Bonjours a tous

j’ai un énorme problème et ce n’est plus qu’une question de temps voila jai telecharger un fichier a partir d’émule de petite taille et lorsque j’ai voulus vérifier s’il ne contenait aucun virus a l’aide d’avast une icône c’est afficher en bas en me disant q’un logiciel tentais de désactiver avast . Avast c’est de suite couper et j’ai donc par reflex débrancher mon ordinateur l’éteindre normalement aurais pris trop de temps et maintenant avast ne marche plus et le virus est toujours dans l’ordinateur il a eu le temps de me supprimer quelque logiciel pas très important mais j’ai peur que sa empire voila lorsque je lance avast sa me dit qu’il i a une erreur et que avast n’est plus une application valide de win 32 j’ai beau le supprimer des programme dans le panneau de configuration et le réinstaller cela ne marche toujours pas j’aimerais donc savoir comment résoudre ce problème et enfin virer ce foutu virus

merci d’avance

Salut

Fais dans l ordre

1)Télécharge FindyKill

==>FindyKill

Fais un clic droit sur le lien, enregistrer sous …sur le bureau

==>FindyKill de Chiquitine29

Dézippe le sur le bureau

Entre dans le dossier FindyKill

double clique sur FindyKill.exe

choisis l’option 1 rechrche

un rapport va s’ouvrir, poste le ici

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

2. télécharges --> Malwarebytes’ (mbam)

==>Malwarebytes’ (mbam)

installes + mise a jour
et
Redémarre en “Mode sans échec”

tapote sur la touche F8 jusqu’à l’affichage du menu des options avancées de Windows, et sélectionne “Mode sans échec”.
Choisis ta session habituelle

Lances–> Malwarebytes (MBAM)
==> Puis vas dans l’onglet “Recherche”, coche “Exécuter un examen complet” puis “Rechercher”
==> Sélectionnes tes disques durs" puis clique sur “Lancer l’examen”
==> A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
==> Suppression des éléments détectés --> cliques sur Supprimer la sélection==>Important à faire
=> S’il t’ es demandé de redémarrer, clique sur "oui "

aprés la suppression(s) de ou des infections trouvées --> poste le rapport ici

PS==>Si le "Mode sans Echec " ne fonctionne pas ==>Fais une analyse Compléte en mode classique + suppression(s)

3. Si tu as Windows XP et seulement dans ce cas

Télécharge Winsockxpfix

sur ton bureau sans l executer au cas tu en aurai besoin aprés

==>Winsockxpfix

Désactives ton antivirus( pas actif pour le moment ) et antispyware

vista, tu dois donc aussi désactiver l’UAC avant d’utiliser comboFix

Télécharge Combofix

vista, tu dois donc aussi désactiver l’UAC avant d’utiliser

==>Combofix

==>sur ton Bureau(et pas ailleurs) et renomme le avant qu’il vienne sur ton bureau.
pour ce faire fait un clic droit sur Combofix.exe ,choisis “enregistrer la cible du lien sous…” et renomme le en==>Serroth.com
==> et pour l’emplacement choisis ton bureau et cliques sur “enregistrer”
Fermez toutes les fenêtres ouvertes

Double clique==> Serroth.com ==>(Fichier renommé)
Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.
Lorsque le scan sera terminé, un rapport apparaîtra. Copie/colle ce rapport ici même.
==>Le rapport se trouve également ici : C:\Combofix.txt
==> tu ne devras pas cliquer dans la fenêtre de Combofix pendant l’analyse ; ceci provoquerait le blocage du programme.

vista, tu dois donc aussi réactiver l’UAC
PS
si ta connexion internet n’est plus active après le redémarrage

Windows XP ==>Fais un double clic sur le fichier de WinsockXPFix
clique sur “Fix”

au cas faudra faire une réparation manuelle

5. Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

==>Random’s System Information Tool (RSIT)

==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu de log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

Wow première fois que je reçois une réponse aussi précise je fait tout et je poste ici.

Merci !

pour le rapport de findykill j’ai ceci :
############################## | FindyKill V5.012 |

User : Psyloranger (Administrateurs) # PSYLOPC

Update on 20/09/2009 by Chiquitine29

Start at: 08:41:21 | 25/09/2009

Website : pagesperso-orange.fr…

Processeur Intel Pentium III Xeon

Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

Windows Firewall Status : Enabled

C:\ # Disque fixe local # 29,29 Go (15,63 Go free) [Systéme] # NTFS

D:\ # Disque fixe local # 98,7 Go (75,26 Go free) [Jeux] # NTFS

E:\ # Disque fixe local # 803,52 Go (660,22 Go free) [Médias] # NTFS

F:\ # Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Psyloranger\Application Data\drivers\winupgro.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Psyloranger\Application Data\m\flec006.exe
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\275218.exe
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

############################## | Processus infectieux stoppés |

“C:\Documents and Settings\Psyloranger\Application Data\drivers\winupgro.exe” (2156)
“C:\Documents and Settings\Psyloranger\Application Data\m\flec006.exe” (3680)
“C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\275218.exe” (1652)
“C:\WINDOWS\system32\wintems.exe” (1764)

################## | C: |

################## | C:\WINDOWS |

Présent ! C:\WINDOWS\Prefetch\152765.EXE-0F2DE832.pf
Présent ! C:\WINDOWS\Prefetch\166453.EXE-0FA7512D.pf
Présent ! C:\WINDOWS\Prefetch\167218.EXE-2320F7DC.pf
Présent ! C:\WINDOWS\Prefetch\36872046.EXE-32650D01.pf
Présent ! C:\WINDOWS\Prefetch\36897312.EXE-2CCBACDD.pf
Présent ! C:\WINDOWS\Prefetch\36909359.EXE-2BC2DE31.pf
Présent ! C:\WINDOWS\Prefetch\45468.EXE-306F1FD9.pf
Présent ! C:\WINDOWS\Prefetch\47937.EXE-3A6BBA36.pf
Présent ! C:\WINDOWS\Prefetch\50218.EXE-2DBD9D6C.pf
Présent ! C:\WINDOWS\Prefetch\54093.EXE-0C8E4531.pf
Présent ! C:\WINDOWS\Prefetch\68968.EXE-08414FE2.pf
Présent ! C:\WINDOWS\Prefetch\69906.EXE-388E06CB.pf
Présent ! C:\WINDOWS\Prefetch\69968.EXE-1CDD8BCF.pf
Présent ! C:\WINDOWS\Prefetch\79484.EXE-2FC59845.pf
Présent ! C:\WINDOWS\Prefetch\89953.EXE-00A2E78B.pf
Présent ! C:\WINDOWS\Prefetch\92109.EXE-181DD047.pf
Présent ! C:\WINDOWS\Prefetch\98421.EXE-384D998D.pf
Présent ! C:\WINDOWS\Prefetch\FLEC006.EXE-28D79223.pf
Présent ! C:\WINDOWS\Prefetch\KEY_GENERATOR.EXE-29E3DBBB.pf
Présent ! C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Présent ! C:\WINDOWS\Prefetch\WGA_V1.9.9.0_CRACK.EXE-18132A96.pf
Présent ! C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf

################## | C:\WINDOWS\system32 |

Présent ! C:\WINDOWS\system32\ban_list.txt
Présent ! C:\WINDOWS\system32\mdelk.exe
Présent ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |

Présent ! C:\WINDOWS\system32\drivers\down

################## | C:\Documents and Settings\Psyloranger\Application Data |

Présent ! C:\Documents and Settings\Psyloranger\Application Data\drivers
Présent ! C:\Documents and Settings\Psyloranger\Application Data\drivers\111wfs1intwq.sys
Présent ! C:\Documents and Settings\Psyloranger\Application Data\drivers\11s11ro1s1a2.sys
Présent ! C:\Documents and Settings\Psyloranger\Application Data\drivers\downld
Présent ! C:\Documents and Settings\Psyloranger\Application Data\drivers\winupgro.exe
Présent ! C:\Documents and Settings\Psyloranger\Application Data\m
Présent ! C:\Documents and Settings\Psyloranger\Application Data\m\data.oct
Présent ! C:\Documents and Settings\Psyloranger\Application Data\m\flec006.exe
Présent ! C:\Documents and Settings\Psyloranger\Application Data\m\list.oct
Présent ! C:\Documents and Settings\Psyloranger\Application Data\m\srvlist.oct
Présent ! C:\Documents and Settings\Psyloranger\Application Data\m\shared

################## | Temporary Internet Files |

Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_3[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_3[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_zip[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_zip[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_zip[3].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_zip[4].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_zip[5].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\ieps[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[3].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[4].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_1[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_1[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_3[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_3[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_6[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_1[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[3].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_6[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\mxd[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_1[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[1].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[2].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[3].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[4].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[5].jpg
Présent ! C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\file[1].txt

################## | Registre / Clés infectieuses |

Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\111111s1ro1s1a]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\111111s1ro1s1a]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\111111s1ro1s1a]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\sK9Ou0s]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\sK9Ou0s]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_111111s1ro1s1a]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_111111s1ro1s1a]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_111111s1ro1s1a]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKCU\Software\bisoft]
Présent ! [HKCU\Software\DateTime4]
Présent ! [HKCU\Software\MuleAppData]
Présent ! [HKCU\Software\Microsoft\Windows\UI] “KEY540534”
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\Microsoft\Windows\UI] “KEY540534”
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] “drvsyskit”
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run] “drvsyskit”
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] “german.exe”
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run] “german.exe”
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] “mule_st_key”
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run] “mule_st_key”
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\bisoft]
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\DateTime4]
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\FFC]
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\MuleAppData]
Présent ! [HKCU\Software\Local AppWizard-Generated Applications\key_generator]
Présent ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\Local AppWizard-Generated Applications\key_generator]
Présent ! [HKU\S-1-5-21-299502267-507921405-682003330-1003\Software\Local AppWizard-Generated Applications\winupgro]
Présent ! [HKLM\software\microsoft\security center] “AntiVirusDisableNotify”
Présent ! [HKLM\software\microsoft\security center] “AntiVirusOverride”
Présent ! [HKLM\software\microsoft\security center] “FirewallDisableNotify”
Présent ! [HKLM\software\microsoft\security center] “FirewallOverride”
Présent ! [HKLM\software\microsoft\security center] “UpdatesDisableNotify”

################## | Etat / Services / Informations |

Affichage des fichiers cachés : OK

Clé manquante : HKLM…\SafeBoot | Mode sans echec non fonctionnel !

(!) Ndisuio -> Start = 4 ( Good = 3 | Bad = 4 )

EapHost -> Start = 3 ( Good = 2 | Bad = 4 )

(!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )

(!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )

(!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )

(!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )

################## | Cracks / Keygens / Serials |

“C:\Documents and Settings\Psyloranger\Bureau\A instaler"WGA_v1.9.9.0_crack.exe”"
30/01/2009 01:00 |Size 2157131 |Crc32 16dc8f54 |Md5 f6d188c7391042fb1ecd29a476f62b63

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]“Nero-9.2.6.0_trial.exe””
07/01/2009 17:13 |Size 400569600 |Crc32 a98c8e4a |Md5 fc4dab4550a9dbfab35514e11af939cc

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]\Keygen"keymaker.exe”"
10/12/2008 00:06 |Size 3548672 |Crc32 6f74bc53 |Md5 3af1caa3206f513a77da611090f40aaf

################## | ! Fin du rapport # FindyKill V5.012 ! |

pour malwarbyte le mode sans echec n’a pa fonctionner voici le rapport :

Malwarebytes’ Anti-Malware 1.41
Version de la base de données: 2854
Windows 5.1.2600 Service Pack 3

25/09/2009 09:17:29
mbam-log-2009-09-25 (09-17-29).txt

Type de recherche: Examen complet (C:|D:|E:|)
Eléments examinés: 156097
Temps écoulé: 13 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 221

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\111111s1ro1s1a (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sK9Ou0s (Worm.Bagle) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Worm.Bagle) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\m (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\down (Trojan.Downloader) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Psyloranger\Application Data\drivers\111wfs1intwq.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36872046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\68968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\149781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36897312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36909359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\395671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\410171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\41171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\45468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\47937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\50218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\50640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\52593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\54093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\69906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\69968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\70828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\74875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\75562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\79484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\166453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\167703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\180812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\234625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\255359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\256453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\33656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\m\flec006.exe (Worm.Bagle) -> Delete on reboot.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_3[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\CPLB1B3T\b64_3[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[3].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64[4].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_1[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_3[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\I5WX6GRF\b64_3[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_1[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[3].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\QWAZZOOE\b64_3[4].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_1[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[1].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[2].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[3].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[4].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Local Settings\Temporary Internet Files\Content.IE5\UYV6IEQE\b64_3[5].jpg (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0010940.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0010941.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0010942.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011025.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011026.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011027.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011028.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011132.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011168.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011129.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011130.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011131.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011142.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011143.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011144.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011145.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011167.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011169.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011170.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011178.sys (HackTool.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011179.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011180.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information_restore{5DAE3992-6985-4855-95C6-F4FF3795AE46}\RP38\A0011181.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Worm.Bagle) -> Delete on reboot.
C:\WINDOWS\system32\mdelk.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\down\167218.exe (Trojan.Packed) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\100406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\100484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\124843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\125000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\125656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\125781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\125796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\126937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\129531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\129671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\131875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\132500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\133781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\133921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\134500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\135843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\137265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\137781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\142625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\143250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\144453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\145359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\145718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\150937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\151828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\152187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\163484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\164406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\164750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\190203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\190828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\191265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\236437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\236531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\236734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\237312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\240828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\240953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\241156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\241937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\242718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\243875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\244187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\253750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\259671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\260218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\260546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\264156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\265046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\265406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\265984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\275218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\277781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\280437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\280515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\280531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\312046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\312171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\312187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\314671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\315312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\315765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\321250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\321390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\321406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\321640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\322187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\327015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\327140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\327156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\327406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\327937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\331000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\331750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\331953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\332546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36923921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36928546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\36932140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\390562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\391453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\391812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\409468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\414078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\414171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\414203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\414453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\415093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\437328.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\437406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\437625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\438156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\56125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\57296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\57593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\57890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\59093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\59406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\59671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\60843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\61156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\62375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\63546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\63812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\63843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\65015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\65312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\72781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\73375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\73859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\74437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\74781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\75453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\76031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\76406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\76796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\78359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\78937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\79312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\82484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\83062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\83453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\89953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\91093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\91156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\91703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\92109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\93015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\93078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\94312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\95718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\95796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\96625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\96734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\downld\98421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\11s11ro1s1a2.sys (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Psyloranger\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.

