -------- d-----w- c:\program files\Yahoo!
2009-10-06 20:29 . 2009-10-06 20:29 21275 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-10-06 20:29 . 2009-10-06 20:29 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Intel
2009-10-06 20:29 . 2009-10-06 20:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Intel
2009-10-06 20:28 . 2009-10-06 20:28 -------- d-----w- c:\program files\Launch Manager
2009-10-06 20:12 . 2004-09-27 16:15 971 ----a-w- c:\windows\CLEANUP.CMD
2009-10-06 20:12 . 2004-09-21 13:28 8 ----a-w- c:\windows\HotFix.bat
2009-09-11 14:18 . 2004-08-10 19:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MediaDico"="c:\program files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement" [X]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-30 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-23 2001648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 61440]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-20 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-07-20 1519616]
"MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2008-04-14 177152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2009-10-7 113664]
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\System32\\mqsvc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19/10/2009 18:50 685816]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/11/2009 08:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/11/2009 08:43 74480]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/11/2009 08:43 7408]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/10/2009 13:59 133104]
S3 Vswtrud;Vswtrud; [x]
.
Contenu du dossier 'Tâches planifiées'

2009-12-04 c:\windows\Tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

2009-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 12:59]

2009-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 12:59]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Léo\Application Data\Mozilla\Firefox\Profiles\4tsqm6fc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOAWA1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-ePresentation - c:\windows\UnInst32.exe AcerePrj.UNI
AddRemove-GridVista - c:\windows\UnInst32.exe GridV.UNI
AddRemove-LManager - c:\windows\UnInst32.exe LManager.UNI
AddRemove-NVIDIA Drivers - c:\windows\system32\nvudisp.exe UninstallGUI



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-04 17:05
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x86F7A8AC]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7616f28
\Driver\ACPI -> ACPI.sys @ 0xf7306cb8
\Driver\atapi -> atapi.sys @ 0xf727db40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
NDIS: Broadcom 440x 10/100 Integrated Controller -> SendCompleteHandler -> NDIS.sys @ 0xf71aabb0
PacketIndicateHandler -> NDIS.sys @ 0xf71b7a21
SendHandler -> NDIS.sys @ 0xf719587b
user & kernel MBR OK

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2965774411-1647369187-2304096231-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(912)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\Léo\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

- - - - - - - > 'explorer.exe'(1816)
c:\windows\system32\MSNChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\MSVCR71.dll
c:\progra~1\WINDOW~3\wmpband.dll
c:\acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\msdtc.exe
c:\acer\Empowering Technology\admServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\snmp.exe
c:\windows\system32\mqsvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\docume~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Heure de fin: 2009-12-04 17:10 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-04 16:10

Avant-CF: 25 523 748 864 octets libres
Après-CF: 25 325 993 984 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - F2852088E4717CC448B66E140515B5A5

philae
 Posté le 04/12/2009 à 18:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

ok je vais regarder ça tout à l'heure, il me faut préparer le repas, je reviens ensuite

philae
 Posté le 04/12/2009 à 20:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

de retour,

il faudrait faire ceci :

* Télécharge SmitfraudFix de S!Ri, balltrap34 et moe31
Démo (merci Balltrap34)

* Installe le à la racine de C

* double clic sur l'exe pour le décompresser et lancer le fix.
Utilisation ----- option 1 - Recherche :
* Double clique sur smitfraudfix.cmd * Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
* Poste le rapport ici
process.exe
est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

ensuite

* Redémarre l'ordinateur en mode sans échec
http://www.bienvenue-chez-philae.fr/mse.html

* Double clique sur smitfraudfix.cmd
* Sélectionne 2 pour supprimer les fichiers responsables de l'infection.
A la question Voulez-vous nettoyer le registre ? répondre O (oui) afin de débloquer le fond d'écran et supprimer les clés de démarrage automatique de l'infection.
Le fix déterminera si le fichier wininet.dll est infecté.
A la question Corriger le fichier infecté ? répondre O (oui) pour remplacer le fichier corrompu.

* Redémarre en mode normal et poste le rapport ici

N.B.: Cette étape élimine les fichiers infectieux détectés à l'étape #1
Attention que l'option 2 de l'outil supprime le fond d'écran !


process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

ainsi qu'un nouveau rapport RSIT stp

princekof
 Posté le 07/12/2009 à 08:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour

Je veux ajouter une réponse mais j'ai le message suivant: ERREUE 500. ERREUR INTERNE AU SERVEUR

princekof
 Posté le 07/12/2009 à 08:34 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Salut à tous

Bonjour Philae.

Je n'ai pas de connexion internet le week end. C'est la cause de mon retard. Je vous présente mes excuses.

J'ai eu un visiteur qui a branché mon disque externe sur mon PC quand j'étais occupé à autres choses.

Je ne sais pas si tout ce que j'ai la dernière fois est nul.

Merci pour tout

Voici les rapports.

SmitFraudFix v2.424

Rapport fait à 21:01:26,95, 05/12/2009
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Léo


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LÉO\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Léo\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LÉO\FAVORIS


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS



»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

princekof
 Posté le 07/12/2009 à 08:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

rapport 2

qSmitFraudFix v2.424

Rapport fait à 21:11:37,26, 05/12/2009
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS



»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK.2



»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Publicité
princekof
 Posté le 07/12/2009 à 08:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Logfile of random's system information tool 1.06 (written by random/random)
Run by Léo at 2009-12-05 21:26:21
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (44%) free of 54 GB
Total RAM: 1022 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:26:30, on 05/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\Léo\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Léo.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256888686171
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 12299 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-02-22 106496]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-09-23 61440]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-20 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-30 39408]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 2 months======