voila j’ai donc suivi les instruction de serroth.com et en pramier lieu on ma dit ceci : combofix a detecte la presence d’une activité de roothit et a besoin de redemarrer la machine … : c:\documents and settings \psyloranger\application data \drivers\ 11s11ro1s1.sys j’ai donc redemarrer et voici le rapport :

ComboFix 09-09-23.02 - Psyloranger 25/09/2009 9:35.1.8 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3063.2733 [GMT 2:00]
Lancé depuis: c:\documents and settings\Psyloranger\Bureau\Serroth.com.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Psyloranger\Application Data\drivers\111wfs1intwq.sys
c:\documents and settings\Psyloranger\Application Data\Drivers\11s11ro1s1a2.sys
c:\documents and settings\Psyloranger\Application Data\drivers\downld
c:\documents and settings\Psyloranger\Application Data\drivers\downld\131078.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\131234.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\133390.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\134000.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\134437.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\207109.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\208015.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\208375.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\209515.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\223593.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\266015.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\266109.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\266312.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\266875.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\347921.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\348046.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\348062.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\348281.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\348796.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\37437.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\55937.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\63703.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\64937.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\65250.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\74796.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\77046.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\80140.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\80703.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\81031.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\96046.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\97687.exe
c:\documents and settings\Psyloranger\Application Data\drivers\downld\97750.exe
c:\documents and settings\Psyloranger\Application Data\drivers\winupgro.exe
c:\documents and settings\Psyloranger\Application Data\m
c:\documents and settings\Psyloranger\Application Data\m\data.oct
c:\documents and settings\Psyloranger\Application Data\m\flec006.exe
c:\documents and settings\Psyloranger\Application Data\m\list.oct
c:\documents and settings\Psyloranger\Application Data\m\shared$hopKeep 4.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared.(PC).-.McAfee.Internet.Security.Suite.2005.Version.7.0.Crack.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\1_2_3_Web_Protect_1.8C_Serial.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\100%Free_Gin_Card_Game_for_Windows_6.54.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\3D_Mountain_Waterfall_1.0(Crack).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\A Team Vista Icons.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\A3DStitcher 1.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\AdSpy Eliminator 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\AFC_Communication_Tools_1.04.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Allena for Microsoft Access 3.25 Beta.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Anetto_HTML_Optimize!3.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Apple_Basic_Connectivity_Set_Update_1.1.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\AutoRun_Pro_Enterprise_12.0.0.118.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Avast.Avast.Antivirus.4.7.Home.serial.keygen.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\AVI_DivX_to_DVD_SVCD_VCD_Converter_5.0[Key].zip
c:\documents and settings\Psyloranger\Application Data\m\shared\awSchedule 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\BackPack_Professional_Standard_Edition_4.60_[Key].zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Barcode_Prime_Image_Generator_for_Interleaved_2of5_1.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Basic_Business_Solutions_1.0.0.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Battlefield_1942_Experience_WWII_map_pack.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Be My Valentine Comp Icon Set 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Bedizen 0.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\BeeThink_MP3_WMA_To_WAV_Converter_2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Bluefox Zune Video Converter 2.11.09.0512.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Boat Sales Organizer Deluxe 3.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Book_Navigator_0.82b_KeyGen.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\CenturionMail_2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\CKRename_1.08.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\CMS Stock 1.04.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Copy DVD Movie Now 7.2.9.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Core2 CRM 1.1.0.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Cottage Med 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\CryptaPix 3.04.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Currency Quotes 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Data Export - DB22Paradox 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Defined_Terms_Indexer_3.0.220_[Patch].zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Distortia.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Dr.Explain 3.0.175.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Dynamic DNS Client .NET Edition Lite 2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\EZ_Backup_Windows_Live_Messenger_Basic_4.7_(Key+Serial).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\FairStars MP3 Recorder 2.05.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Flash_Saver_6.5.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Flex Notes 3.1.5.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Framy_Rosewood_classic_1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Free Image Converter 1.05.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Frontbase GPS 1.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\FTP Browser 1.0.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Fusion Sendmail 2.01.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Horas_4.1_(With_Crack).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Horses_1.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Imobis_R2_1.5.4.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Invoice_Vision_1.31.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\iSofter DVD to Zune Converter 3.0.2007.205.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\iVerio 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Jango 2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\JOC_MP3_Finder_2.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Jocsoft MP4 Video Converter 1.0.3.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\JPEG_Japery_1.29.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Keygen.Do.Avast.4.7.Professional.Updated-Fixed.06-2006.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\LAN Tornado 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Leros 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Line_Counter_1.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\MB_Free_Runes_Dictionary_1.10.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Mcafee.Antivirus2007.Keygen.avi.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Mediaware_Task_Manager_3.5.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Mega MP3 Splitter 2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Message_Manager_Deluxe_3.00_(Key).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Mini Company Financial Analyzer 1.2.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Mini DVD to Apple TV Converter 2.05.19.2009.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\MonitorWeb_2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\MSN_Checker_Sniffer_1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\My_Passwords_5.0.0.0_Patch.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\MyDbConverter_2.0_Cracked.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\MySQL_Auto_Backup_Professional_Edition_2.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Network Notepad 4.6.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\NewPlay 4 Audio Standard Edition 4.05.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\North American Bears ScreenSaver 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Novell NetWare Revisor 3.4.2.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\NTkrnl_Protector_0.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\OfficeOne Shortcut Manager SDK 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Opell DVD to iPod Converter 2.2.7.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\OPI Swapper for InDesign CS2 6.1r10.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Outlook Express Privacy 2.091.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Palm_OS_Emulator_3.5.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Paragon Partition Manager Professional Edition 9.0 Build 4516.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Passion_4_Nails_toolbar_for_IE_4.5.131.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Pegangle_X_1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Personal_TaskMaster_2.0_(Serial).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Planning_Pro_6.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Play 99.6 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Printer’s_Apprentice_7.57.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\PrintSniffer_1.0.0.58_(Cracked).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Question Writer 1.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\rcFTP 0.7.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Recorder_Digits_2.8.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\RegMenu_1.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Screen_Grab_Pro_1.3.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Site Navigator 1.2.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\SmartPOP2Exchange_6.4.5_(Patch).zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Spheresoft_Modeler_for_Excel_1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\SSE Setup 5.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Star_Icons_1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Steelray_Project_Viewer_3.1.2_Key.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Symantec.Antivirus.Corporate.Edition.v10.1.5.5000.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Tabs Studio 1.2.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Text_Monkey_Pro_1.0.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\The Holy Bible 2.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\TotoCalculator_2.11a.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\TouchLocker 1.03.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Trace3D 4.02.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\TradeSmart_2.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Tranquillity_Sky_Screen_Saver_1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\UltraDefrag 3.1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Ultralingua_Spanish-English_Dictionary_5.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Unreal_Tournament_2003_-VSK_Kitchen_deathmatch_map.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Valentine Icons 1.0.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\VB Button Control 1.1.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\VE Network Catcher Lite 4.5.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Virus_Detector_1.0.2005.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Visual_Importer_Professional_7.4.6[Patch].zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Wallmaster 0.1.3 Beta.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\Warcraft_III_-_Chapter_1_map.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\WinClock Plus 2.84.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\WinMX_3.54_Beta_4.zip
c:\documents and settings\Psyloranger\Application Data\m\shared\ZShellServer 1.01b.zip
c:\documents and settings\Psyloranger\Application Data\m\srvlist.oct
c:\recycler\S-1-5-21-1409082233-1757981266-839522115-1003
c:\windows\system32\ban_list.txt
c:\windows\system32\lvcoinst.dll
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_111111S1RO1S1A
-------\Legacy_111111S1RO1S1A
-------\Legacy_SK9OU0S

((((((((((((((((((((((((((((( Fichiers créés du 2009-08-25 au 2009-09-25 ))))))))))))))))))))))))))))))))))))
.

2009-09-25 06:55 . 2009-09-25 06:55 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\Malwarebytes
2009-09-25 06:55 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-25 06:54 . 2009-09-25 06:55 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-09-25 06:54 . 2009-09-25 06:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-25 06:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-25 06:40 . 2009-09-25 06:41 -------- d-----w- C:\FindyKill
2009-09-24 18:27 . 2009-08-17 16:06 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-24 18:27 . 2009-08-17 16:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-24 18:27 . 2009-08-17 16:10 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-24 15:24 . 2009-09-24 15:24 853958 -c----w- c:\windows\system32\dllcache\npds.zip
2009-09-24 15:24 . 2009-09-24 15:24 832307 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2009-09-24 15:08 . 2009-09-25 07:36 -------- d–h--w- c:\documents and settings\Psyloranger\Application Data\drivers
2009-09-23 05:55 . 2009-09-23 05:55 -------- d-sh–w- c:\documents and settings\Psyloranger\IETldCache
2009-09-23 05:54 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-09-23 05:54 . 2009-09-23 05:54 -------- d-----w- c:\windows\ie8updates
2009-09-23 05:53 . 2009-07-19 16:45 11067392 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-09-23 05:53 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-09-23 05:53 . 2009-07-03 16:57 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-23 05:53 . 2009-07-03 16:57 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-23 05:53 . 2009-07-03 16:57 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-09-23 05:53 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-23 05:52 . 2009-09-23 05:53 -------- dc-h–w- c:\windows\ie8
2009-09-20 07:25 . 2009-01-29 23:00 36352 ------w- C:\WGASetup.exe
2009-09-15 22:14 . 2009-09-15 22:14 -------- d-----w- c:\windows\system32\XPSViewer
2009-09-15 22:14 . 2009-09-15 22:14 -------- d-----w- c:\program files\MSBuild
2009-09-15 22:14 . 2009-09-15 22:14 -------- d-----w- c:\program files\Reference Assemblies
2009-09-15 22:13 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-09-15 22:13 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-09-15 22:13 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-09-15 22:13 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-09-15 22:13 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-09-15 22:13 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-09-15 22:13 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-09-14 17:03 . 2009-09-14 17:03 -------- d-----w- c:\windows\system32\KB905474
2009-09-14 17:03 . 2009-03-10 20:26 1438080 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-09-14 17:03 . 2009-03-10 20:18 454024 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2009-09-14 17:00 . 2009-09-14 17:00 -------- d-----w- c:\program files\MSXML 4.0
2009-09-13 09:56 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-09-13 09:56 . 2009-09-13 09:56 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-09-13 07:18 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-09-13 07:16 . 2008-12-16 12:31 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-09-13 07:16 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-09-13 07:16 . 2008-09-04 17:16 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-09-13 07:16 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-09-13 07:16 . 2009-03-08 02:33 726528 -c–a-w- c:\windows\system32\dllcache\jscript.dll
2009-09-12 23:20 . 2009-09-23 05:54 -------- d–h--w- c:\windows$hf_mig$
2009-09-11 18:21 . 2009-09-11 18:21 -------- d-----w- C:\ProgramData
2009-09-11 18:21 . 2009-09-11 18:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts
2009-09-11 18:21 . 2009-09-11 18:21 -------- d-----w- c:\program files\Electronic Arts
2009-09-11 18:20 . 2008-09-04 18:17 447752 ----a-r- c:\windows\system32\vp6vfw.dll
2009-09-11 18:20 . 2009-09-11 18:20 -------- d-----w- c:\program files\Microsoft WSE
2009-09-08 15:42 . 2009-09-08 15:42 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\MSN6
2009-09-08 15:42 . 2009-09-08 15:42 -------- d-----w- c:\documents and settings\All Users\Application Data\MSN6
2009-09-07 17:19 . 2009-09-07 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-07 17:19 . 2009-09-07 17:19 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-09-07 12:06 . 2006-06-22 22:29 12080 ----a-r- c:\windows\system32\drivers\lv302af.sys
2009-09-07 11:53 . 2009-09-07 11:54 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-09-07 11:53 . 2009-09-07 11:53 -------- d-----w- c:\program files\Logitech
2009-09-07 11:53 . 2009-09-07 11:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-09-07 11:51 . 2008-04-13 09:45 60032 -c–a-w- c:\windows\system32\dllcache\usbaudio.sys
2009-09-07 11:51 . 2008-04-13 09:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-09-07 11:50 . 2006-06-22 22:29 38960 ----a-r- c:\windows\system32\drivers\LVUSBSta.sys
2009-09-07 11:50 . 2006-06-22 20:51 4770 ----a-r- c:\windows\system32\Repository.reg
2009-09-07 11:50 . 2006-06-22 22:29 513584 ----a-r- c:\windows\system32\LVUI2RC.dll
2009-09-07 11:50 . 2006-06-22 22:29 210480 ----a-r- c:\windows\system32\LVUI2.dll
2009-09-07 11:50 . 2006-06-22 22:29 263728 ----a-r- c:\windows\system32\lvcodec2.dll
2009-09-07 11:50 . 2003-02-21 12:42 348160 ----a-r- c:\windows\system\msvcr71.dll
2009-09-07 11:50 . 2006-06-22 22:29 720176 ----a-r- c:\windows\system32\drivers\LV302AV.SYS
2009-09-07 11:50 . 2008-04-13 17:33 54784 -c–a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-09-07 11:50 . 2008-04-13 17:33 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-09-07 09:33 . 2009-09-07 09:33 -------- d-----w- c:\program files\Vista Drive Icon
2009-09-07 09:26 . 2009-09-20 08:12 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\BitTorrent
2009-09-06 23:04 . 2009-09-06 23:04 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\OpenOffice.org
2009-09-06 23:02 . 2009-09-06 23:02 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-06 18:50 . 2009-09-13 09:57 -------- d-----w- c:\documents and settings\Psyloranger\Local Settings\Application Data\Adobe
2009-09-06 17:44 . 2009-09-06 17:44 -------- d-----w- c:\program files\Lavalys
2009-09-06 17:42 . 2009-09-06 17:42 65019 ----a-w- c:\windows\BricoPackUninst.cmd
2009-09-06 17:42 . 2009-09-06 17:42 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-09-06 17:41 . 2009-09-06 17:41 -------- d-----w- c:\windows\BricoPacks
2009-09-06 17:39 . 2009-09-06 17:40 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-09-06 17:33 . 2009-09-13 09:56 604416 ----a-w- c:\windows\system32\TUProgSt.exe
2009-09-06 17:33 . 2009-09-06 17:33 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\TuneUp Software
2009-09-06 17:33 . 2009-09-13 09:57 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-09-06 17:33 . 2009-09-06 17:33 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-09-06 17:32 . 2009-09-06 17:32 -------- d-sh–w- c:\documents and settings\All Users\Application Data{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-06 17:32 . 2008-04-13 17:05 14720 -c–a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-09-06 17:32 . 2008-04-13 17:05 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-09-06 17:31 . 2009-09-06 17:31 -------- d-----w- c:\windows\system32\Lang
2009-09-06 17:27 . 2008-11-06 09:04 151552 ------r- c:\windows\system32\xRaidAPI.dll
2009-09-06 17:26 . 2009-09-06 17:26 -------- d-----w- C:\RaidTool
2009-09-06 17:26 . 2008-11-06 09:04 1970176 ------r- c:\windows\system32\xRaidSetup.exe
2009-09-06 17:26 . 2008-11-06 09:04 83296 ----a-r- c:\windows\system32\drivers\jraid.sys
2009-09-06 17:26 . 2009-09-06 17:27 -------- d-----w- c:\windows\RaidTool
2009-09-06 17:25 . 2008-08-07 11:14 111360 ----a-r- c:\windows\system32\drivers\Rtenicxp.sys
2009-09-06 17:25 . 2008-08-07 03:38 9728 ----a-r- c:\windows\system32\RtNicProp32.dll
2009-09-06 17:23 . 2008-06-19 08:42 2808832 ----a-w- c:\windows\ALCWZRD.EXE
2009-09-06 17:23 . 2008-06-19 08:20 57344 ----a-w- c:\windows\ALCMTR.EXE
2009-09-06 17:23 . 2008-08-05 12:10 1684736 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-09-06 17:23 . 2009-09-06 17:23 -------- d-----w- c:\program files\Realtek
2009-09-06 17:23 . 2008-08-25 08:17 528384 ------r- c:\windows\RtlExUpd.dll
2009-09-06 17:19 . 2009-09-06 17:19 -------- d-----w- c:\program files\Satsuki Decoder Pack
2009-09-06 17:17 . 2009-09-24 18:21 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\foobar2000
2009-09-06 17:16 . 2009-09-06 17:16 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\Media Player Classic
2009-09-06 17:06 . 2009-09-06 17:06 0 ----a-w- c:\windows\nsreg.dat
2009-09-06 17:06 . 2009-09-06 17:06 -------- d-----w- c:\documents and settings\Psyloranger\Local Settings\Application Data\Mozilla
2009-09-06 17:05 . 2008-04-13 09:45 32128 -c–a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-09-06 17:05 . 2008-04-13 09:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-16 04:18 . 2009-09-06 12:23 17280 ----a-w- c:\documents and settings\Psyloranger\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-15 22:15 . 2001-10-04 11:56 500900 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-15 22:15 . 2001-10-04 11:56 80748 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-11 18:06 . 2009-09-06 12:05 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-09-06 17:42 . 2009-09-06 11:52 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-09-06 17:24 . 2009-09-06 17:24 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\InstallShield
2009-09-06 12:57 . 2009-09-06 12:57 -------- d-----w- c:\program files\Alwil Software
2009-09-06 12:22 . 2009-09-06 12:22 -------- d-----w- c:\documents and settings\Psyloranger\Application Data\ATI
2009-09-06 12:22 . 2009-09-06 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-09-06 12:22 . 2009-09-06 12:22 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-06 12:09 . 2009-09-06 12:05 -------- d-----w- c:\program files\ATI Technologies
2009-09-06 12:08 . 2009-09-06 12:08 -------- d-----w- c:\program files\Fichiers communs\ATI Technologies
2009-09-06 12:05 . 2009-09-06 12:04 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-09-06 11:59 . 2009-09-06 11:59 -------- d-----w- c:\program files\Intel
2009-09-06 11:41 . 2009-09-06 11:41 -------- d-----w- c:\program files\microsoft frontpage
2009-09-06 11:39 . 2009-09-06 11:39 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-06 11:38 . 2009-09-06 11:38 -------- d-----w- c:\program files\Services en ligne
2009-08-05 09:00 . 2009-09-06 12:07 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:35 . 2001-10-04 11:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:35 . 2001-10-04 11:55 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 19:03 . 2009-09-06 11:52 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-12 10:21 . 2009-09-06 12:40 233472 ------w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:57 . 2009-09-06 11:52 915456 ----a-w- c:\windows\system32\wininet.dll
.

------- Sigcheck -------

[-] 2008-04-13 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-13 . 3EFE912DD25D2586E6A0341DB0A66F69 . 979968 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2002-08-29 . 82FE0D400CB1AC937234467B927B867A . 1008128 . . [6.00.2800.1106] . . c:\windows$NtServicePackUninstall$\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“StartCCC”=“c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2004-05-16 856064]
“JMB36X IDE Setup”=“c:\windows\RaidTool\xInsIDE.exe” [2008-11-06 36864]
“36X Raid Configurer”=“c:\windows\system32\xRaidSetup.exe” [2008-11-06 1970176]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2009-02-27 35696]
“DrvIcon”=“c:\program files\Vista Drive Icon\DrvIcon.exe” [2007-07-04 45056]
“LogitechCommunicationsManager”=“c:\program files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe” [2006-06-26 497200]
“LogitechQuickCamRibbon”=“c:\program files\Logitech\QuickCam10\QuickCam10.exe” [2006-06-26 614960]
“LVCOMSX”=“c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe” [2006-06-26 243248]
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-09-25 81000]
“Malwarebytes Anti-Malware (reboot)”=“c:\program files\Malwarebytes’ Anti-Malware\mbam.exe” [2009-09-10 1312080]
“RTHDCPL”=“RTHDCPL.EXE” - c:\windows\RTHDCPL.EXE [2008-11-07 17421824]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2008-04-13 15360]

c:\documents and settings\Psyloranger\Menu D?marrer\Programmes\D?marrage
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableLUA”= 0 (0x0)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“%windir%\system32\sessmgr.exe”=
“d:\Jeux\Steam\Steam.exe”=
“e:\Program Files\BitTorrent\bittorrent.exe”=
“e:\Program Files\eMule\emule.exe”=
“d:\Jeux\Steam\steamapps\common\prototype\prototypef.exe”=
“c:\Program Files\Messenger\msmsgs.exe”=
“c:\Program Files\Electronic Arts\EADM\Core.exe”=
“d:\Jeux\Steam\steamapps\common\left 4 dead\left4dead.exe”=
“d:\Jeux\Steam\steamapps\psyloranger\counter-strike source\hl2.exe”=

R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [06/09/2009 19:33 604416]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
“c:\windows\system32\rundll32.exe” “c:\windows\system32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
.
Contenu du dossier ‘Tâches planifiées’

2009-09-25 c:\windows\Tasks\Maintenance en 1 clic.job

• c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:42]

2009-09-25 c:\windows\Tasks\WGASetup.job

• c:\windows\system32\KB905474\wgasetup.exe [2009-09-14 20:18]
  .
  .
  ------- Examen supplémentaire -------
  .
  uStart Page = www.tropal.net…
  DPF: Microsoft XML Parser for Java - [c:\windows\Java\classes\xmldso.cab…](file://c:\windows\Java\classes\xmldso.cab)
  FF - ProfilePath - c:\documents and settings\Psyloranger\Application Data\Mozilla\Firefox\Profiles\a3krcswh.default
  FF - prefs.js: browser.startup.homepage - www.google.fr…
  FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
  .
• • • • ORPHELINS SUPPRIMES - - - -

HKLM-Run-LogitechSetup - f:\setup\Setup.exe

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-09-25 09:38
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

.
--------------------- DLLs chargées dans les processus actifs ---------------------

• • • • • • • ‘winlogon.exe’(976)
              c:\windows\system32\Ati2evxx.dll

• • • • • • • ‘explorer.exe’(3824)
              c:\windows\system32\ntshrui.dll
              c:\windows\system32\NETSHELL.dll
              c:\windows\system32\credui.dll
              c:\windows\system32\eappprxy.dll
              c:\windows\system32\webcheck.dll
              .
              ------------------------ Autres processus actifs ------------------------
              .
              c:\windows\system32\wscntfy.exe
              c:\program files\Logitech\QuickCam10\COCIManager.exe
              c:\windows\system32\imapi.exe
              .

.
Heure de fin: 2009-09-25 9:39 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-09-25 07:39

Avant-CF: 16 639 119 360 octets libres
Après-CF: 18 709 467 136 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professionnel” /fastdetect /NoExecute=OptIn

423 — E O F — 2009-09-23 05:54

voila pour la derniere etape donc pour le premier fichier texte donc log.txt :

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Psyloranger at 2009-09-25 11:14:34
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 18 GB (61%) free of 30 GB
Total RAM: 3063 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:38, on 25/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Psyloranger\Bureau\RSIT.exe
C:\Program Files\trend micro\Psyloranger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.tropal.net…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM…\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [LogitechQuickCamRibbon] “C:\Program Files\Logitech\QuickCam10\QuickCam10.exe” /hide
O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

–
End of file - 4168 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“StartCCC”=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2004-05-16 856064]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2008-11-07 17421824]
“JMB36X IDE Setup”=C:\WINDOWS\RaidTool\xInsIDE.exe [2008-11-06 36864]
“36X Raid Configurer”=C:\WINDOWS\system32\xRaidSetup.exe [2008-11-06 1970176]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
“DrvIcon”=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2007-07-04 45056]
“LogitechCommunicationsManager”=C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
“LogitechQuickCamRibbon”=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
“LVCOMSX”=C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-25 81000]
“Malwarebytes Anti-Malware (reboot)”=C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe [2009-09-10 1312080]