2009-12-05 21:19:34 ----A---- C:\rapport21H19.txt
2009-12-05 21:04:00 ----A---- C:\rapport21H03.txt
2009-12-05 15:44:15 ----A---- C:\rapport2_05122009.txt
2009-12-05 15:32:08 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-05 15:13:18 ----A---- C:\rapport1_05122009.txt
2009-12-05 15:09:09 ----A---- C:\WINDOWS\system32\tmp.txt
2009-12-05 15:09:05 ----A---- C:\rapport.txt
2009-12-05 15:07:23 ----D---- C:\SmitfraudFix
2009-12-05 15:03:56 ----A---- C:\SmitfraudFix.exe
2009-12-04 19:56:09 ----SHD---- C:\Recycled
2009-12-04 17:10:23 ----A---- C:\ComboFix.txt
2009-12-04 16:43:49 ----A---- C:\Boot.bak
2009-12-04 16:43:43 ----RASHD---- C:\cmdcons
2009-12-04 16:42:07 ----A---- C:\WINDOWS\zip.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\SWSC.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\SWREG.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\sed.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\PEV.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\MBR.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\grep.exe
2009-12-04 16:38:55 ----D---- C:\WINDOWS\ERDNT
2009-12-04 16:35:42 ----D---- C:\Qoobox
2009-12-04 14:53:54 ----RAD---- C:\autorun.inf
2009-12-04 14:48:21 ----A---- C:\UsbFix.txt
2009-12-04 14:38:49 ----D---- C:\Documents and Settings\Léo\Application Data\WinRAR
2009-12-04 14:26:36 ----D---- C:\UsbFix
2009-12-03 18:27:33 ----D---- C:\rsit
2009-12-03 18:26:58 ----D---- C:\Program Files\Trend Micro
2009-12-02 21:35:45 ----D---- C:\Documents and Settings\Léo\Application Data\Canneverbe_Limited
2009-12-02 21:35:39 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2009-12-02 21:34:58 ----D---- C:\Program Files\CDBurnerXP
2009-12-02 20:34:52 ----D---- C:\FOUND.004
2009-12-02 18:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:40 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-02 18:03:39 ----D---- C:\Documents and Settings\Léo\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:11 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-27 16:25:31 ----D---- C:\temp1
2009-11-27 14:59:24 ----D---- C:\TEMP
2009-11-27 14:56:06 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-27 14:54:16 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-23 21:58:49 ----D---- C:\OutputFolder
2009-11-22 18:29:20 ----A---- C:\WINDOWS\mapimagery.INI
2009-11-22 17:30:19 ----D---- C:\Program Files\ER Mapper1
2009-11-22 17:27:19 ----D---- C:\WINDOWS\Crystal
2009-11-22 17:27:18 ----D---- C:\Program Files\Seagate Software
2009-11-22 17:27:18 ----D---- C:\Documents and Settings\All Users\Application Data\MapInfo
2009-11-22 10:56:59 ----D---- C:\Python26
2009-11-20 17:52:36 ----D---- C:\Documents and Settings\Léo\Application Data\OpenOffice.org
2009-11-20 17:48:42 ----D---- C:\Program Files\JRE
2009-11-20 17:48:26 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\java.exe
2009-11-20 16:44:38 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-19 21:06:59 ----D---- C:\Program Files\AutoCAD 2008
2009-11-19 20:51:36 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-11-12 21:45:35 ----D---- C:\JEUX MICROSOFT
2009-11-12 20:32:16 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-11-12 20:32:15 ----SHD---- C:\Documents and Settings\Léo\Application Data\.#
2009-11-12 17:05:26 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-12 16:54:41 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 19:18:14 ----A---- C:\WINDOWS\Filzip.ini
2009-11-10 19:13:18 ----D---- C:\Program Files\Filzip
2009-11-06 22:44:20 ----D---- C:\Program Files\xPhil
2009-11-04 12:35:22 ----A---- C:\WINDOWS\ArcView9x.INI
2009-11-04 11:46:25 ----D---- C:\Program Files\Fichiers communs\AnswerWorks 4.0
2009-11-04 11:44:33 ----D---- C:\Program Files\Leica Geosystems
2009-11-04 11:35:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESRI
2009-11-04 10:14:35 ----D---- C:\Program Files\EPSON
2009-11-04 10:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2009-11-04 09:03:04 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-11-04 08:51:40 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-03 18:47:24 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-03 17:56:14 ----D---- C:\Program Files\VS Revo Group
2009-11-02 21:01:32 ----D---- C:\Documents and Settings\Léo\Application Data\Intel
2009-11-02 17:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-11-02 17:37:38 ----D---- C:\arcgis
2009-11-02 17:32:56 ----D---- C:\Program Files\Business Objects
2009-11-02 17:28:41 ----A---- C:\WINDOWS\system32\python25.dll
2009-11-02 17:26:52 ----D---- C:\Program Files\ESRI
2009-11-02 17:25:20 ----D---- C:\Documents and Settings\Léo\Application Data\ESRI
2009-11-02 16:53:00 ----D---- C:\Program Files\Fichiers communs\ESRI
2009-11-02 16:50:02 ----D---- C:\Python25
2009-11-02 16:50:02 ----D---- C:\Program Files\ArcGIS
2009-10-30 08:52:41 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-10-24 20:55:42 ----D---- C:\WINDOWS\Minidump
2009-10-23 18:37:40 ----HD---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-23 18:35:55 ----HD---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-23 17:40:31 ----D---- C:\Program Files\Microsoft Sync Framework
2009-10-23 17:38:52 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-10-23 17:38:17 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-23 17:36:02 ----D---- C:\Program Files\Microsoft
2009-10-23 17:35:31 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-23 17:34:53 ----D---- C:\Program Files\Windows Live
2009-10-23 17:27:30 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-10-21 22:04:45 ----D---- C:\Program Files\ShapeSelect
2009-10-21 22:04:20 ----D---- C:\Program Files\Phildigit
2009-10-21 22:04:06 ----D---- C:\Program Files\Philcarto
2009-10-19 22:04:29 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-10-19 20:14:16 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2009-10-19 20:12:09 ----D---- C:\Program Files\Bonjour
2009-10-19 19:02:47 ----D---- C:\Documents and Settings\Léo\Application Data\DAEMON Tools Pro
2009-10-19 18:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2009-10-19 18:55:14 ----D---- C:\Program Files\DAEMON Tools Pro
2009-10-19 18:44:21 ----D---- C:\Program Files\ConTEXT
2009-10-16 23:02:31 ----D---- C:\Program Files\khi3
2009-10-16 21:50:32 ----A---- C:\WINDOWS\RACHook12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.ini
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaDico12Dll.dll
2009-10-16 21:50:21 ----D---- C:\Program Files\Micro Application
2009-10-16 21:50:04 ----A---- C:\WINDOWS\NAVIGMA.INI
2009-10-15 17:59:41 ----D---- C:\Program Files\Mozilla Firefox
2009-10-15 14:02:00 ----D---- C:\Documents and Settings\Léo\Application Data\Google
2009-10-15 13:59:37 ----D---- C:\Program Files\Google
2009-10-15 13:20:12 ----HD---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-15 13:20:06 ----HD---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-15 13:19:46 ----HD---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-15 13:04:13 ----HD---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-15 13:00:33 ----D---- C:\Program Files\MSBuild
2009-10-15 12:54:54 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-15 12:54:51 ----D---- C:\WINDOWS\system32\en-us
2009-10-15 12:52:07 ----D---- C:\Program Files\Reference Assemblies
2009-10-15 12:50:51 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-15 12:09:22 ----A---- C:\WINDOWS\atmoUn.exe
2009-10-15 12:09:21 ----D---- C:\Program Files\Viewpoint
2009-10-15 12:09:21 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-10-15 11:02:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-15 11:02:01 ----HD---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-10-15 11:01:08 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-15 11:00:09 ----HD---- C:\WINDOWS\$NtUninstallwmp11$
2009-10-15 10:58:43 ----HD---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-10-15 10:58:07 ----HD---- C:\WINDOWS\$NtUninstallWudf01000$
2009-10-15 10:57:23 ----HD---- C:\WINDOWS\$NtUninstallKB925766$
2009-10-15 10:49:04 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 10:48:56 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 10:45:22 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 10:45:05 ----HD---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 10:44:30 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 10:43:57 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 10:43:37 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 10:43:15 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 10:42:53 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 10:42:25 ----HD---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 10:39:43 ----HD---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-15 10:39:03 ----HD---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-15 10:38:57 ----D---- C:\WINDOWS\ie8updates
2009-10-15 10:38:50 ----HD---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-15 10:38:38 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-15 10:38:33 ----HD---- C:\WINDOWS\$NtUninstallKB970483$
2009-10-15 10:38:25 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-15 10:38:18 ----HD---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-15 10:38:05 ----HD---- C:\WINDOWS\$NtUninstallKB953155$
2009-10-15 10:37:52 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-14 20:06:50 ----D---- C:\FOUND.003
2009-10-12 22:16:22 ----D---- C:\Program Files\Sun
2009-10-12 22:12:12 ----D---- C:\Program Files\Java
2009-10-12 22:12:07 ----D---- C:\Program Files\Fichiers communs\Java
2009-10-12 22:08:35 ----D---- C:\Documents and Settings\Léo\Application Data\Sun
2009-10-11 18:30:32 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-11 18:30:07 ----D---- C:\WINDOWS\WBEM
2009-10-11 18:28:19 ----HD---- C:\WINDOWS\ie8
2009-10-10 20:27:06 ----D---- C:\Program Files\Bank
2009-10-10 11:13:33 ----D---- C:\WINDOWS\IIS Temporary Compressed Files
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\snprfdll.dll
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.ini
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\regtrace.exe