C:\Documents and Settings\Psyloranger\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDriveAutoRun”=67108863
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“D:\Jeux\Steam\Steam.exe”=“D:\Jeux\Steam\Steam.exe::Enabled:Steam"
“E:\Program Files\BitTorrent\bittorrent.exe”="E:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent”
“E:\Program Files\eMule\emule.exe”=“E:\Program Files\eMule\emule.exe::Enabled:eMule"
“D:\Jeux\Steam\steamapps\common\prototype\prototypef.exe”="D:\Jeux\Steam\steamapps\common\prototype\prototypef.exe::Enabled:Prototype”
“C:\Program Files\Messenger\msmsgs.exe”=“C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger"
“C:\Program Files\Electronic Arts\EADM\Core.exe”="C:\Program Files\Electronic Arts\EADM\Core.exe::Enabled:EA Download Manager”
“D:\Jeux\Steam\steamapps\common\left 4 dead\left4dead.exe”=“D:\Jeux\Steam\steamapps\common\left 4 dead\left4dead.exe::Enabled:Left 4 Dead"
“D:\Jeux\Steam\steamapps\psyloranger\counter-strike source\hl2.exe”="D:\Jeux\Steam\steamapps\psyloranger\counter-strike source\hl2.exe::Enabled:hl2”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-09-25 11:14:34 ----D---- C:\rsit
2009-09-25 11:14:34 ----D---- C:\Program Files\trend micro
2009-09-25 09:46:12 ----SHD---- C:\RECYCLER
2009-09-25 09:39:15 ----D---- C:\WINDOWS\temp
2009-09-25 09:39:14 ----A---- C:\ComboFix.txt
2009-09-25 09:30:43 ----A---- C:\Boot.bak
2009-09-25 09:30:40 ----RASHD---- C:\cmdcons
2009-09-25 09:30:00 ----A---- C:\WINDOWS\zip.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\SWSC.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\SWREG.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\sed.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\PEV.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\NIRCMD.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\grep.exe
2009-09-25 09:29:56 ----D---- C:\WINDOWS\ERDNT
2009-09-25 09:28:59 ----D---- C:\Qoobox
2009-09-25 08:55:03 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Malwarebytes
2009-09-25 08:54:59 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-09-25 08:54:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-25 08:41:19 ----A---- C:\FindyKill.txt
2009-09-25 08:40:28 ----D---- C:\FindyKill
2009-09-24 20:27:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-09-24 17:08:24 ----HD---- C:\Documents and Settings\Psyloranger\Application Data\drivers
2009-09-23 07:54:03 ----D---- C:\WINDOWS\ie8updates
2009-09-23 07:53:46 ----D---- C:\WINDOWS\WBEM
2009-09-23 07:52:49 ----HDC---- C:\WINDOWS\ie8
2009-09-23 07:52:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-20 09:25:55 ----A---- C:\WINDOWS\system32\WgaTray.exe
2009-09-20 09:25:55 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2009-09-20 09:25:55 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2009-09-20 09:25:00 ----N---- C:\WGASetup.exe
2009-09-16 23:11:46 ----HDC---- C:\WINDOWS$NtUninstallKB961118$
2009-09-16 00:14:13 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-16 00:14:10 ----D---- C:\Program Files\MSBuild
2009-09-16 00:14:09 ----D---- C:\WINDOWS\system32\en-US
2009-09-16 00:14:04 ----D---- C:\Program Files\Reference Assemblies
2009-09-16 00:13:50 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-16 00:13:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-16 00:13:50 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-14 19:03:22 ----HDC---- C:\WINDOWS$NtUninstallKB951376-v2$
2009-09-14 19:03:18 ----HDC---- C:\WINDOWS$NtUninstallKB952954$
2009-09-14 19:03:15 ----HDC---- C:\WINDOWS$NtUninstallKB959426$
2009-09-14 19:03:12 ----HDC---- C:\WINDOWS$NtUninstallKB946648$
2009-09-14 19:03:09 ----HDC---- C:\WINDOWS$NtUninstallKB956803$
2009-09-14 19:03:06 ----HDC---- C:\WINDOWS$NtUninstallKB960859$
2009-09-14 19:03:04 ----D---- C:\WINDOWS\system32\KB905474
2009-09-14 19:02:58 ----HDC---- C:\WINDOWS$NtUninstallKB951978$
2009-09-14 19:02:53 ----HDC---- C:\WINDOWS$NtUninstallKB968816_WM9$
2009-09-14 19:02:50 ----HDC---- C:\WINDOWS$NtUninstallKB961371-v2$
2009-09-14 19:02:43 ----HDC---- C:\WINDOWS$NtUninstallKB972260$
2009-09-14 19:02:39 ----HDC---- C:\WINDOWS$NtUninstallKB950974$
2009-09-14 19:02:36 ----HDC---- C:\WINDOWS$NtUninstallKB971657$
2009-09-14 19:02:32 ----HDC---- C:\WINDOWS$NtUninstallKB971557$
2009-09-14 19:02:29 ----HDC---- C:\WINDOWS$NtUninstallKB960225$
2009-09-14 19:02:25 ----HDC---- C:\WINDOWS$NtUninstallKB956744$
2009-09-14 19:02:22 ----HDC---- C:\WINDOWS$NtUninstallKB973346$
2009-09-14 19:02:13 ----HDC---- C:\WINDOWS$NtUninstallKB956572$
2009-09-14 19:02:09 ----HDC---- C:\WINDOWS$NtUninstallKB956844$
2009-09-14 19:02:06 ----HDC---- C:\WINDOWS$NtUninstallKB961501$
2009-09-14 19:02:04 ----HDC---- C:\WINDOWS$NtUninstallKB938464-v2$
2009-09-14 19:02:01 ----HDC---- C:\WINDOWS$NtUninstallKB971633$
2009-09-14 19:01:58 ----HDC---- C:\WINDOWS$NtUninstallKB973869$
2009-09-14 19:01:53 ----HDC---- C:\WINDOWS$NtUninstallKB952004$
2009-09-14 19:01:49 ----HDC---- C:\WINDOWS$NtUninstallKB973507$
2009-09-14 19:01:46 ----HDC---- C:\WINDOWS$NtUninstallKB950762$
2009-09-14 19:01:43 ----HDC---- C:\WINDOWS$NtUninstallKB957097$
2009-09-14 19:01:40 ----HDC---- C:\WINDOWS$NtUninstallKB958687$
2009-09-14 19:01:37 ----HDC---- C:\WINDOWS$NtUninstallKB952287$
2009-09-14 19:01:33 ----HDC---- C:\WINDOWS$NtUninstallKB973354$
2009-09-14 19:01:26 ----HDC---- C:\WINDOWS$NtUninstallKB967715$
2009-09-14 19:01:20 ----HDC---- C:\WINDOWS$NtUninstallKB973540_WM9$
2009-09-14 19:01:17 ----HDC---- C:\WINDOWS$NtUninstallKB951066$
2009-09-14 19:01:13 ----HDC---- C:\WINDOWS$NtUninstallKB954459$
2009-09-14 19:01:09 ----HDC---- C:\WINDOWS$NtUninstallKB952069_WM9$
2009-09-14 19:01:05 ----HDC---- C:\WINDOWS$NtUninstallKB951748$
2009-09-14 19:01:01 ----HDC---- C:\WINDOWS$NtUninstallKB970238$
2009-09-14 19:00:58 ----HDC---- C:\WINDOWS$NtUninstallKB960803$
2009-09-14 19:00:54 ----HDC---- C:\WINDOWS$NtUninstallKB973815$
2009-09-14 19:00:51 ----HDC---- C:\WINDOWS$NtUninstallKB968537$
2009-09-14 19:00:47 ----HDC---- C:\WINDOWS$NtUninstallKB954600$
2009-09-14 19:00:44 ----HDC---- C:\WINDOWS$NtUninstallKB958644$
2009-09-14 19:00:41 ----HDC---- C:\WINDOWS$NtUninstallKB955069$
2009-09-14 19:00:37 ----HDC---- C:\WINDOWS$NtUninstallKB956802$
2009-09-14 19:00:35 ----D---- C:\Program Files\MSXML 4.0
2009-09-14 19:00:26 ----HDC---- C:\WINDOWS$NtUninstallKB923561$
2009-09-14 19:00:23 ----HDC---- C:\WINDOWS$NtUninstallKB971961$
2009-09-14 19:00:16 ----HDC---- C:\WINDOWS$NtUninstallKB970653-v3$
2009-09-13 11:56:57 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-09-13 11:56:56 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-09-13 01:20:15 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-13 01:20:13 ----HDC---- C:\WINDOWS$NtUninstallKB898461$
2009-09-13 01:20:13 ----HD---- C:\WINDOWS$hf_mig$
2009-09-11 20:21:44 ----D---- C:\ProgramData
2009-09-11 20:21:44 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2009-09-11 20:21:06 ----D---- C:\Program Files\Electronic Arts
2009-09-11 20:20:32 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2009-09-11 20:20:30 ----D---- C:\Program Files\Microsoft WSE
2009-09-08 17:43:39 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-08 17:42:41 ----D---- C:\Documents and Settings\Psyloranger\Application Data\MSN6
2009-09-08 17:42:41 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2009-09-07 19:19:26 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-09-07 19:19:25 ----D---- C:\Program Files\Fichiers communs\Nero
2009-09-07 16:33:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-09-07 16:33:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-09-07 16:33:29 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-09-07 16:33:29 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-09-07 16:33:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-09-07 16:33:27 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-09-07 16:33:27 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-09-07 16:33:27 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-09-07 16:33:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-09-07 16:33:26 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-09-07 16:33:26 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-09-07 16:33:24 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-07 16:33:24 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-09-07 16:33:24 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-09-07 16:33:23 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-07 16:33:23 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-07 16:33:23 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-07 16:33:21 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-07 16:33:21 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-07 16:33:14 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-07 16:33:12 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-07 16:33:12 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-07 16:33:12 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-07 16:33:11 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-07 16:33:03 ----D---- C:\WINDOWS\Logs
2009-09-07 13:53:27 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-09-07 13:53:18 ----D---- C:\Program Files\Logitech
2009-09-07 13:53:18 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2009-09-07 13:50:17 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2009-09-07 13:50:16 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2009-09-07 13:50:16 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2009-09-07 13:50:15 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2009-09-07 13:50:13 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-09-07 11:33:30 ----D---- C:\Program Files\Vista Drive Icon
2009-09-07 11:26:04 ----D---- C:\Documents and Settings\Psyloranger\Application Data\BitTorrent
2009-09-07 01:04:14 ----D---- C:\Documents and Settings\Psyloranger\Application Data\OpenOffice.org
2009-09-07 01:02:47 ----D---- C:\Program Files\OpenOffice.org 3
2009-09-06 20:55:42 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Macromedia
2009-09-06 20:50:44 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Adobe
2009-09-06 19:44:43 ----D---- C:\Program Files\Lavalys
2009-09-06 19:42:51 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-09-06 19:42:06 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-09-06 19:42:06 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-09-06 19:41:48 ----D---- C:\WINDOWS\BricoPacks
2009-09-06 19:40:04 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-06 19:39:58 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-06 19:39:58 ----D---- C:\Program Files\Adobe
2009-09-06 19:33:33 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-09-06 19:33:29 ----D---- C:\Documents and Settings\Psyloranger\Application Data\TuneUp Software
2009-09-06 19:33:18 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-09-06 19:33:18 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-09-06 19:32:48 ----SHD---- C:\Documents and Settings\All Users\Application Data{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-06 19:31:36 ----D---- C:\WINDOWS\system32\Lang
2009-09-06 19:27:00 ----R---- C:\WINDOWS\system32\xRaidAPI.dll
2009-09-06 19:26:59 ----R---- C:\WINDOWS\system32\xRaidSetup.exe
2009-09-06 19:26:59 ----D---- C:\RaidTool
2009-09-06 19:26:32 ----D---- C:\WINDOWS\RaidTool
2009-09-06 19:25:00 ----RA---- C:\WINDOWS\system32\RtNicProp32.dll
2009-09-06 19:24:51 ----D---- C:\WINDOWS\OPTIONS
2009-09-06 19:24:46 ----D---- C:\Documents and Settings\Psyloranger\Application Data\InstallShield
2009-09-06 19:24:17 ----D---- C:\WINDOWS\system32\RTCOM
2009-09-06 19:24:12 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-09-06 19:24:11 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-09-06 19:24:11 ----A---- C:\WINDOWS\SkyTel.exe
2009-09-06 19:24:11 ----A---- C:\WINDOWS\RtlUpd.exe
2009-09-06 19:24:08 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-09-06 19:24:02 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-09-06 19:24:00 ----A---- C:\WINDOWS\MicCal.exe
2009-09-06 19:23:56 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-09-06 19:23:56 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-09-06 19:23:54 ----D---- C:\Program Files\Realtek
2009-09-06 19:23:48 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-09-06 19:19:12 ----D---- C:\Program Files\Satsuki Decoder Pack
2009-09-06 19:17:27 ----D---- C:\Documents and Settings\Psyloranger\Application Data\foobar2000
2009-09-06 19:16:19 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Media Player Classic
2009-09-06 19:16:14 ----D---- C:\Documents and Settings\Psyloranger\Application Data\WinRAR
2009-09-06 19:06:20 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Mozilla
2009-09-06 15:26:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-06 15:26:35 ----RSD---- C:\WINDOWS\Fonts
2009-09-06 15:26:35 ----RD---- C:\WINDOWS\Web
2009-09-06 15:26:35 ----HD---- C:\WINDOWS\system32\drivers
2009-09-06 15:26:35 ----HD---- C:\WINDOWS\inf
2009-09-06 15:26:35 ----D---- C:\WINDOWS\WinSxS
2009-09-06 15:26:35 ----D---- C:\WINDOWS\twain_32
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\wins
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\wbem
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\usmt
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\spool
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\Setup
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\ras
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\oobe
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\npp
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\mui
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\IME
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\icsxml
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\ias
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\export
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\dhcp
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\config
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\3076
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\2052
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1054
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1042
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1041
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1037
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1036
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1033
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1031
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1028
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1025
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system
2009-09-06 15:26:35 ----D---- C:\WINDOWS\security
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Resources
2009-09-06 15:26:35 ----D---- C:\WINDOWS\repair
2009-09-06 15:26:35 ----D---- C:\WINDOWS\mui
2009-09-06 15:26:35 ----D---- C:\WINDOWS\msapps
2009-09-06 15:26:35 ----D---- C:\WINDOWS\msagent
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Media
2009-09-06 15:26:35 ----D---- C:\WINDOWS\java
2009-09-06 15:26:35 ----D---- C:\WINDOWS\ime
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Help
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Driver Cache
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Debug
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Cursors
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Connection Wizard
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Config
2009-09-06 15:26:35 ----D---- C:\WINDOWS\AppPatch
2009-09-06 15:26:35 ----D---- C:\WINDOWS\addins
2009-09-06 15:26:35 ----D---- C:\WINDOWS
2009-09-06 14:59:02 ----D---- C:\Program Files\WinRAR
2009-09-06 14:58:45 ----D---- C:\Program Files\Mozilla Firefox
2009-09-06 14:57:42 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2009-09-06 14:57:42 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-09-06 14:57:42 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-09-06 14:57:40 ----D---- C:\Program Files\Alwil Software
2009-09-06 14:46:16 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-06 14:46:13 ----D---- C:\WINDOWS\Prefetch
2009-09-06 14:40:55 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-09-06 14:40:55 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmspdmoe.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmspdmod.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmpasf.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmp.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmidx.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmerror.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdukx.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdno1.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdinben.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\httpapi.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fwcfg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fsquirt.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fltmc.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fltlib.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\credssp.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\btpanui.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bthserv.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bthci.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\blastcln.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\azroles.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\auditusr.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\xpob2res.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\w3ssl.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\twext.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\strmfilt.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\smbinst.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slserv.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slgen.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\setupn.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qutil.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qagent.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\powercfg.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2psvc.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2p.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\onex.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\napstat.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mssha.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\msdadiag.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-09-06 14:40:51 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\xmlprov.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wshbth.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wscsvc.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wscntfy.exe
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\winshfhc.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\slrundll.exe
2009-09-06 14:40:50 ----D---- C:\WINDOWS\system32\fr-fr
2009-09-06 14:40:50 ----D---- C:\WINDOWS\system32\fr
2009-09-06 14:40:50 ----D---- C:\WINDOWS\system32\bits
2009-09-06 14:40:50 ----D---- C:\WINDOWS\provisioning
2009-09-06 14:40:50 ----D---- C:\WINDOWS\peernet
2009-09-06 14:40:50 ----D---- C:\WINDOWS\l2schemas
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wups.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-09-06 14:39:59 ----D---- C:\WINDOWS\network diagnostic
2009-09-06 14:39:46 ----A---- C:\WINDOWS\002791_.tmp
2009-09-06 14:39:39 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-09-06 14:39:13 ----HDC---- C:\WINDOWS$NtServicePackUninstall$
2009-09-06 14:36:57 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-06 14:31:03 ----A---- C:\WINDOWS\imsins.BAK
2009-09-06 14:31:00 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-06 14:31:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-06 14:31:00 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-06 14:30:58 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-06 14:30:57 ----RD---- C:\Program Files
2009-09-06 14:30:57 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-06 14:30:57 ----D---- C:\Program Files\Fichiers communs
2009-09-06 14:30:55 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-06 14:30:55 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-06 14:30:55 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-06 14:30:43 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-09-06 14:30:43 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-06 14:30:43 ----A---- C:\WINDOWS\notepad.exe
2009-09-06 14:30:38 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-06 14:30:36 ----RA---- C:\WINDOWS\SET7.tmp
2009-09-06 14:30:34 ----RA---- C:\WINDOWS\SET3.tmp
2009-09-06 14:30:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-06 14:30:30 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-06 14:30:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-06 14:30:15 ----A---- C:\WINDOWS\setuplog.txt
2009-09-06 14:30:13 ----D---- C:\Documents and Settings
2009-09-06 14:22:59 ----D---- C:\Documents and Settings\Psyloranger\Application Data\ATI
2009-09-06 14:22:59 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-06 14:08:00 ----D---- C:\Program Files\Fichiers communs\ATI Technologies
2009-09-06 14:07:51 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\qedwipes.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\qedit.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\qasf.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\msvidctl.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\msdmo.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\quartz.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\qdvd.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\qdv.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\qcap.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\encapi.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dxdiag.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dx8vb.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dx7vb.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dswave.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsound3d.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsound.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsdmo.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvvox.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvoice.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvacm.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnet.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dplayx.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmusic.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmsynth.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmstyle.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmscript.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmloader.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmime.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmcompos.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmband.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\devenum.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\ddrawex.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\ddraw.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3dim700.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3d8.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\amstream.dll
2009-09-06 14:06:37 ----RSD---- C:\WINDOWS\assembly
2009-09-06 14:06:27 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-06 14:06:07 ----HDC---- C:\WINDOWS$MSI31Uninstall_KB893803v2$
2009-09-06 14:05:32 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-09-06 14:05:31 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-06 14:05:28 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-06 14:05:13 ----D---- C:\Program Files\ATI Technologies
2009-09-06 14:05:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-06 14:04:34 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-09-06 13:59:48 ----SD---- C:\WINDOWS\system32\Microsoft
2009-09-06 13:59:24 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-06 13:59:24 ----A---- C:\WINDOWS\system32\hccoin.dll
2009-09-06 13:59:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-06 13:59:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-06 13:59:05 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-06 13:59:05 ----D---- C:\Program Files\Intel
2009-09-06 13:58:35 ----D---- C:\Intel
2009-09-06 13:57:19 ----A---- C:\WINDOWS\Language_trs.ini
2009-09-06 13:56:28 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-09-06 13:53:14 ----A---- C:\WINDOWS\system32\dpcdll.dll
2009-09-06 13:52:51 ----N---- C:\WINDOWS\system32\spiisupd.exe
2009-09-06 13:52:51 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2009-09-06 13:52:51 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-06 13:52:51 ----D---- C:\WINDOWS\ehome
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\encdec.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\dsprpres.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\ati3d2ag.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\wmvcore2.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\winbrand.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\sbeio.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\sbe.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\mssap.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\msftedit.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\appmgmts.dll
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\gpresult.exe
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\fdeploy.dll
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\appmgr.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\wsecedit.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tracerpt.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\schtasks.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\rsnotify.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\nwwks.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqutil.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqtrig.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqsnap.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqsec.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqrt.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqqm.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqise.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqad.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\gptext.dll
2009-09-06 13:52:35 ----A---- C:\WINDOWS\winhlp32.exe
2009-09-06 13:52:35 ----A---- C:\WINDOWS\hh.exe
2009-09-06 13:52:35 ----A---- C:\WINDOWS\explorer.exe
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\apphelp.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\alg.exe
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\ahui.exe
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\advpack.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsnt.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsldpc.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\6to4svc.dll
2009-09-06 13:52:33 ----N---- C:\WINDOWS\system32\browser.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\browsewm.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\browseui.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\browselc.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\autolfn.exe
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\at.exe
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\asferror.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\conime.exe
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\compatui.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cmdl32.exe
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cmdial32.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\clusapi.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\ciodm.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cewmdm.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\certcli.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cdm.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-09-06 13:52:31 ----N---- C:\WINDOWS\system32\ctfmon.exe
2009-09-06 13:52:31 ----N---- C:\WINDOWS\system32\cryptsvc.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\dbmsadsn.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\danim.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\cscui.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\cryptui.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\credui.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dinput8.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dinput.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\digest.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dgnet.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgui.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\devmgr.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\defrag.exe
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbmsvinn.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dwwin.exe
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\duser.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dumprep.exe
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dssenh.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dsquery.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dsprop.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\ds32gt.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\docprop2.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-09-06 13:52:28 ----N---- C:\WINDOWS\system32\eventlog.dll
2009-09-06 13:52:28 ----N---- C:\WINDOWS\system32\es.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\framebuf.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\fontview.exe
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\faultrep.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\expsrv.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\eudcedit.exe
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\ersvc.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\els.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\imm32.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\iepeers.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\input.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\imeshare.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\imapi.exe
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\idq.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\icm32.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\hhsetup.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\laprxy.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\kd1394.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ixsso.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\iuengine.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\itss.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\itircl.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipv6.exe
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ippromon.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\inseng.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mscms.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\moricons.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mobsync.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mindex.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\logonui.exe
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\logagent.exe
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\localui.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\lmrt.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-09-06 13:52:24 ----N---- C:\WINDOWS\system32\mshtml.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msdart.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msctf.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msjtes40.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msisam11.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msimg32.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msihnd.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msiexec.exe
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msieftp.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msi.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstime.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstask.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msscp.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrle32.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrating.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mspmsp.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msorcl32.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msnsspc.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msvfw32.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msvcrt.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msvcp60.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msutb.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msuni11.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-09-06 13:52:20 ----N---- C:\WINDOWS\system32\netman.dll
2009-09-06 13:52:20 ----N---- C:\WINDOWS\system32\netlogon.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netplwiz.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netdde.exe
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netcfgx.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\net1.exe
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\net.exe
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\nddenb32.dll
2009-09-06 13:52:19 ----N---- C:\WINDOWS\system32\ntmssvc.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\oakley.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntshrui.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntmarta.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntlanman.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\npptools.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\nlhtml.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\newdev.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\netshell.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\ping.exe
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\pdh.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\pautoenr.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\packager.exe
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\osk.exe
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\opengl32.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\oleprn.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\ole32.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\offfilt.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbctrac.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbccu32.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbccr32.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbccp32.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbcconf.exe
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbcconf.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbcad32.exe
2009-09-06 13:52:18 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2009-09-06 13:52:17 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-09-06 13:52:17 ----A---- C:\WINDOWS\system32\rasmans.dll
2009-09-06 13:52:17 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-06 13:52:17 ----A---- C:\WINDOWS\system32\query.dll
2009-09-06 13:52:17 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-06 13:52:17 ----A---- C:\WINDOWS\system32\psbase.dll
2009-09-06 13:52:17 ----A---- C:\WINDOWS\system32\psapi.dll
2009-09-06 13:52:16 ----N---- C:\WINDOWS\system32\rpcss.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\riched20.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\regapi.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\reg.exe
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\redir.exe
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rdpdd.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rcimlby.exe
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rastls.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rassapi.dll
2009-09-06 13:52:16 ----A---- C:\WINDOWS\system32\rasppp.dll
2009-09-06 13:52:15 ----N---- C:\WINDOWS\system32\schedsvc.dll
2009-09-06 13:52:15 ----N---- C:\WINDOWS\system32\scecli.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\setup.exe
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\sensapi.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\sens.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\secur32.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\sdbinst.exe
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\scesrv.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\sccsccp.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\sccbase.dll
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\runonce.exe
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\rtcshare.exe
2009-09-06 13:52:15 ----A---- C:\WINDOWS\system32\rsaenh.dll
2009-09-06 13:52:14 ----N---- C:\WINDOWS\system32\sfcfiles.dll
2009-09-06 13:52:14 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-09-06 13:52:14 ----A---- C:\WINDOWS\system32\sfc_os.dll
2009-09-06 13:52:13 ----A---- C:\WINDOWS\system32\shgina.dll
2009-09-06 13:52:13 ----A---- C:\WINDOWS\system32\shfolder.dll
2009-09-06 13:52:13 ----A---- C:\WINDOWS\system32\shell32.dll
2009-09-06 13:52:12 ----N---- C:\WINDOWS\system32\shsvcs.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\spider.exe
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\slayerxp.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\skeys.exe
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\sigverif.exe
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\sigtab.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\shmgrate.exe
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-09-06 13:52:12 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-09-06 13:52:11 ----N---- C:\WINDOWS\system32\ssdpsrv.dll
2009-09-06 13:52:11 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-09-06 13:52:11 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-09-06 13:52:11 ----A---- C:\WINDOWS\system32\sti.dll
2009-09-06 13:52:11 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-09-06 13:52:11 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-09-06 13:52:11 ----A---- C:\WINDOWS\system32\srclient.dll
2009-09-06 13:52:10 ----N---- C:\WINDOWS\system32\termsrv.dll
2009-09-06 13:52:10 ----N---- C:\WINDOWS\system32\tapisrv.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\tracert.exe
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\themeui.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\sxs.dll
2009-09-06 13:52:10 ----A---- C:\WINDOWS\system32\strmdll.dll

Salut

Un sacré Nettoyage de Malwrebytes et ComboFix

et maintenant Fais ceci

1. Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc…)

Relance “FindyKill” : au menu principal choisis l’option " F " pour français et tape sur [entrée] .

Au second menu choisis l’option 2 (suppression) et tape sur [entrée]

Le pc va redémarrer automatiquement …

le programme va travailler , ne touche à rien … , ton bureau ne sera pas accessible c est normal !

–> Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

==> Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet “Fichier” , “Nouvelle tâche” , tape explorer.exe et valide

ensuite

2. telecharges Elibagla

Rends toi sur ce site :

==>Elibagla

tout en bas de cette page tu trouveras un outil
à télécharger,clique sur “escargar Elibagla” (le numéro de version change au fur et à mesure des mises à jour)
installe ce fichier sur le bureau.
ensuite double-clic sur Elibagla.exe

laisse la case “eliminar ficheros automaticamente” coché
clique sur"explorar"
laisse-le travailler
poste le rapport final qui s trouve dans c:\infosat.txt

3. Cliques sur ==> Démarrer ==>Poste de Travail ==>Disque local ==> Dossier RSIT tu y trouveras les rapports log.txt et info.txt fais un copié/ collé de ces deux rapports et entier

@+ cricri58

A supprimer
################## | Cracks / Keygens / Serials |

“C:\Documents and Settings\Psyloranger\Bureau\A instaler"WGA_v1.9.9.0_crack.exe”"
30/01/2009 01:00 |Size 2157131 |Crc32 16dc8f54 |Md5 f6d188c7391042fb1ecd29a476f62b63

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]“Nero-9.2.6.0_trial.exe””
07/01/2009 17:13 |Size 400569600 |Crc32 a98c8e4a |Md5 fc4dab4550a9dbfab35514e11af939cc

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]\Keygen"keymaker.exe”"
10/12/2008 00:06 |Size 3548672 |Crc32 6f74bc53 |Md5 3af1caa3206f513a77da611090f40aaf

voici donc le rapport de findykill :

############################# | FindyKill V5.012 |

User : Psyloranger (Administrateurs) # PSYLOPC

Update on 20/09/2009 by Chiquitine29

Start at: 17:21:29 | 25/09/2009

Website : pagesperso-orange.fr…

Processeur Intel Pentium III Xeon

Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

Windows Firewall Status : Enabled

C:\ # Disque fixe local # 29,29 Go (17,73 Go free) [Systéme] # NTFS

D:\ # Disque fixe local # 98,7 Go (75,24 Go free) [Jeux] # NTFS

E:\ # Disque fixe local # 803,52 Go (660,21 Go free) [Médias] # NTFS

F:\ # Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe

################## | C: |

################## | C:\WINDOWS |

Supprimé ! C:\WINDOWS\Prefetch\FLEC006.EXE-28D79223.pf
Supprimé ! C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Supprimé ! C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf

################## | C:\WINDOWS\system32 |

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Psyloranger\Application Data |

Supprimé ! C:\Documents and Settings\Psyloranger\Application Data\drivers\downld
Supprimé ! C:\Documents and Settings\Psyloranger\Application Data\drivers

################## | Références de comparaison Bagle MD5 : |

File : C:\Qoobox\Quarantine\C\Documents and Settings\Psyloranger\Application Data\drivers\winupgro.exe.vir
-> Crc32 : bd46218b | Md5 : 6455b2b45c5bb02440e9db4c252e4711

################## | Autres suppression … |

Supprimé ! “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
-> Size : 856064 | Crc32 : bd46218b | Md5 : 6455b2b45c5bb02440e9db4c252e4711

################## | Temporary Internet Files |

################## | Registre / Clés infectieuses |

Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\key_generator]
Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
Supprimé ! [HKLM\software\microsoft\security center] “AntiVirusDisableNotify”
Supprimé ! [HKLM\software\microsoft\security center] “AntiVirusOverride”
Supprimé ! [HKLM\software\microsoft\security center] “FirewallDisableNotify”
Supprimé ! [HKLM\software\microsoft\security center] “FirewallOverride”
Supprimé ! [HKLM\software\microsoft\security center] “UpdatesDisableNotify”
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] “DisableRegistryTools”

################## | Etat / Services / Informations |

Mode sans echec : OK

Affichage des fichiers cachés : OK

Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )