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\ntfsdrct.ini
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\fcachdll.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\adsiisex.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3svapi.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\axperf.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\aspperf.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\wamregps.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.ini
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\inetsloc.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisrstap.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisreset.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iismui.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\ftpsapi2.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\convlog.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\admxprox.dll
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\msmq
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\Logfiles
2009-10-10 11:11:38 ----D---- C:\Inetpub
2009-10-09 20:44:10 ----D---- C:\WINDOWS\system32\appmgmt
2009-10-09 18:52:11 ----HD---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-09 18:41:00 ----D---- C:\WINDOWS\system32\Adobe
2009-10-09 18:41:00 ----A---- C:\WINDOWS\system32\FileOps.exe
2009-10-09 18:32:55 ----D---- C:\WINDOWS\Prefetch
2009-10-09 18:24:45 ----D---- C:\Documents and Settings\Léo\Application Data\Malwarebytes
2009-10-09 18:24:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-09 18:24:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-09 18:23:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\bits
2009-10-09 18:23:38 ----D---- C:\WINDOWS\l2schemas
2009-10-09 18:20:00 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-09 18:16:28 ----D---- C:\WINDOWS\network diagnostic
2009-10-09 18:11:49 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2009-10-09 17:59:41 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-09 17:59:36 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-09 17:59:30 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-09 17:59:24 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-09 17:59:18 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-09 17:59:13 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-09 17:59:07 ----HD---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-09 17:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB972260$
2009-10-09 17:58:48 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-09 17:58:42 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-09 17:58:36 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-09 17:58:31 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-09 17:58:26 ----HD---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-09 17:58:23 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-09 17:57:55 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-09 17:57:43 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-09 17:57:38 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-09 17:57:33 ----HD---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-10-09 17:57:28 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-09 17:57:22 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-09 17:57:14 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-09 17:56:33 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-09 17:56:28 ----HD---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-09 17:56:10 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-09 17:56:04 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-09 17:55:59 ----HD---- C:\WINDOWS\$NtUninstallKB923689$
2009-10-09 17:55:40 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-09 17:55:34 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-09 17:55:28 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-09 17:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-09 17:55:12 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-09 17:55:05 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-09 17:54:50 ----HD---- C:\WINDOWS\$NtUninstallKB973768$
2009-10-09 17:54:31 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-09 17:54:25 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-09 17:54:19 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-09 17:54:13 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-09 17:54:07 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2009-10-09 17:54:01 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-09 17:53:53 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-09 17:53:47 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-09 17:53:37 ----D---- C:\Program Files\MSXML 4.0
2009-10-09 17:53:06 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-09 17:52:49 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-10-09 17:35:05 ----D---- C:\WINDOWS\system32\PreInstall
2009-10-09 17:35:02 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2009-10-09 17:02:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-09 16:56:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-10-09 16:35:16 ----D---- C:\Program Files\Microsoft Security Essentials
2009-10-09 16:35:03 ----HD---- C:\WINDOWS\$NtUninstallKB914882$
2009-10-09 16:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-09 07:00:56 ----D---- C:\FOUND.002
2009-10-09 06:45:10 ----D---- C:\Program Files\CCleaner
2009-10-09 06:35:52 ----D---- C:\FOUND.001
2009-10-07 22:37:34 ----D---- C:\Documents and Settings\Léo\Application Data\Help
2009-10-07 22:35:15 ----A---- C:\WINDOWS\whpt.dll
2009-10-07 22:35:15 ----A---- C:\WINDOWS\kpsharp.dll
2009-10-07 22:35:15 ----A---- C:\WINDOWS\kpscale.dll
2009-10-07 22:35:14 ----RA---- C:\WINDOWS\system32\CVShell.dll
2009-10-07 22:35:14 ----RA---- C:\WINDOWS\icccodes.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\sprof32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\ptpick32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\pfpick.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\pcdlib32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpsys32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpfp32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpcp32.dll
2009-10-07 22:35:14 ----A---- C:\WINDOWS\kpapi32.dll
2009-10-07 22:35:01 ----D---- C:\Program Files\Canvas 6
2009-10-07 22:35:01 ----D---- C:\KPCMS
2009-10-07 22:35:01 ----A---- C:\WINDOWS\kpcms.ini
2009-10-07 21:37:18 ----AD---- C:\Program Files\WinRAR
2009-10-07 21:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2009-10-07 21:27:02 ----D---- C:\Program Files\Fichiers communs\Adobe Systems Shared
2009-10-07 20:36:47 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared
2009-10-07 20:36:47 ----D---- C:\Program Files\Autodesk
2009-10-07 20:36:05 ----D---- C:\Program Files\Fichiers communs\Designer
2009-10-07 20:35:38 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared
2009-10-07 20:35:38 ----D---- C:\Documents and Settings\Léo\Application Data\Autodesk
2009-10-07 20:35:38 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2009-10-07 19:31:14 ----D---- C:\Documents and Settings\Léo\Application Data\AdobeUM
2009-10-07 19:00:47 ----D---- C:\Documents and Settings\Léo\Application Data\Adobe
2009-10-07 18:53:33 ----D---- C:\Documents and Settings\Léo\Application Data\Mozilla
2009-10-07 18:48:10 ----D---- C:\Documents and Settings\Léo\Application Data\Thinstall
2009-10-07 18:40:29 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-10-07 18:24:58 ----D---- C:\Program Files\ER Mapper
2009-10-07 18:23:38 ----D---- C:\Program Files\GID
2009-10-07 18:23:37 ----D---- C:\Program Files\MapImagery
2009-10-07 18:22:03 ----D---- C:\Program Files\ChronoMap
2009-10-07 18:21:16 ----D---- C:\Program Files\ChronoVia
2009-10-07 18:15:45 ----A---- C:\WINDOWS\IsUn040c.exe
2009-10-07 18:15:00 ----A---- C:\WINDOWS\system32\rdocurs.dll
2009-10-07 18:14:59 ----A---- C:\WINDOWS\system32\dbmssocn.dll
2009-10-07 18:13:17 ----D---- C:\Documents and Settings\Léo\Application Data\MapInfo
2009-10-07 18:11:56 ----D---- C:\Program Files\MapInfo
2009-10-07 17:59:26 ----D---- C:\FOUND.000
2009-10-06 23:17:12 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-10-06 23:04:24 ----A---- C:\Program Files\wt3d.ini
2009-10-06 21:58:41 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-10-06 21:54:01 ----D---- C:\Documents and Settings\Léo\Application Data\CyberLink
2009-10-06 21:52:15 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-10-06 21:48:13 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-10-06 21:33:16 ----D---- C:\Program Files\Yahoo!
2009-10-06 21:33:09 ----D---- C:\WINDOWS\Acer
2009-10-06 21:33:09 ----D---- C:\Documents and Settings\Léo\Application Data\Macromedia
2009-10-06 21:31:32 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-10-06 21:30:01 ----D---- C:\WINDOWS\system32\DRVSTORE
2009-10-06 21:29:51 ----A---- C:\WINDOWS\system32\results.txt
2009-10-06 21:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-10-06 21:29:07 ----A---- C:\WINDOWS\system32\acerGina.dll
2009-10-06 21:28:37 ----D---- C:\Program Files\Launch Manager
2009-10-06 21:28:35 ----A---- C:\WINDOWS\system32\FILTRCOI.DLL
2009-10-06 21:27:25 ----A---- C:\WINDOWS\system32\Epm-Po.dll
2009-10-06 21:27:25 ----A---- C:\WINDOWS\system32\acpimof.dll
2009-10-06 21:25:46 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-10-06 21:25:13 ----ASH---- C:\Documents and Settings\Léo\Application Data\desktop.ini
2009-10-06 21:25:09 ----SD---- C:\Documents and Settings\Léo\Application Data\Microsoft
2009-10-06 21:25:08 ----D---- C:\Documents and Settings\Léo\Application Data\Identities
2009-10-06 21:25:08 ----D---- C:\Documents and Settings\Léo\Application Data\Acer
2009-10-06 21:23:50 ----SHD---- C:\System Volume Information
2009-10-06 21:13:55 ----D---- C:\WINDOWS\nview
2009-10-06 21:13:55 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-10-06 21:12:06 ----A---- C:\WINDOWS\YTB.EXE
2009-10-06 21:12:06 ----A---- C:\WINDOWS\EMEAWG.EXE