EapHost -> Start = 2 ( Good = 2 | Bad = 4 )

Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )

SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )

wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )

wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | PEH … |

Corrompu : C:\Program Files\Alwil Software\Avast4\ashAvast.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashChest.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashLogV.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashPopWz.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashQuick.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashServ.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSkPck.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashUpd.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\aswRegSvr.exe
[Offset = 000000D4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\sched.exe
[Offset = 000000FC - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\VisthLic.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\VisthUpd.exe
[Offset = 000000F4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Mozilla Firefox\uninstall\helper.exe
[Offset = 000000E4 - Valeur = 0x0001]

Corrompu : C:\Program Files\MSN\MSNCoreFiles\update.exe
[Offset = 000000DC - Valeur = 0x0001]

Corrompu : C:\WINDOWS$hf_mig$\KB898461\update\update.exe
[Offset = 000000E4 - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000E4 - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB923561\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB946648\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB950762\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB950974\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB951066\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB951376-v2\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB951748\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB951978\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB952004\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB952287\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB952954\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB954459\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB954600\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB955069\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB956572\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB956744\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB956802\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB956803\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB956844\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB957097\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB958644\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB958687\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB959426\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB960225\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB960803\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB960859\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB961371-v2\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB961501\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB967715\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB968537\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB970238\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB971557\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB971633\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB971657\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB971961\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB972260\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB972260-IE8\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB973346\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB973354\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB973507\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB973815\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB973869\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$hf_mig$\KB973874-IE8\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS$NtServicePackUninstall$\sysinfo.exe
[Offset = 000000E4 - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : sysinfo.exe.REN
[Offset = 000000E4 - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\BricoPacks\Vista Inspirat 2\Update.exe
[Offset = 000000DC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : Update.exe.REN
[Offset = 000000DC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\ServicePackFiles\i386\sysinfo.exe
[Offset = 000000E4 - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : sysinfo.exe.REN
[Offset = 000000E4 - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\SoftwareDistribution\Download\0c6c520a2a3f8d3331f95008d058e63f\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\SoftwareDistribution\Download\279d9fce78c4febc4ee18ccd9dac8fc3\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\SoftwareDistribution\Download\bd9c0ba4365eb1bda025a0659531108c\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\SoftwareDistribution\Download\c3587308140154cec843541eb3824fc8\update\update.exe
[Offset = 000000EC - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : update.exe.REN
[Offset = 000000EC - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

Corrompu : C:\WINDOWS\system32\dllcache\register.exe
[Offset = 000000E4 - Valeur = 0x0001]

Tentative de réparation…
Sauvegarde : register.exe.REN
[Offset = 000000E4 - Nouvelle valeur = 0x4C01]
Fichier réparé avec succès.

################## | Cracks / Keygens / Serials |

“C:\Documents and Settings\Psyloranger\Bureau\A instaler"WGA_v1.9.9.0_crack.exe”"
30/01/2009 01:00 |Size 2157131 |Crc32 16dc8f54 |Md5 f6d188c7391042fb1ecd29a476f62b63

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]“Nero-9.2.6.0_trial.exe””
07/01/2009 17:13 |Size 400569600 |Crc32 a98c8e4a |Md5 fc4dab4550a9dbfab35514e11af939cc

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]\Keygen"keymaker.exe”"
10/12/2008 00:06 |Size 3548672 |Crc32 6f74bc53 |Md5 3af1caa3206f513a77da611090f40aaf

################## | ! Fin du rapport # FindyKill V5.012 ! |

pour la dernière étape le logiciel est payant on me demande d’envoyer un SMS pour avoir le code et pouvoir le télécharger et il vraiment nécessaire d’avoir le logiciel si oui je l’installerais de suite merci

Re Serroth

laisses Elibagla

Maintenant fais ceci et lis bien tu me confirmes tout ce que tu as fais

1. Ouvres " Malwarebytes " cliques sur quarantaine
   ==> Selectionnes tout cliques sur tout Supprimer
   si il te demande de redémarrer ==> redémarre ton PC

ensuite

Passe un coup de TuneUp Utilities 2009 que tu as

aprés

2)désactiver Restauration de ton système :

==> sert à supprimer les infections qui se trouvent dans la restauration du système.

en pressant les touches Windows et Pause

ou

==>Cliques sur démarrer.
==>Clic droit sur “Poste de travail” puis choisir “Propriétés”.
==>Sélectionnes l’onglet “Restauration du système”.

et fais ceci
==>Coches “Désactiver la Restauration du système sur tous les lecteurs” ou "Désactiver la Restauration du système" puis appliquer.
==>OK==>Redémarres ton PC

ensuite

3. Puis retournes sur “Poste de travail” , “Propriétés” décoches cette fois "Désactiver la Restauration du système"==>appliquer ==> puis ok.

aprés

4. Création du point de restauration:

==>vas dans le Menu Démarrer puis dans Programmes,
==> Accessoires et enfin dans Outils système,
==>Choisis Restauration du système,
=>Sélectionnes==> Créer un point de restauration,
==>Cliques sur Suivant,
==>Entres un nom pour le point de restauration : ce nom assez simple pour que tu le retrouves
=> Cliques ==>Créer et le point de restauration se créé automatiquement

5)Télécharge Blacklight (de F-Secure)

==>Blacklight (de F-Secure)

et sauvegarde le sur ton Bureau.

Double-clique fsbl.exe et accepte la licence ; laisse [X]scan through Windows Explorer activé ;

clique step1 Scan

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport

6)télécharge GenProc sur ton bureau (GenProc est compatible avec Windows Vista)

Utilisateur Vista ==>Désactives L’UAC

==>GenProc

VISTA: Clic droit sur Hijackthis/exécuter en tant qu’administrateur!

==> www.alt-shift-return.org…

dézippe le dossier, double-clique sur GenProc.bat

réponds " oui" à la fenêtre qui apparait

poste le contenu du rapport qui s’ouvre

Réactives l UAC

dernier

lis bien

7. Cliques sur ==> Démarrer ==>Poste de Travail ==>Disque local ==> Dossier RSIT tu le supprimes ,tu retournes au poste de travail et
   refais ==> RSIT ==>Postes les rapports log.txt et info.txt fais un copié/ collé de ces deux rapports et entier

rappel à supprimer
################## | Cracks / Keygens / Serials |

“C:\Documents and Settings\Psyloranger\Bureau\A instaler"WGA_v1.9.9.0_crack.exe”"
30/01/2009 01:00 |Size 2157131 |Crc32 16dc8f54 |Md5 f6d188c7391042fb1ecd29a476f62b63

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]“Nero-9.2.6.0_trial.exe””
07/01/2009 17:13 |Size 400569600 |Crc32 a98c8e4a |Md5 fc4dab4550a9dbfab35514e11af939cc

“C:\Documents and Settings\Psyloranger\Bureau\A instaler\Nero.9.v9.2.6.0.FR.Incl-Keygen.[emule-island.com]\Keygen"keymaker.exe”"
10/12/2008 00:06 |Size 3548672 |Crc32 6f74bc53 |Md5 3af1caa3206f513a77da611090f40aaf

@+cricri58

Salut

Pour GenProc j ai mis en gras ==>Utilisateur Vista ==>Désactives L’UAC n en tiens pas compte tu as Windows XP j avais un autre topic en tête :neutre:

une fois que tu m auras fais ce qui est marqué au dessus ,confirmé toutes les étapes et postés les rapports et seulement aprés

n oublies pas de confirmer tous les pointsque tu as fait et les rapports

le temps que je regarde tes rapports

tu désinstalles ton Antivirus qui a sûrement pris une claque

Pour ce faire

1. telecharge l Utilitaire de désinstallation d’Avast! : aswClear.exe

==> l Utilitaire de désinstallation d’Avast
fais ceci

==>dans les “Réglages du programme”, section “Dépannage” ? cochez y l´option “Désactiver le module self-defense d’avast!”.

Exécute l’utilitaire aswClear.exe téléchargé

tu réinstalles Avast + mise à jour ou sinon si tu veux tu peux essayer

Avira AntiVir Personal Free 9.0.0.67 Version 9

==>http://www.free-av.com/fr/download/download_servers.php

voila j’ai donc fait ce que tu ma dit a propos de malwarbyte ( quarantaine et tou supprimer puis j’ai redemarrer )
puis j’ai passer un coup de TuneUp Utilities 2009 qui a fait un bon netoyage ensuite j’ai desactiver la restauration de mon systeme et j’ai donc redemarrer mon pc
apres j’ai decocher restauration du systeme et j’ai cree un point de restauration que j’ai nommer serroth j’ai installer sur mon bureau Blacklight (de F-Secure) je l’ai lancer et chois step 1scan il a indiquer 0 item found et a mit un rapport sur le bureau le voici donc :

09/26/09 09:28:23 [Info]: BlackLight Engine 2.2.1092 initialized
09/26/09 09:28:23 [Info]: OS: 5.1 build 2600 (Service Pack 3)
09/26/09 09:28:23 [Note]: 7019 4
09/26/09 09:28:23 [Note]: 7005 0
09/26/09 09:28:26 [Note]: 7006 0
09/26/09 09:28:26 [Note]: 7011 464
09/26/09 09:28:26 [Note]: 7035 0
09/26/09 09:28:26 [Note]: 7026 0
09/26/09 09:28:26 [Note]: 7026 0
09/26/09 09:28:27 [Note]: FSRAW library version 1.7.1024
09/26/09 09:28:56 [Note]: 7007 0

ensuite j’ai telecharger et dézippé puis lancer genproc et donc ensuite appuyer sur oui et un rapport c afficher le voici :

Rapport GenProc 2.629 [1] - 26/09/2009 à 9:31:15
@ Windows XP Service Pack 3 - Mode normal
@ Internet Explorer (8.0.6001.18702) [Navigateur par défaut]

~~ “C:\WINDOWS\sed.exe” a été renommé sed.exe_RenameGenProc ~~
~~ “C:\WINDOWS\grep.exe” a été renommé grep.exe_RenameGenProc ~~

GenProc n’a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

Poste un rapport Nod32 www.eset-nod32.fr… (il faut utiliser Internet Explorer)

• coche toutes les cases à chaque fois, et lorsque c’est terminé, colle le rapport :
  C:\Program Files\EsetOnlineScanner\log.txt

~~~~ INFORMATION COMPLEMENTAIRE ~~~~

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:31:47, on 26/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Psyloranger\Bureau\GenProc\outil\Psyloranger_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.tropal.net…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM…\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [LogitechQuickCamRibbon] “C:\Program Files\Logitech\QuickCam10\QuickCam10.exe” /hide
O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

–
End of file - 4300 bytes

Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com

~~ Fin à 9:33:28 ~~

puis j’ai supprimer le dossier rsit et relance rsit qui etait sur mon bureau et eu les deux rapport suivant :

Run by Psyloranger at 2009-09-26 09:38:33
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 21 GB (70%) free of 30 GB
Total RAM: 3063 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:38:34, on 26/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Psyloranger\Bureau\RSIT.exe
C:\Program Files\trend micro\Psyloranger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.tropal.net…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM…\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM…\Run: [LogitechCommunicationsManager] “C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe”
O4 - HKLM…\Run: [LogitechQuickCamRibbon] “C:\Program Files\Logitech\QuickCam10\QuickCam10.exe” /hide
O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

–
End of file - 4288 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2008-11-07 17421824]
“JMB36X IDE Setup”=C:\WINDOWS\RaidTool\xInsIDE.exe [2008-11-06 36864]
“36X Raid Configurer”=C:\WINDOWS\system32\xRaidSetup.exe [2008-11-06 1970176]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
“DrvIcon”=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2007-07-04 45056]
“LogitechCommunicationsManager”=C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
“LogitechQuickCamRibbon”=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
“LVCOMSX”=C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-25 81000]
“Malwarebytes Anti-Malware (reboot)”=C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\Psyloranger\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDriveAutoRun”=67108863
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“D:\Jeux\Steam\Steam.exe”=“D:\Jeux\Steam\Steam.exe::Enabled:Steam"
“E:\Program Files\BitTorrent\bittorrent.exe”="E:\Program Files\BitTorrent\bittorrent.exe::Enabled:BitTorrent”
“E:\Program Files\eMule\emule.exe”=“E:\Program Files\eMule\emule.exe::Enabled:eMule"
“D:\Jeux\Steam\steamapps\common\prototype\prototypef.exe”="D:\Jeux\Steam\steamapps\common\prototype\prototypef.exe::Enabled:Prototype”
“C:\Program Files\Messenger\msmsgs.exe”=“C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger"
“C:\Program Files\Electronic Arts\EADM\Core.exe”="C:\Program Files\Electronic Arts\EADM\Core.exe::Enabled:EA Download Manager”
“D:\Jeux\Steam\steamapps\common\left 4 dead\left4dead.exe”=“D:\Jeux\Steam\steamapps\common\left 4 dead\left4dead.exe::Enabled:Left 4 Dead"
“D:\Jeux\Steam\steamapps\psyloranger\counter-strike source\hl2.exe”="D:\Jeux\Steam\steamapps\psyloranger\counter-strike source\hl2.exe::Enabled:hl2”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-09-26 09:38:33 ----D---- C:\rsit
2009-09-25 17:21:20 ----A---- C:\FindyKill.txt
2009-09-25 11:14:34 ----D---- C:\Program Files\trend micro
2009-09-25 09:46:12 ----SHD---- C:\RECYCLER
2009-09-25 09:39:15 ----D---- C:\WINDOWS\temp
2009-09-25 09:39:14 ----A---- C:\ComboFix.txt
2009-09-25 09:30:43 ----A---- C:\Boot.bak
2009-09-25 09:30:40 ----RASHD---- C:\cmdcons
2009-09-25 09:30:00 ----A---- C:\WINDOWS\zip.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\SWSC.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\SWREG.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\sed.exe_RenameGenProc20884
2009-09-25 09:30:00 ----A---- C:\WINDOWS\PEV.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\NIRCMD.exe
2009-09-25 09:30:00 ----A---- C:\WINDOWS\grep.exe_RenameGenProc20884
2009-09-25 09:29:56 ----D---- C:\WINDOWS\ERDNT
2009-09-25 09:28:59 ----D---- C:\Qoobox
2009-09-25 08:55:03 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Malwarebytes
2009-09-25 08:54:59 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-09-25 08:54:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-25 08:40:28 ----D---- C:\FindyKill
2009-09-24 20:27:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-09-23 07:54:03 ----D---- C:\WINDOWS\ie8updates
2009-09-23 07:53:46 ----D---- C:\WINDOWS\WBEM
2009-09-23 07:52:49 ----HDC---- C:\WINDOWS\ie8
2009-09-23 07:52:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-20 09:25:55 ----A---- C:\WINDOWS\system32\WgaTray.exe
2009-09-20 09:25:55 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2009-09-20 09:25:55 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2009-09-20 09:25:00 ----N---- C:\WGASetup.exe
2009-09-16 23:11:46 ----HDC---- C:\WINDOWS$NtUninstallKB961118$
2009-09-16 00:14:13 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-16 00:14:10 ----D---- C:\Program Files\MSBuild
2009-09-16 00:14:09 ----D---- C:\WINDOWS\system32\en-US
2009-09-16 00:14:04 ----D---- C:\Program Files\Reference Assemblies
2009-09-16 00:13:50 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-16 00:13:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-16 00:13:50 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-14 19:03:22 ----HDC---- C:\WINDOWS$NtUninstallKB951376-v2$
2009-09-14 19:03:18 ----HDC---- C:\WINDOWS$NtUninstallKB952954$
2009-09-14 19:03:15 ----HDC---- C:\WINDOWS$NtUninstallKB959426$
2009-09-14 19:03:12 ----HDC---- C:\WINDOWS$NtUninstallKB946648$
2009-09-14 19:03:09 ----HDC---- C:\WINDOWS$NtUninstallKB956803$
2009-09-14 19:03:06 ----HDC---- C:\WINDOWS$NtUninstallKB960859$
2009-09-14 19:03:04 ----D---- C:\WINDOWS\system32\KB905474
2009-09-14 19:02:58 ----HDC---- C:\WINDOWS$NtUninstallKB951978$
2009-09-14 19:02:53 ----HDC---- C:\WINDOWS$NtUninstallKB968816_WM9$
2009-09-14 19:02:50 ----HDC---- C:\WINDOWS$NtUninstallKB961371-v2$
2009-09-14 19:02:43 ----HDC---- C:\WINDOWS$NtUninstallKB972260$
2009-09-14 19:02:39 ----HDC---- C:\WINDOWS$NtUninstallKB950974$
2009-09-14 19:02:36 ----HDC---- C:\WINDOWS$NtUninstallKB971657$
2009-09-14 19:02:32 ----HDC---- C:\WINDOWS$NtUninstallKB971557$
2009-09-14 19:02:29 ----HDC---- C:\WINDOWS$NtUninstallKB960225$
2009-09-14 19:02:25 ----HDC---- C:\WINDOWS$NtUninstallKB956744$
2009-09-14 19:02:22 ----HDC---- C:\WINDOWS$NtUninstallKB973346$
2009-09-14 19:02:13 ----HDC---- C:\WINDOWS$NtUninstallKB956572$
2009-09-14 19:02:09 ----HDC---- C:\WINDOWS$NtUninstallKB956844$
2009-09-14 19:02:06 ----HDC---- C:\WINDOWS$NtUninstallKB961501$
2009-09-14 19:02:04 ----HDC---- C:\WINDOWS$NtUninstallKB938464-v2$
2009-09-14 19:02:01 ----HDC---- C:\WINDOWS$NtUninstallKB971633$
2009-09-14 19:01:58 ----HDC---- C:\WINDOWS$NtUninstallKB973869$
2009-09-14 19:01:53 ----HDC---- C:\WINDOWS$NtUninstallKB952004$
2009-09-14 19:01:49 ----HDC---- C:\WINDOWS$NtUninstallKB973507$
2009-09-14 19:01:46 ----HDC---- C:\WINDOWS$NtUninstallKB950762$
2009-09-14 19:01:43 ----HDC---- C:\WINDOWS$NtUninstallKB957097$
2009-09-14 19:01:40 ----HDC---- C:\WINDOWS$NtUninstallKB958687$
2009-09-14 19:01:37 ----HDC---- C:\WINDOWS$NtUninstallKB952287$
2009-09-14 19:01:33 ----HDC---- C:\WINDOWS$NtUninstallKB973354$
2009-09-14 19:01:26 ----HDC---- C:\WINDOWS$NtUninstallKB967715$
2009-09-14 19:01:20 ----HDC---- C:\WINDOWS$NtUninstallKB973540_WM9$
2009-09-14 19:01:17 ----HDC---- C:\WINDOWS$NtUninstallKB951066$
2009-09-14 19:01:13 ----HDC---- C:\WINDOWS$NtUninstallKB954459$
2009-09-14 19:01:09 ----HDC---- C:\WINDOWS$NtUninstallKB952069_WM9$
2009-09-14 19:01:05 ----HDC---- C:\WINDOWS$NtUninstallKB951748$
2009-09-14 19:01:01 ----HDC---- C:\WINDOWS$NtUninstallKB970238$
2009-09-14 19:00:58 ----HDC---- C:\WINDOWS$NtUninstallKB960803$
2009-09-14 19:00:54 ----HDC---- C:\WINDOWS$NtUninstallKB973815$
2009-09-14 19:00:51 ----HDC---- C:\WINDOWS$NtUninstallKB968537$
2009-09-14 19:00:47 ----HDC---- C:\WINDOWS$NtUninstallKB954600$
2009-09-14 19:00:44 ----HDC---- C:\WINDOWS$NtUninstallKB958644$
2009-09-14 19:00:41 ----HDC---- C:\WINDOWS$NtUninstallKB955069$
2009-09-14 19:00:37 ----HDC---- C:\WINDOWS$NtUninstallKB956802$
2009-09-14 19:00:35 ----D---- C:\Program Files\MSXML 4.0
2009-09-14 19:00:26 ----HDC---- C:\WINDOWS$NtUninstallKB923561$
2009-09-14 19:00:23 ----HDC---- C:\WINDOWS$NtUninstallKB971961$
2009-09-14 19:00:16 ----HDC---- C:\WINDOWS$NtUninstallKB970653-v3$
2009-09-13 11:56:57 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-09-13 11:56:56 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-09-13 01:20:15 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-13 01:20:13 ----HDC---- C:\WINDOWS$NtUninstallKB898461$
2009-09-13 01:20:13 ----HD---- C:\WINDOWS$hf_mig$
2009-09-11 20:21:44 ----D---- C:\ProgramData
2009-09-11 20:21:44 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2009-09-11 20:21:06 ----D---- C:\Program Files\Electronic Arts
2009-09-11 20:20:32 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2009-09-11 20:20:30 ----D---- C:\Program Files\Microsoft WSE
2009-09-08 17:43:39 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-08 17:42:41 ----D---- C:\Documents and Settings\Psyloranger\Application Data\MSN6
2009-09-08 17:42:41 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2009-09-07 19:19:26 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-09-07 19:19:25 ----D---- C:\Program Files\Fichiers communs\Nero
2009-09-07 16:33:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-09-07 16:33:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-09-07 16:33:33 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-09-07 16:33:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-09-07 16:33:31 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-09-07 16:33:30 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-09-07 16:33:29 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-09-07 16:33:29 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-09-07 16:33:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-09-07 16:33:28 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-09-07 16:33:27 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-09-07 16:33:27 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-09-07 16:33:27 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-09-07 16:33:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-09-07 16:33:26 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-09-07 16:33:26 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-09-07 16:33:25 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-09-07 16:33:24 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-07 16:33:24 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-09-07 16:33:24 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-09-07 16:33:23 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-07 16:33:23 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-07 16:33:23 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-07 16:33:21 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-07 16:33:21 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-07 16:33:20 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-07 16:33:19 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-07 16:33:14 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-07 16:33:13 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-07 16:33:12 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-07 16:33:12 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-07 16:33:12 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-07 16:33:11 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-07 16:33:03 ----D---- C:\WINDOWS\Logs
2009-09-07 13:53:27 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-09-07 13:53:18 ----D---- C:\Program Files\Logitech
2009-09-07 13:53:18 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2009-09-07 13:50:17 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2009-09-07 13:50:16 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2009-09-07 13:50:16 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2009-09-07 13:50:15 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2009-09-07 13:50:13 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-09-07 11:33:30 ----D---- C:\Program Files\Vista Drive Icon
2009-09-07 11:26:04 ----D---- C:\Documents and Settings\Psyloranger\Application Data\BitTorrent
2009-09-07 01:04:14 ----D---- C:\Documents and Settings\Psyloranger\Application Data\OpenOffice.org
2009-09-07 01:02:47 ----D---- C:\Program Files\OpenOffice.org 3
2009-09-06 20:55:42 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Macromedia
2009-09-06 20:50:44 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Adobe
2009-09-06 19:44:43 ----D---- C:\Program Files\Lavalys
2009-09-06 19:42:51 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-09-06 19:42:06 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-09-06 19:42:06 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-09-06 19:41:48 ----D---- C:\WINDOWS\BricoPacks
2009-09-06 19:40:04 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-06 19:39:58 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-06 19:39:58 ----D---- C:\Program Files\Adobe
2009-09-06 19:33:33 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-09-06 19:33:29 ----D---- C:\Documents and Settings\Psyloranger\Application Data\TuneUp Software
2009-09-06 19:33:18 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-09-06 19:33:18 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-09-06 19:32:48 ----SHD---- C:\Documents and Settings\All Users\Application Data{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-06 19:31:36 ----D---- C:\WINDOWS\system32\Lang
2009-09-06 19:27:00 ----R---- C:\WINDOWS\system32\xRaidAPI.dll
2009-09-06 19:26:59 ----R---- C:\WINDOWS\system32\xRaidSetup.exe
2009-09-06 19:26:59 ----D---- C:\RaidTool
2009-09-06 19:26:32 ----D---- C:\WINDOWS\RaidTool
2009-09-06 19:25:00 ----RA---- C:\WINDOWS\system32\RtNicProp32.dll
2009-09-06 19:24:51 ----D---- C:\WINDOWS\OPTIONS
2009-09-06 19:24:46 ----D---- C:\Documents and Settings\Psyloranger\Application Data\InstallShield
2009-09-06 19:24:17 ----D---- C:\WINDOWS\system32\RTCOM
2009-09-06 19:24:12 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-09-06 19:24:11 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-09-06 19:24:11 ----A---- C:\WINDOWS\SkyTel.exe
2009-09-06 19:24:11 ----A---- C:\WINDOWS\RtlUpd.exe
2009-09-06 19:24:08 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-09-06 19:24:02 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-09-06 19:24:00 ----A---- C:\WINDOWS\MicCal.exe
2009-09-06 19:23:56 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-09-06 19:23:56 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-09-06 19:23:54 ----D---- C:\Program Files\Realtek
2009-09-06 19:23:48 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-09-06 19:19:12 ----D---- C:\Program Files\Satsuki Decoder Pack
2009-09-06 19:17:27 ----D---- C:\Documents and Settings\Psyloranger\Application Data\foobar2000
2009-09-06 19:16:19 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Media Player Classic
2009-09-06 19:16:14 ----D---- C:\Documents and Settings\Psyloranger\Application Data\WinRAR
2009-09-06 19:06:20 ----D---- C:\Documents and Settings\Psyloranger\Application Data\Mozilla
2009-09-06 15:26:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-06 15:26:35 ----RSD---- C:\WINDOWS\Fonts
2009-09-06 15:26:35 ----RD---- C:\WINDOWS\Web
2009-09-06 15:26:35 ----HD---- C:\WINDOWS\system32\drivers
2009-09-06 15:26:35 ----HD---- C:\WINDOWS\inf
2009-09-06 15:26:35 ----D---- C:\WINDOWS\WinSxS
2009-09-06 15:26:35 ----D---- C:\WINDOWS\twain_32
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\wins
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\wbem
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\usmt
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\spool
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\Setup
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\ras
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\oobe
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\npp
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\mui
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\IME
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\icsxml
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\ias
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\export
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\dhcp
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\config
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\3076
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\2052
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1054
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1042
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1041
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1037
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1036
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1033
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1031
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1028
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32\1025
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system32
2009-09-06 15:26:35 ----D---- C:\WINDOWS\system
2009-09-06 15:26:35 ----D---- C:\WINDOWS\security
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Resources
2009-09-06 15:26:35 ----D---- C:\WINDOWS\repair
2009-09-06 15:26:35 ----D---- C:\WINDOWS\mui
2009-09-06 15:26:35 ----D---- C:\WINDOWS\msapps
2009-09-06 15:26:35 ----D---- C:\WINDOWS\msagent
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Media
2009-09-06 15:26:35 ----D---- C:\WINDOWS\java
2009-09-06 15:26:35 ----D---- C:\WINDOWS\ime
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Help
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Driver Cache
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Debug
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Cursors
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Connection Wizard
2009-09-06 15:26:35 ----D---- C:\WINDOWS\Config
2009-09-06 15:26:35 ----D---- C:\WINDOWS\AppPatch
2009-09-06 15:26:35 ----D---- C:\WINDOWS\addins
2009-09-06 15:26:35 ----D---- C:\WINDOWS
2009-09-06 14:59:02 ----D---- C:\Program Files\WinRAR
2009-09-06 14:58:45 ----D---- C:\Program Files\Mozilla Firefox
2009-09-06 14:57:42 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2009-09-06 14:57:42 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-09-06 14:57:42 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-09-06 14:57:40 ----D---- C:\Program Files\Alwil Software
2009-09-06 14:46:16 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-06 14:46:13 ----D---- C:\WINDOWS\Prefetch
2009-09-06 14:40:55 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-09-06 14:40:55 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmspdmoe.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmspdmod.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmpasf.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmp.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmidx.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\wmerror.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2009-09-06 14:40:53 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdukx.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdno1.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdinben.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\httpapi.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fwcfg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fsquirt.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fltmc.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\fltlib.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\credssp.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\btpanui.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bthserv.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bthci.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\blastcln.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\azroles.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\auditusr.exe