======List of files/folders modified in the last 2 months======

2009-12-05 21:25:34 ----A---- C:\WINDOWS\win.ini
2009-12-05 21:24:24 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-12-05 21:05:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-04 17:05:50 ----A---- C:\WINDOWS\system.ini
2009-12-04 16:43:50 ----RASH---- C:\boot.ini
2009-11-04 20:25:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-28 16:07:16 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-22 10:17:28 ----N---- C:\WINDOWS\system32\mshtml.dll
2009-10-07 18:15:02 ----A---- C:\WINDOWS\ODBCINST.INI
2009-10-06 21:33:28 ----A---- C:\WINDOWS\ALaunch.ini
2009-10-06 21:12:08 ----A---- C:\WINDOWS\CLEANUP.CMD
2009-10-06 21:12:06 ----A---- C:\WINDOWS\HotFix.bat

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-10-06 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-19 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S3 a1iun5gy;a1iun5gy; C:\WINDOWS\system32\drivers\a1iun5gy.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Vswtrud;Vswtrud; C:\WINDOWS\system32\drivers\Vswtrud.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-20 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-09 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-11-19 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-30 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-10 19456]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

philae
 Posté le 07/12/2009 à 14:38 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

ps de soucis pour ton retard. Chacun ses occupations.

ce qu'on a fait n'est pas annulé pour autant. Je regarde les rapports, je reviens ensuite

philae
 Posté le 07/12/2009 à 15:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

re

J'ai eu un visiteur qui a branché mon disque externe sur mon PC quand j'étais occupé à autres choses.

par contre là c'est pas bien.

on va recommencer tout de même la manip avec USBFix, car visiblement l'infection est de nouveau présente;

remonte dans le sujet et reprends la manip que j'avais donné concernant USBFix et poste les rapports à l'issu. Egalement ensuite un rapport neuf de RSIT


princekof
 Posté le 07/12/2009 à 16:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Premier rapport

############################## | UsbFix V6.059 |

User : Léo (Administrateurs) # SUPERADA
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:33:17 | 07/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Microsoft Security Essentials 2.0.6212.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 53,2 Go (23,17 Go free) [ACER] # FAT32
D:\ -> Disque fixe local # 53,69 Go (35,57 Go free) [ACERDATA] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,9 Go (1,38 Go free) # FAT32
G:\ -> Disque CD-ROM
H:\ -> Disque amovible # 1,86 Go (777,27 Mo free) [ANICET] # FAT32
I:\ -> Disque fixe local # 465,76 Go (346,15 Go free) [MANASSE] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 552
C:\WINDOWS\system32\csrss.exe 896
C:\WINDOWS\system32\winlogon.exe 924
C:\WINDOWS\system32\services.exe 968
C:\WINDOWS\system32\lsass.exe 980
C:\WINDOWS\system32\svchost.exe 1132
C:\WINDOWS\system32\svchost.exe 1252
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe 1396
C:\WINDOWS\System32\svchost.exe 1432
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1532
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1580
C:\WINDOWS\system32\svchost.exe 1692
C:\WINDOWS\system32\svchost.exe 540
C:\WINDOWS\system32\spoolsv.exe 1332
C:\WINDOWS\system32\svchost.exe 356
C:\WINDOWS\system32\msdtc.exe 800
C:\Acer\Empowering Technology\admServ.exe 864
C:\Program Files\Bonjour\mDNSResponder.exe 1524
C:\WINDOWS\system32\svchost.exe 1720
C:\WINDOWS\eHome\ehRecvr.exe 1904
C:\WINDOWS\eHome\ehSched.exe 2000
C:\WINDOWS\system32\inetsrv\inetinfo.exe 408
C:\Program Files\Java\jre6\bin\jqs.exe 544
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1812
C:\Program Files\CDBurnerXP\NMSAccessU.exe 2416
C:\WINDOWS\system32\nvsvc32.exe 2432
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 2476
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2768
C:\WINDOWS\System32\snmp.exe 2812
C:\WINDOWS\system32\svchost.exe 3120
C:\WINDOWS\system32\mqsvc.exe 3220
C:\WINDOWS\ehome\mcrdsvc.exe 3408
C:\WINDOWS\system32\mqtgsvc.exe 3972
C:\WINDOWS\system32\wbem\wmiprvse.exe 2076
C:\WINDOWS\system32\dllhost.exe 2084
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2552
C:\WINDOWS\System32\alg.exe 2936
C:\WINDOWS\system32\wbem\wmiprvse.exe 3052
C:\WINDOWS\Explorer.EXE 2736
C:\WINDOWS\ehome\ehtray.exe 1300
C:\WINDOWS\eHome\ehmsas.exe 472
C:\WINDOWS\RTHDCPL.EXE 2684
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2712
C:\Acer\Empowering Technology\admtray.exe 2732
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 2756
C:\WINDOWS\system32\rundll32.exe 2264
C:\WINDOWS\system32\RUNDLL32.EXE 2220
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe 2932
C:\PROGRA~1\LAUNCH~1\LManager.exe 3128
C:\Acer\Empowering Technology\eRecovery\Monitor.exe 3248
C:\Program Files\Microsoft Security Essentials\msseces.exe 3304
C:\Program Files\Java\jre6\bin\jusched.exe 3416
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe 256
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe 1416
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3392
C:\WINDOWS\system32\wbem\unsecapp.exe 2796
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 2324
C:\WINDOWS\system32\ctfmon.exe 2588
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe 2960
C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe 2880
C:\Program Files\Mozilla Firefox\firefox.exe 2460
C:\WINDOWS\system32\ntvdm.exe 2904
C:\WINDOWS\SYSTEM32\WOWEXEC.EXE 1116

################## | Fichiers # Dossiers infectieux |


################## | Spyware.OnlineGames |


################## | Registre # Clés infectieuses |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |


################## | Cracks / Keygens / Serials |

"C:\Program Files\Java\jdk1.6.0_03\bin\serialver.exe"
24/09/2007 23:13 |Size 25600 |Crc32 6dee1fe9 |Md5 b49bd3ccf6bf94a955766dfc2d9a79bf

"I:\A INSTALLER\Adobe INSTALLATION\6PRO\Adobe.Acrobat.6.0.Professional.KeyGen.exe"
07/06/2003 18:35 |Size 54171 |Crc32 5e13c68e |Md5 c485d483991eecdc2bd29e40ec1d7f1c

"I:\A INSTALLER\Adobe INSTALLATION\audition\Crack\keygen.exe"
08/06/2004 21:16 |Size 17408 |Crc32 74b6e44e |Md5 a5ccbcb5f7f7b97f1f066d75aef1fe9f

"I:\A INSTALLER\AutoCAD 2006 (D)\KEYGEN\keygen.exe"
05/05/2005 18:26 |Size 71168 |Crc32 2263584c |Md5 60fdcd1106b1f70424cc141bb078f35d

"I:\UTILS\LOGICIEL PORTABLE PARIS\SECURITE\LOST KEYS\Keyfinder151\ViewNChangeVolumeSerialNumber.exe"
23/04/2005 10:02 |Size 36864 |Crc32 a5e1b024 |Md5 26c541f99219c6654c3c95a2c05f6cee


################## | ! Fin du rapport # UsbFix V6.059 ! |

princekof
 Posté le 07/12/2009 à 16:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Deuxième rapport
############################## | UsbFix V6.059 |