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-09-06 14:40:52 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\xpob2res.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\w3ssl.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\twext.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\strmfilt.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\smbinst.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slserv.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slgen.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\setupn.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qutil.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\qagent.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\powercfg.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2psvc.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\p2p.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\onex.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\napstat.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mssha.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\msdadiag.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-09-06 14:40:51 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-09-06 14:40:51 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\xmlprov.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wshbth.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wscsvc.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wscntfy.exe
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\winshfhc.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-09-06 14:40:50 ----N---- C:\WINDOWS\slrundll.exe
2009-09-06 14:40:50 ----D---- C:\WINDOWS\system32\fr-fr
2009-09-06 14:40:50 ----D---- C:\WINDOWS\system32\fr
2009-09-06 14:40:50 ----D---- C:\WINDOWS\system32\bits
2009-09-06 14:40:50 ----D---- C:\WINDOWS\provisioning
2009-09-06 14:40:50 ----D---- C:\WINDOWS\peernet
2009-09-06 14:40:50 ----D---- C:\WINDOWS\l2schemas
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wups.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-09-06 14:40:50 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-09-06 14:39:59 ----D---- C:\WINDOWS\network diagnostic
2009-09-06 14:39:46 ----A---- C:\WINDOWS\002791_.tmp
2009-09-06 14:39:39 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-09-06 14:39:13 ----HDC---- C:\WINDOWS$NtServicePackUninstall$
2009-09-06 14:36:57 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-06 14:31:03 ----A---- C:\WINDOWS\imsins.BAK
2009-09-06 14:31:00 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-06 14:31:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-06 14:31:00 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-06 14:30:58 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-06 14:30:57 ----RD---- C:\Program Files
2009-09-06 14:30:57 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-06 14:30:57 ----D---- C:\Program Files\Fichiers communs
2009-09-06 14:30:55 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-06 14:30:55 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-06 14:30:55 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-06 14:30:53 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-06 14:30:51 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-06 14:30:50 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-06 14:30:48 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-06 14:30:46 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-06 14:30:43 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-09-06 14:30:43 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-06 14:30:43 ----A---- C:\WINDOWS\notepad.exe
2009-09-06 14:30:38 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-06 14:30:36 ----RA---- C:\WINDOWS\SET7.tmp
2009-09-06 14:30:34 ----RA---- C:\WINDOWS\SET3.tmp
2009-09-06 14:30:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-06 14:30:30 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-06 14:30:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-06 14:30:15 ----A---- C:\WINDOWS\setuplog.txt
2009-09-06 14:30:13 ----D---- C:\Documents and Settings
2009-09-06 14:22:59 ----D---- C:\Documents and Settings\Psyloranger\Application Data\ATI
2009-09-06 14:22:59 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-06 14:08:00 ----D---- C:\Program Files\Fichiers communs\ATI Technologies
2009-09-06 14:07:51 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\qedwipes.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\qedit.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\qasf.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\msvidctl.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\msdmo.dll
2009-09-06 14:07:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\quartz.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\qdvd.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\qdv.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\qcap.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\encapi.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dxdiag.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dx8vb.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dx7vb.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dswave.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsound3d.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsound.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dsdmo.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvvox.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvoice.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpvacm.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnet.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dplayx.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmusic.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmsynth.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmstyle.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmscript.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmloader.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmime.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmcompos.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\dmband.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\devenum.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\ddrawex.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\ddraw.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3dim700.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\d3d8.dll
2009-09-06 14:07:38 ----A---- C:\WINDOWS\system32\amstream.dll
2009-09-06 14:06:37 ----RSD---- C:\WINDOWS\assembly
2009-09-06 14:06:27 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-06 14:06:07 ----HDC---- C:\WINDOWS$MSI31Uninstall_KB893803v2$
2009-09-06 14:05:32 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-09-06 14:05:31 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-06 14:05:28 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-06 14:05:13 ----D---- C:\Program Files\ATI Technologies
2009-09-06 14:05:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-06 14:04:34 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-09-06 13:59:48 ----SD---- C:\WINDOWS\system32\Microsoft
2009-09-06 13:59:24 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-06 13:59:24 ----A---- C:\WINDOWS\system32\hccoin.dll
2009-09-06 13:59:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-06 13:59:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-06 13:59:05 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-06 13:59:05 ----D---- C:\Program Files\Intel
2009-09-06 13:58:35 ----D---- C:\Intel
2009-09-06 13:57:19 ----A---- C:\WINDOWS\Language_trs.ini
2009-09-06 13:56:28 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-09-06 13:53:14 ----A---- C:\WINDOWS\system32\dpcdll.dll
2009-09-06 13:52:51 ----N---- C:\WINDOWS\system32\spiisupd.exe
2009-09-06 13:52:51 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2009-09-06 13:52:51 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-06 13:52:51 ----D---- C:\WINDOWS\ehome
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\encdec.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\dsprpres.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\ati3d2ag.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-09-06 13:52:50 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\wmvcore2.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\winbrand.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\sbeio.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\sbe.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\mssap.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\msftedit.dll
2009-09-06 13:52:49 ----N---- C:\WINDOWS\system32\appmgmts.dll
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\gpresult.exe
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\fdeploy.dll
2009-09-06 13:52:49 ----A---- C:\WINDOWS\system32\appmgr.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\wsecedit.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tracerpt.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\schtasks.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\rsnotify.exe
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\nwwks.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqutil.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqtrig.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqsnap.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqsec.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqrt.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqqm.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqise.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\mqad.dll
2009-09-06 13:52:48 ----A---- C:\WINDOWS\system32\gptext.dll
2009-09-06 13:52:35 ----A---- C:\WINDOWS\winhlp32.exe
2009-09-06 13:52:35 ----A---- C:\WINDOWS\hh.exe
2009-09-06 13:52:35 ----A---- C:\WINDOWS\explorer.exe
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\apphelp.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\alg.exe
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\ahui.exe
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\advpack.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsnt.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsldpc.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-09-06 13:52:34 ----A---- C:\WINDOWS\system32\6to4svc.dll
2009-09-06 13:52:33 ----N---- C:\WINDOWS\system32\browser.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\browsewm.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\browseui.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\browselc.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\autolfn.exe
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\audiosrv.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\at.exe
2009-09-06 13:52:33 ----A---- C:\WINDOWS\system32\asferror.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\conime.exe
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\compatui.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cmdl32.exe
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cmdial32.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\clusapi.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\ciodm.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cewmdm.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\certcli.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\cdm.dll
2009-09-06 13:52:32 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-09-06 13:52:31 ----N---- C:\WINDOWS\system32\ctfmon.exe
2009-09-06 13:52:31 ----N---- C:\WINDOWS\system32\cryptsvc.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\dbmsadsn.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\danim.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\cscui.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\cryptui.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-09-06 13:52:31 ----A---- C:\WINDOWS\system32\credui.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dinput8.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dinput.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\digest.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dgnet.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgui.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\devmgr.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\defrag.exe
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbmsvinn.dll
2009-09-06 13:52:30 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dwwin.exe
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\duser.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dumprep.exe
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dssenh.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dsquery.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dsprop.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\ds32gt.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\docprop2.dll
2009-09-06 13:52:29 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-09-06 13:52:28 ----N---- C:\WINDOWS\system32\eventlog.dll
2009-09-06 13:52:28 ----N---- C:\WINDOWS\system32\es.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\framebuf.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\fontview.exe
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\faultrep.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\expsrv.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\eudcedit.exe
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\ersvc.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\els.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-09-06 13:52:28 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\imm32.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\iepeers.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-09-06 13:52:27 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\input.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\imeshare.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\imapi.exe
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\idq.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\icm32.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-09-06 13:52:27 ----A---- C:\WINDOWS\system32\hhsetup.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\laprxy.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\kd1394.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ixsso.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\iuengine.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\itss.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\itircl.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipv6.exe
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ippromon.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-09-06 13:52:26 ----A---- C:\WINDOWS\system32\inseng.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mscms.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\moricons.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mobsync.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\mindex.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\logonui.exe
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\logagent.exe
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\localui.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\lmrt.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-09-06 13:52:25 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-09-06 13:52:24 ----N---- C:\WINDOWS\system32\mshtml.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msdart.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-09-06 13:52:24 ----A---- C:\WINDOWS\system32\msctf.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msjtes40.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msisam11.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msimg32.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msihnd.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msiexec.exe
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msieftp.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\msi.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-09-06 13:52:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstime.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mstask.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msscp.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrle32.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msrating.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mspmsp.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msorcl32.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msnsspc.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-09-06 13:52:22 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msvfw32.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msvcrt.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msvcp60.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msutb.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\msuni11.dll
2009-09-06 13:52:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-09-06 13:52:20 ----N---- C:\WINDOWS\system32\netman.dll
2009-09-06 13:52:20 ----N---- C:\WINDOWS\system32\netlogon.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netplwiz.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netdde.exe
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netcfgx.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\net1.exe
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\net.exe
2009-09-06 13:52:20 ----A---- C:\WINDOWS\system32\nddenb32.dll
2009-09-06 13:52:19 ----N---- C:\WINDOWS\system32\ntmssvc.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\oakley.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntshrui.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2009-09-06 13:52:19 ----A---- C:\WINDOWS\sys

un grand merci j’ai suivi les etape et donc reinstaller avast et maintenent il marche plus de probleme j’ai fait les mise a jour c’est parfait
plus de trace du virus ^^
c’etait un gros travaille tu tes vraiment pencher sur le sujet en me donnant des information net et precise a l’avance je ferait beaucoups plus attantion
encore merci @+

Salut

Pas fini

Log RSIT incomplet mais bon !!

Fais ceci

1. Lances Hijackthis

Cliques sur ==> Do a System Scan Only

coches ces Lignes
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [LVCOMSX] “C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

Fermes tes autres applications sauf ==> hijackthis ( bien sûr )

et Cliques sur ==> Fix Checked

aprés

2. telecharge the killbox

==> the killbox

.Double clic sur killbox.exe (Pocket Killbox)

• Dans “Full Path of File to Delete”
  copie et colle:

C:\WINDOWS\PEV.exe

• clique sur la croix rouge
• une fenêtre va apparaître pour confirmation de suppression clique sur YES

3. Désactive ton Antivirus avant l analyse et fermes toutes tes autres applications ouvertes

rends toi ici ==>ESET Online Scanner

==> www.eset-nod32.fr…

Uniquement avec " Explorer" et pas un autre Navigateur

Dans le bas de la page tu cliques ==> sur Scanner en ligne

Dans la nouvelle page, coche la case devant OUI,

j’accepte les termes du contrat de licence et clique sur Start pour débuter.

Dans la nouvelle page ==> assez longue a charger

tu auras une alerte pour la barre d’information, clique sur Fermer.

Maintenant fais un clic droit dans la barre d’information en jaune dans le haut de la page,

et clique sur Installer le contrôle ActiveX

Une boite d’information va s’ouvrir, clique sur Installer

Dans la fenêtre

coches

Supprimer les menaces detectées

Analyser les archives

en bas dela page à droite cliques sur Démarrer

le téléchargement de la base des signatures de virus va commencer.

Après le scan de ton PC va démarrer, patiente le temps du scan.

Une fois le scan fini, Coches la case ==> Désinstaller l application à la Fermeture puis ==>cliques sur Terminer et ferme la page.

Ouvrir l’explorateur Windows et retrouver le rapport qui est dans ce répertoire :

C:\Program Files\ESET\ESET Online Scanner\log.txt

Copie/colle le contenue de ce rapport log.txt

4. Passe un coup de TuneUp Utilities 2009

Poste un nouveau log hijackthis

bonjour désoler d’avoir été aussi long j’ai du télécharger hijackthis puis je l’ai lancer et supprimer le fichier que tu ma mentionner puis j’ai télécharger killbox et quand j’ai mis C:\WINDOWS\PEV.exe il ma dit qu’il existait pas et je suis aller sur ==> www.eset-nod32.fr… avec internet explorer et sa marche pas la page bloque après que j’ai accepter la license en attende de tes réponse merci

Salut

Pour ESET Online Scanner tu fermes tes autres applications tu deactives ton Antivirus et installes le contrôle ActiveX

sinon

Toujours avec Explorer essayes ici

Bitdefender Online scanner -->Uniquement avec–> Explorer pas un autre Navigateur

–>Bitdefender Online scanner

–> fermes tes autres applications et désactives ton Anivirus Temporairement

En bas, à gauche de la fenêtre, cliquez sur ->Analyse en Ligne

Dans la fenêtre suivante, cliquez sur -> J’accepte

acceptez l’installation du “Contrôle ActiveX”

–> Une petite fenêtre s’ouvre, cliquez sur -> Installer
–> La fenêtre change encore, cliquez sur -> Démarrez l’analyse
–>Les signatures se chargent et BitDefender SCAN ONLINE démarre l’analyse
Une fois le scan terminé, dans cette fenêtre cliquez sur -> Cliquer pour exporter le rapport d’analyse
–> Choisir le -> Bureau (sur la gauche)

–> En > Type : choisir -> fichier HTML (*.html)
–> Cliques sur -> Enregistrer

N oublies pas de réactiver Ton Antivirus

ensuite une fois le ou le rapport posté

Passe un coup de TuneUp Utilities 2009

Poste un log Hijackthis

@+ cricri58