User : Léo (Administrateurs) # SUPERADA
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:48:20 | 07/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Microsoft Security Essentials 2.0.6212.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 53,2 Go (23,19 Go free) [ACER] # FAT32
D:\ -> Disque fixe local # 53,69 Go (35,57 Go free) [ACERDATA] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,9 Go (1,38 Go free) # FAT32
G:\ -> Disque CD-ROM
H:\ -> Disque amovible # 1,86 Go (777,27 Mo free) [ANICET] # FAT32
I:\ -> Disque fixe local # 465,76 Go (346,15 Go free) [MANASSE] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 552
C:\WINDOWS\system32\csrss.exe 896
C:\WINDOWS\system32\winlogon.exe 924
C:\WINDOWS\system32\services.exe 968
C:\WINDOWS\system32\lsass.exe 980
C:\WINDOWS\system32\svchost.exe 1136
C:\WINDOWS\system32\logonui.exe 1216
C:\WINDOWS\system32\svchost.exe 1236
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe 1384
C:\WINDOWS\System32\svchost.exe 1440
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1540
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1592
C:\WINDOWS\system32\svchost.exe 1688
C:\WINDOWS\system32\svchost.exe 280
C:\WINDOWS\system32\spoolsv.exe 728
C:\WINDOWS\system32\svchost.exe 1176
C:\WINDOWS\system32\msdtc.exe 1296
C:\Acer\Empowering Technology\admServ.exe 1364
C:\Program Files\Bonjour\mDNSResponder.exe 1924
C:\WINDOWS\system32\svchost.exe 184
C:\WINDOWS\eHome\ehRecvr.exe 240
C:\WINDOWS\eHome\ehSched.exe 348
C:\WINDOWS\system32\inetsrv\inetinfo.exe 596
C:\Program Files\Java\jre6\bin\jqs.exe 784
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 812
C:\Program Files\CDBurnerXP\NMSAccessU.exe 900
C:\WINDOWS\system32\nvsvc32.exe 860
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 1044
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1756
C:\WINDOWS\System32\snmp.exe 1956
C:\WINDOWS\system32\svchost.exe 2064
C:\WINDOWS\system32\mqsvc.exe 2140
C:\WINDOWS\ehome\mcrdsvc.exe 2528
C:\WINDOWS\system32\mqtgsvc.exe 2804
C:\WINDOWS\system32\wuauclt.exe 2956
C:\WINDOWS\system32\wbem\wmiprvse.exe 3176
C:\WINDOWS\system32\dllhost.exe 3268
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3404
C:\WINDOWS\System32\alg.exe 3472
C:\WINDOWS\system32\wbem\wmiprvse.exe 3656
C:\WINDOWS\Explorer.EXE 3252

################## | Fichiers # Dossiers infectieux |


################## | Spyware.OnlineGames |


################## | Registre # Clés infectieuses |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[19/08/2006 07:00|-rahs----|83] C:\Preload.aaa
[10/08/2004 20:00|-rahs----|4952] C:\Bootfont.bin
[09/10/2009 18:16|-rahs----|252240] C:\ntldr
[10/08/2004 20:00|-rahs----|47564] C:\NTDETECT.COM
[04/12/2009 16:43|-rahs----|279] C:\boot.ini
[19/08/2006 04:44|--a------|0] C:\CONFIG.SYS
[19/08/2006 05:32|--a------|50] C:\AUTOEXEC.BAT
[19/08/2006 04:44|-rahs----|0] C:\IO.SYS
[19/08/2006 04:44|-rahs----|0] C:\MSDOS.SYS
[19/08/2006 05:22|--a------|519] C:\RHDSetup.log
[11/11/1999 00:17|--a------|49] C:\MCE.TAG
[03/08/2004 23:00|--a------|263488] C:\cmldr
[07/12/2009 16:54|--a------|3635] C:\UsbFix.txt
[06/10/2009 21:23|--a------|209] C:\Boot.bak
[04/12/2009 17:10|--a------|23956] C:\ComboFix.txt
[05/12/2009 14:01|--a------|1872472] C:\SmitfraudFix.exe
[05/12/2009 21:18|--a------|1774] C:\rapport.txt
[05/12/2009 15:13|--a------|5185] C:\rapport1_05122009.txt
[05/12/2009 15:44|--a------|1774] C:\rapport2_05122009.txt
[?|?|?] C:\hiberfil.sys
[05/12/2009 21:04|--a------|4835] C:\rapport21H03.txt
[05/12/2009 21:19|--a------|1775] C:\rapport21H19.txt
[?|?|?] C:\pagefile.sys
[16/10/2008 12:39|--ah-----|162] D:\~$rŠs avoir fait une vie d‚cente.doc
[05/06/2008 11:18|---h-----|24064] D:\~WRL0005.tmp
[07/10/2009 19:46|--ahs----|62] D:\Copie de desktop.ini
[27/10/2008 11:12|---------|107522] F:\req 27869.jpg
[05/11/2008 13:45|---------|3240] F:\BOOTEX.LOG
[15/09/2002 18:08|---------|31998] F:\PORT2.jpg
[23/11/2004 05:08|---------|67167] F:\Logo.jpg
[26/09/2008 10:28|---------|90624] F:\Projet Budget 2009.xls
[12/12/2008 17:38|--a------|544] F:\plot.log
[19/01/2009 09:34|--a------|1700811] F:\ALODJISSO.jpg
[14/03/2008 10:37|---------|507292] F:\R‚gion maritime lom‚ lilikop‚.jpg
[31/10/2008 10:54|---------|26825646] F:\PLAN TF 673.JPEG.bmp
[12/12/2008 17:05|--a------|18432] F:\favture Kpalim‚ stade & monument aux morts.xls
[19/01/2009 09:36|--a------|1381217] F:\ALODJISSO 1.jpg
[03/11/2008 10:49|---------|24064] F:\AprŠs avoir fait une vie d‚cente.doc
[03/11/2008 12:35|---------|109630] F:\hounkali lissassou.jpg
[27/06/2007 14:21|---------|51200] F:\Bordereau d'envoi 12 juin 2007.doc
[09/12/2008 14:34|--a------|50176] F:\FACTURE TITRE FONCIER 201.doc
[09/12/2008 14:32|--a------|26112] F:\lettre de transmission de facture.doc
[09/12/2008 14:34|--a------|16384] F:\FACTURE TF 201.xls
[30/05/2006 14:22|--a------|30208] F:\contrat de vente VOSSAH Kossi sovi‚p‚ .doc
[27/10/2008 13:27|--a------|32768] F:\contrat de vente ALODZISO Mawuli sovi‚p‚ .doc
[24/12/2008 09:04|--a------|2801099] F:\ANTHONY ATLANTIC PRODUCE.jpg
[19/01/2009 13:24|--a------|48128] F:\BAIL ADA - DIARRA ISSA Kpogan Agodeke.doc
[04/12/2008 09:37|--a------|49664] F:\Bail ada.doc
[19/01/2009 13:26|--a------|38400] F:\BAIL ADA - DIARRA ISSA Kpogan Agodeke 1piŠce.doc
[01/07/2008 16:35|--a------|283738] F:\lettre d'admission au cycle SIGCC.jpg
[09/11/2009 08:15|--a------|516190] H:\Modele-Cahier-des-Charges-ERP.zip
[17/11/2009 07:43|--a------|36352] H:\Notes_g‚n...xls
[09/11/2009 20:50|--a------|7080064] H:\ALLELUIAH.mp3
[20/11/2009 07:09|--a------|745722] H:\stat.pdf
[03/12/2009 09:44|--a------|781909] H:\RSIT.exe
[18/11/2009 14:24|--a------|288155] H:\Lien-251.pdf
[10/11/2009 12:06|--a------|28672] H:\PERT VDM AFRIQUE DU SUD corrig‚.doc
[10/11/2009 12:24|--a------|25088] H:\PERT VDM AFRIQUE DU SUD corrig‚ A4.doc
[23/10/2009 15:06|--a------|131927] H:\variables visuelles.jpg
[10/11/2009 09:37|--a------|15360] H:\REALISATION MAQUETTE VDM.xls
[09/11/2009 16:29|--a------|21504] H:\CAHIER DE CHARGES VDM Afrique du Sud.doc
[10/11/2009 12:24|--a------|27648] H:\PERT VDM AFRIQUE DU SUD.doc
[03/12/2009 08:14|--a------|205469] H:\http___news.tara-voyance.co....pdf
[03/11/2009 09:12|--a------|5462] H:\norberte.JPG
[28/10/2009 16:54|--a------|13382] H:\ENSG.jpg
[14/11/2009 14:45|--a------|20110] H:\Document.rtf
[03/12/2009 09:47|--a------|812344] H:\HJTInstall.exe
[02/12/2009 09:44|--a------|1780792] H:\VIDEOma‡on.mp4
[05/11/2009 09:08|--a------|6483] H:\Document Koffi.rtf
[02/12/2009 12:50|--a------|4409491] H:\cdbxp_setup_4.2.7.1801.exe
[05/11/2009 21:20|--a------|26624] H:\Conseils de prudence Koffi.doc
[02/12/2009 07:59|--a------|1069220] H:\Aide au logement %E9tudiant CAF001.pdf
[01/09/2001 16:04|--a------|3566998] H:\Que tes oeuvres sont belles A219-1!.wav
[20/02/2008 17:24|--a------|193960] H:\H. MONDESIR_CARTOGRAPHIE ET SIG DANS LES COLLECTIVITES-0108.pdf
[19/11/2009 16:42|--a------|788890] H:\Infections par supports amo....pdf
[02/12/2009 14:43|--a------|7392288] H:\SUPERAntiSpywarePro.exe
[02/12/2009 22:35|--a------|835] H:\SUPERAntiSpyware Scan Log - 12-02-2009 - 20-29-28.log
[25/11/2009 09:53|--a------|194904] H:\Exemple de CV Chronologique.mht
[25/11/2009 13:48|--a------|169823] H:\plaquette_SIG2C_2009_2010.pdf
[25/11/2009 13:47|--a------|124890] H:\referentiel_SIGCC_2009.pdf
[20/11/2009 16:48|--a------|54199] H:\carte de s‚jour.pdf.pdf
[03/12/2009 08:12|--a------|237056] H:\Si vous ne pouvez pas lire ce message.doc
[04/12/2009 08:14|--a------|64] H:\Codep77_ini.ldb
[05/12/2009 14:01|--a------|1872472] H:\SmitfraudFix.exe
[05/12/2009 14:03|--a------|374164] H:\Mon PC redemarre tout seul.htm
[08/10/2009 17:10|--a------|632832] H:\SIGCC_program_2009-2010.doc
[09/10/2009 19:03|--a------|95744] H:\Situation Lumiere - Alimentation du 03-10-2009 au.xls
[09/10/2009 19:04|--a------|157184] H:\Situation Lumiere - Produits BB du 03-10-2009 au.xls
[12/10/2009 17:35|--a------|286138] H:\al8.pdf
[12/10/2009 15:03|--a------|858112] H:\contraintes.ppt
[14/10/2009 17:22|--a------|158637] H:\Curriculum.pdf
[25/04/2009 17:38|--a------|3872608256] I:\Windev - Webdev - Windev Mobile - v10.0 (0.37f) - Update (0.40g) - Dumpteam 4.5a6 - Packed by BigHoody.iso

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.
# I:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"C:\Program Files\Java\jdk1.6.0_03\bin\serialver.exe"
24/09/2007 23:13 |Size 25600 |Crc32 6dee1fe9 |Md5 b49bd3ccf6bf94a955766dfc2d9a79bf

"I:\A INSTALLER\Adobe INSTALLATION\6PRO\Adobe.Acrobat.6.0.Professional.KeyGen.exe"
07/06/2003 18:35 |Size 54171 |Crc32 5e13c68e |Md5 c485d483991eecdc2bd29e40ec1d7f1c

"I:\A INSTALLER\Adobe INSTALLATION\audition\Crack\keygen.exe"
08/06/2004 21:16 |Size 17408 |Crc32 74b6e44e |Md5 a5ccbcb5f7f7b97f1f066d75aef1fe9f

"I:\A INSTALLER\AutoCAD 2006 (D)\KEYGEN\keygen.exe"
05/05/2005 18:26 |Size 71168 |Crc32 2263584c |Md5 60fdcd1106b1f70424cc141bb078f35d

"I:\UTILS\LOGICIEL PORTABLE PARIS\SECURITE\LOST KEYS\Keyfinder151\ViewNChangeVolumeSerialNumber.exe"
23/04/2005 10:02 |Size 36864 |Crc32 a5e1b024 |Md5 26c541f99219c6654c3c95a2c05f6cee


################## | ! Fin du rapport # UsbFix V6.059 ! |

princekof
 Posté le 07/12/2009 à 17:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Et voila le dernier

Logfile of random's system information tool 1.06 (written by random/random)
Run by Léo at 2009-12-07 16:59:50
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 24 GB (44%) free of 54 GB
Total RAM: 1022 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59:59, on 07/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Léo\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Léo.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256888686171
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 11485 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-02-22 106496]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-21 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-08-10 352256]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-05-22 3080704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-09-23 61440]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-20 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-30 39408]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\mqsvc.exe"="C:\WINDOWS\System32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 2 months======

2009-12-07 16:54:10 ----RASHD---- C:\autorun.inf
2009-12-07 16:48:17 ----A---- C:\UsbFix.txt
2009-12-07 16:20:49 ----A---- C:\WINDOWS\system32\msvcr40d.dll
2009-12-07 16:20:38 ----D---- C:\informix
2009-12-07 16:19:32 ----A---- C:\WINDOWS\system32\MSRDO20.DLL
2009-12-07 16:19:32 ----A---- C:\WINDOWS\system32\mimsss17r.dll
2009-12-07 16:19:32 ----A---- C:\WINDOWS\system32\mimsss17.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\miora17s.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\miora17r.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\miora17.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\mimsss17s.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\miifcl17s.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\miifcl17r.dll
2009-12-07 16:19:31 ----A---- C:\WINDOWS\system32\miifcl17.dll
2009-12-07 16:19:23 ----A---- C:\WINDOWS\system32\miutl17r.dll
2009-12-07 16:19:23 ----A---- C:\WINDOWS\system32\miutl17.dll
2009-12-07 16:19:23 ----A---- C:\WINDOWS\system32\mibas17r.dll
2009-12-07 16:19:23 ----A---- C:\WINDOWS\system32\mibas17.dll
2009-12-05 21:19:34 ----A---- C:\rapport21H19.txt
2009-12-05 21:04:00 ----A---- C:\rapport21H03.txt
2009-12-05 15:44:15 ----A---- C:\rapport2_05122009.txt
2009-12-05 15:32:08 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-05 15:13:18 ----A---- C:\rapport1_05122009.txt
2009-12-05 15:09:09 ----A---- C:\WINDOWS\system32\tmp.txt
2009-12-05 15:09:05 ----A---- C:\rapport.txt
2009-12-05 15:07:23 ----D---- C:\SmitfraudFix
2009-12-05 15:03:56 ----A---- C:\SmitfraudFix.exe
2009-12-04 19:56:09 ----SHD---- C:\Recycled
2009-12-04 17:10:23 ----A---- C:\ComboFix.txt
2009-12-04 16:43:49 ----A---- C:\Boot.bak
2009-12-04 16:43:43 ----RASHD---- C:\cmdcons
2009-12-04 16:42:07 ----A---- C:\WINDOWS\zip.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\SWSC.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\SWREG.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\sed.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\PEV.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\MBR.exe
2009-12-04 16:42:07 ----A---- C:\WINDOWS\grep.exe
2009-12-04 16:38:55 ----D---- C:\WINDOWS\ERDNT
2009-12-04 16:35:42 ----D---- C:\Qoobox
2009-12-04 14:38:49 ----D---- C:\Documents and Settings\Léo\Application Data\WinRAR
2009-12-04 14:26:36 ----D---- C:\UsbFix
2009-12-03 18:27:33 ----D---- C:\rsit
2009-12-03 18:26:58 ----D---- C:\Program Files\Trend Micro
2009-12-02 21:35:45 ----D---- C:\Documents and Settings\Léo\Application Data\Canneverbe_Limited
2009-12-02 21:35:39 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2009-12-02 21:34:58 ----D---- C:\Program Files\CDBurnerXP
2009-12-02 20:34:52 ----D---- C:\FOUND.004
2009-12-02 18:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:40 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-02 18:03:39 ----D---- C:\Documents and Settings\Léo\Application Data\SUPERAntiSpyware.com
2009-12-02 18:03:11 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-27 16:25:31 ----D---- C:\temp1
2009-11-27 14:59:24 ----D---- C:\TEMP
2009-11-27 14:56:06 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-27 14:54:16 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-23 21:58:49 ----D---- C:\OutputFolder
2009-11-22 18:29:20 ----A---- C:\WINDOWS\mapimagery.INI
2009-11-22 17:30:19 ----D---- C:\Program Files\ER Mapper1
2009-11-22 17:27:19 ----D---- C:\WINDOWS\Crystal
2009-11-22 17:27:18 ----D---- C:\Program Files\Seagate Software
2009-11-22 17:27:18 ----D---- C:\Documents and Settings\All Users\Application Data\MapInfo
2009-11-22 10:56:59 ----D---- C:\Python26
2009-11-20 17:52:36 ----D---- C:\Documents and Settings\Léo\Application Data\OpenOffice.org
2009-11-20 17:48:42 ----D---- C:\Program Files\JRE
2009-11-20 17:48:26 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-20 17:47:38 ----A---- C:\WINDOWS\system32\java.exe
2009-11-20 16:44:38 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-19 21:06:59 ----D---- C:\Program Files\AutoCAD 2008
2009-11-19 20:51:36 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-11-12 21:45:35 ----D---- C:\JEUX MICROSOFT
2009-11-12 20:32:16 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-11-12 20:32:15 ----SHD---- C:\Documents and Settings\Léo\Application Data\.#
2009-11-12 17:05:26 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-12 16:54:41 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 19:18:14 ----A---- C:\WINDOWS\Filzip.ini
2009-11-10 19:13:18 ----D---- C:\Program Files\Filzip
2009-11-06 22:44:20 ----D---- C:\Program Files\xPhil
2009-11-04 12:35:22 ----A---- C:\WINDOWS\ArcView9x.INI
2009-11-04 11:46:25 ----D---- C:\Program Files\Fichiers communs\AnswerWorks 4.0
2009-11-04 11:44:33 ----D---- C:\Program Files\Leica Geosystems
2009-11-04 11:35:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESRI
2009-11-04 10:14:35 ----D---- C:\Program Files\EPSON
2009-11-04 10:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON
2009-11-04 09:03:04 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-11-04 08:51:40 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-11-03 18:47:24 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-03 17:56:14 ----D---- C:\Program Files\VS Revo Group
2009-11-02 21:01:32 ----D---- C:\Documents and Settings\Léo\Application Data\Intel
2009-11-02 17:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-11-02 17:37:38 ----D---- C:\arcgis
2009-11-02 17:32:56 ----D---- C:\Program Files\Business Objects
2009-11-02 17:28:41 ----A---- C:\WINDOWS\system32\python25.dll
2009-11-02 17:26:52 ----D---- C:\Program Files\ESRI
2009-11-02 17:25:20 ----D---- C:\Documents and Settings\Léo\Application Data\ESRI
2009-11-02 16:53:00 ----D---- C:\Program Files\Fichiers communs\ESRI
2009-11-02 16:50:02 ----D---- C:\Python25
2009-11-02 16:50:02 ----D---- C:\Program Files\ArcGIS
2009-10-30 08:52:41 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-10-24 20:55:42 ----D---- C:\WINDOWS\Minidump
2009-10-23 18:37:40 ----HD---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-23 18:35:55 ----HD---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-23 17:40:31 ----D---- C:\Program Files\Microsoft Sync Framework
2009-10-23 17:38:52 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-10-23 17:38:17 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-23 17:36:02 ----D---- C:\Program Files\Microsoft
2009-10-23 17:35:31 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-23 17:34:53 ----D---- C:\Program Files\Windows Live
2009-10-23 17:27:30 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-10-21 22:04:45 ----D---- C:\Program Files\ShapeSelect
2009-10-21 22:04:20 ----D---- C:\Program Files\Phildigit
2009-10-21 22:04:06 ----D---- C:\Program Files\Philcarto
2009-10-19 22:04:29 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-10-19 20:14:16 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2009-10-19 20:12:09 ----D---- C:\Program Files\Bonjour
2009-10-19 19:02:47 ----D---- C:\Documents and Settings\Léo\Application Data\DAEMON Tools Pro
2009-10-19 18:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2009-10-19 18:55:14 ----D---- C:\Program Files\DAEMON Tools Pro
2009-10-19 18:44:21 ----D---- C:\Program Files\ConTEXT
2009-10-16 23:02:31 ----D---- C:\Program Files\khi3
2009-10-16 21:50:32 ----A---- C:\WINDOWS\RACHook12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.ini
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaR12.dll
2009-10-16 21:50:32 ----A---- C:\WINDOWS\MediaDico12Dll.dll
2009-10-16 21:50:21 ----D---- C:\Program Files\Micro Application
2009-10-16 21:50:04 ----A---- C:\WINDOWS\NAVIGMA.INI
2009-10-15 17:59:41 ----D---- C:\Program Files\Mozilla Firefox
2009-10-15 14:02:00 ----D---- C:\Documents and Settings\Léo\Application Data\Google
2009-10-15 13:59:37 ----D---- C:\Program Files\Google
2009-10-15 13:20:12 ----HD---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-10-15 13:20:06 ----HD---- C:\WINDOWS\$NtUninstallKB929399$
2009-10-15 13:19:46 ----HD---- C:\WINDOWS\$NtUninstallKB939683$
2009-10-15 13:04:13 ----HD---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-15 13:00:33 ----D---- C:\Program Files\MSBuild
2009-10-15 12:54:54 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-15 12:54:51 ----D---- C:\WINDOWS\system32\en-us
2009-10-15 12:52:07 ----D---- C:\Program Files\Reference Assemblies
2009-10-15 12:50:51 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-15 12:09:22 ----A---- C:\WINDOWS\atmoUn.exe
2009-10-15 12:09:21 ----D---- C:\Program Files\Viewpoint
2009-10-15 12:09:21 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-10-15 11:02:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-15 11:02:01 ----HD---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-10-15 11:01:08 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-15 11:00:09 ----HD---- C:\WINDOWS\$NtUninstallwmp11$
2009-10-15 10:58:43 ----HD---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-10-15 10:58:07 ----HD---- C:\WINDOWS\$NtUninstallWudf01000$
2009-10-15 10:57:23 ----HD---- C:\WINDOWS\$NtUninstallKB925766$
2009-10-15 10:49:04 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 10:48:56 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2009-10-15 10:45:22 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 10:45:05 ----HD---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 10:44:30 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 10:43:57 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 10:43:37 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 10:43:15 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 10:42:53 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 10:42:25 ----HD---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 10:39:43 ----HD---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-15 10:39:03 ----HD---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-10-15 10:38:57 ----D---- C:\WINDOWS\ie8updates
2009-10-15 10:38:50 ----HD---- C:\WINDOWS\$NtUninstallKB956744$
2009-10-15 10:38:38 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-10-15 10:38:33 ----HD---- C:\WINDOWS\$NtUninstallKB970483$
2009-10-15 10:38:25 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-15 10:38:18 ----HD---- C:\WINDOWS\$NtUninstallKB954459$
2009-10-15 10:38:05 ----HD---- C:\WINDOWS\$NtUninstallKB953155$
2009-10-15 10:37:52 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2009-10-14 20:06:50 ----D---- C:\FOUND.003
2009-10-12 22:16:22 ----D---- C:\Program Files\Sun
2009-10-12 22:12:12 ----D---- C:\Program Files\Java
2009-10-12 22:12:07 ----D---- C:\Program Files\Fichiers communs\Java
2009-10-12 22:08:35 ----D---- C:\Documents and Settings\Léo\Application Data\Sun
2009-10-11 18:30:32 ----A---- C:\WINDOWS\system32\MRT.exe
2009-10-11 18:30:07 ----D---- C:\WINDOWS\WBEM
2009-10-11 18:28:19 ----HD---- C:\WINDOWS\ie8
2009-10-10 20:27:06 ----D---- C:\Program Files\Bank
2009-10-10 11:13:33 ----D---- C:\WINDOWS\IIS Temporary Compressed Files
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\snprfdll.dll
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.ini
2009-10-10 11:12:29 ----A---- C:\WINDOWS\system32\smtpctrs.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\regtrace.exe
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\ntfsdrct.ini
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\fcachdll.dll
2009-10-10 11:12:28 ----A---- C:\WINDOWS\system32\adsiisex.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3svapi.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\w3ctrs.dll
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\axperf.ini
2009-10-10 11:11:58 ----A---- C:\WINDOWS\system32\aspperf.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\wamregps.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.ini
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\infoctrs.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\inetsloc.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisrstap.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iisreset.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\iismui.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\ftpsapi2.dll
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\convlog.exe
2009-10-10 11:11:57 ----A---- C:\WINDOWS\system32\admxprox.dll
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\msmq
2009-10-10 11:11:38 ----D---- C:\WINDOWS\system32\Logfiles
2009-10-10 11:11:38 ----D---- C:\Inetpub
2009-10-09 20:44:10 ----D---- C:\WINDOWS\system32\appmgmt
2009-10-09 18:52:11 ----HD---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-10-09 18:41:00 ----D---- C:\WINDOWS\system32\Adobe
2009-10-09 18:41:00 ----A---- C:\WINDOWS\system32\FileOps.exe
2009-10-09 18:32:55 ----D---- C:\WINDOWS\Prefetch
2009-10-09 18:24:45 ----D---- C:\Documents and Settings\Léo\Application Data\Malwarebytes
2009-10-09 18:24:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-09 18:24:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-09 18:23:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\fr
2009-10-09 18:23:38 ----D---- C:\WINDOWS\system32\bits
2009-10-09 18:23:38 ----D---- C:\WINDOWS\l2schemas
2009-10-09 18:20:00 ----D---- C:\WINDOWS\ServicePackFiles
2009-10-09 18:16:28 ----D---- C:\WINDOWS\network diagnostic
2009-10-09 18:11:49 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2009-10-09 17:59:41 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-10-09 17:59:36 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2009-10-09 17:59:30 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2009-10-09 17:59:24 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2009-10-09 17:59:18 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2009-10-09 17:59:13 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2009-10-09 17:59:07 ----HD---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-10-09 17:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB972260$
2009-10-09 17:58:48 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2009-10-09 17:58:42 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2009-10-09 17:58:36 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2009-10-09 17:58:31 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2009-10-09 17:58:26 ----HD---- C:\WINDOWS\$NtUninstallKB973346$
2009-10-09 17:58:23 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-10-09 17:57:55 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2009-10-09 17:57:43 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2009-10-09 17:57:38 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2009-10-09 17:57:33 ----HD---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-10-09 17:57:28 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2009-10-09 17:57:22 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2009-10-09 17:57:14 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2009-10-09 17:56:33 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2009-10-09 17:56:28 ----HD---- C:\WINDOWS\$NtUninstallKB941569$
2009-10-09 17:56:10 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2009-10-09 17:56:04 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2009-10-09 17:55:59 ----HD---- C:\WINDOWS\$NtUninstallKB923689$
2009-10-09 17:55:40 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2009-10-09 17:55:34 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2009-10-09 17:55:28 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2009-10-09 17:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2009-10-09 17:55:12 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2009-10-09 17:55:05 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2009-10-09 17:54:50 ----HD---- C:\WINDOWS\$NtUninstallKB973768$
2009-10-09 17:54:31 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2009-10-09 17:54:25 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2009-10-09 17:54:19 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2009-10-09 17:54:13 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2009-10-09 17:54:07 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2009-10-09 17:54:01 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2009-10-09 17:53:53 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2009-10-09 17:53:47 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2009-10-09 17:53:37 ----D---- C:\Program Files\MSXML 4.0
2009-10-09 17:53:06 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2009-10-09 17:52:49 ----HD---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-10-09 17:35:05 ----D---- C:\WINDOWS\system32\PreInstall
2009-10-09 17:35:02 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2009-10-09 17:02:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-09 16:57:46 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-09 16:56:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-10-09 16:35:16 ----D---- C:\Program Files\Microsoft Security Essentials
2009-10-09 16:35:03 ----HD---- C:\WINDOWS\$NtUninstallKB914882$
2009-10-09 16:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-09 07:00:56 ----D---- C:\FOUND.002
2009-10-09 06:45:10 ----D---- C:\Program Files\CCleaner
2009-10-09 06:35:52 ----D---- C:\FOUND.001

======List of files/folders modified in the last 2 months======

2009-12-07 16:47:16 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-12-07 16:44:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-07 16:19:34 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-07 08:05:10 ----A---- C:\WINDOWS\win.ini
2009-12-07 08:04:40 ----A---- C:\WINDOWS\system32\eRLog.ini
2009-12-04 17:05:50 ----A---- C:\WINDOWS\system.ini
2009-12-04 16:43:50 ----RASH---- C:\boot.ini
2009-11-04 20:25:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-28 16:07:16 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-22 10:17:28 ----N---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-10-06 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-19 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-03 1429632]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 aujs6pab;aujs6pab; C:\WINDOWS\system32\drivers\aujs6pab.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 Vswtrud;Vswtrud; C:\WINDOWS\system32\drivers\Vswtrud.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-20 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-09 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-11-19 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-30 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-10 19456]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

philae
 Posté le 07/12/2009 à 22:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

supprime :

C:\WINDOWS\system32\tmp.txt

* relance superantispyware et poste le rapport

que dit ton pc actuellement ?

princekof
 Posté le 08/12/2009 à 09:39 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour à tous

Bonjour Philae

Voici le rapport que tu m'as demandé

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/08/2009 at 09:24 AM

Application Version : 4.31.1000

Core Rules Database Version : 4341
Trace Rules Database Version: 2191

Scan type : Complete Scan
Total Scan Time : 01:14:05

Memory items scanned : 538
Memory threats detected : 0
Registry items scanned : 16297
Registry threats detected : 0
File items scanned : 26314
File threats detected : 4

Adware.Tracking Cookie
C:\Documents and Settings\Léo\Cookies\léo@specificclick[2].txt
C:\Documents and Settings\Léo\Cookies\léo@doubleclick[2].txt
C:\Documents and Settings\Léo\Cookies\léo@atdmt[2].txt
C:\Documents and Settings\Léo\Cookies\léo@estat[1].txt

philae
 Posté le 08/12/2009 à 10:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

ce ne sont que des cookies, rien de méchant. Tu ne m'as pas répondu à ma question : comment se comporte le pc actuellement ?

Publicité
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
pc redémarre tout seul aprés cinq minutes
Mon ordinateur redémarre tout seul
mon pc redémarre tout seul !!!!!!!!!!!!!!!!!
Bonjour.Mon PC redemarre tout seul.
mon portable s'éteint et redémarre tout seul
Mon ordi redemarre tout seul !
XP redemarre tout seul ?
mon pc est devenu fou il redemarre tout seul
Redemarre tout seul après formatage
Mon pc redémarre tout seul
Plus de sujets relatifs à Mon PC redemarre tout seul
 > Tous les forums > Forum Windows XP