L'autorun ne se lance pas lors de l'insertion d'un CD/DVD ou clef USB

algerienman_1_1 · Janvier 17, 2009, 9:15

Re, dsl le scan a mis du temps il avait en efet detectés 7 malware voici le rapport

Malwarebytes’ Anti-Malware 1.33
Version de la base de données: 1662
Windows 5.1.2600 Service Pack 3

17/01/2009 21:11:46
mbam-log-2009-01-17 (21-11-41).txt

Type de recherche: Examen complet (C:|D:|E:|)
Eléments examinés: 282518
Temps écoulé: 1 hour(s), 53 minute(s), 30 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
E:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> No action taken.
E:\WINDOWS\system32\AntiWPA.dll (Malware.Tool) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\antiwpa (Trojan.I.Stole.Windows) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
E:\WINDOWS\system32\AntiWPA.dll (Trojan.I.Stole.Windows) -> No action taken.
E:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> No action taken.

goldorak59 · Janvier 17, 2009, 11:43

Re,

Ouvre Malwarebyte,

Clic sur l’onglet Quarantaine,

Supprime tout ce que la quarantaine contient,

Si il te propose de redémarrer ton PC =>Accepte

Si il ne te le propose pas =>Redémarre normalement ton PC

Poste le rapport suite à la suppression sur le forum.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Télécharge random’s system information tool (RSIT) et enregistre le sur ton bureau.

==>Double clique sur RSIT.exe pour lancer l’outil.

==>Clique sur ’ continue ’ à l’écran Disclaimer

==>Si l’outil HIjackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur,RSIT le téléchargera et tu devras accepter la licence

Une fois le scan fini ,2 rapports vont apparaitre.Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

algerienman_1_1 · Janvier 18, 2009, 12:57

info.txt logfile of random’s system information tool 1.05 2009-01-18 00:54:34

======Uninstall list======

–>MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
7-Zip 4.62–>“E:\Program Files\7-Zip\Uninstall.exe”
ACDSee Photo Manager 2009–>MsiExec.exe /I{300578F9-9EFF-4B93-9AB1-C0E5707EF463}
Adobe Flash Player 10 ActiveX–>E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>E:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Ai Booster–>RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “E:\Program Files\InstallShield Installation Information{74BF0A46-DF67-4D86-B038-BF0E51871B66}\Setup.exe” -l0x9
AIDA32 v3.93–>“E:\Program Files\AIDA32 - Personal System Information\unins000.exe”
Call of Duty® 4 - Modern Warfare™ 1.6 Patch–>E:\Program Files\InstallShield Installation Information{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare™ 1.7 Patch–>E:\Program Files\InstallShield Installation Information{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare™–>E:\Program Files\InstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)–>“E:\Program Files\CCleaner\uninst.exe”
Compatibility Pack for the 2007 Office system–>MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Far Cry 2–>“E:\Program Files\InstallShield Installation Information{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe” -runfromtemp -l0x040c -removeonly
Foxit Reader–>MsiExec.exe /I{6EF953B4-DB16-4E59-87CF-B61783DE6988}
HijackThis 2.0.2–>“D:\telechargements\Logiciels\HijackThis.exe” /uninstall
Java™ 6 Update 11–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kaspersky Anti-Virus 2009–>MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009–>MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
K-Lite Codec Pack 4.3.8 (Full) BETA–>“E:\Program Files\K-Lite Codec Pack\unins000.exe”
Ma-Config.com–>MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes’ Anti-Malware–>“E:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Microsoft .NET Framework 1.1 French Language Pack–>MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1–>msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1–>MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA–>MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA–>MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1–>MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5–>E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5–>MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Office Professional Edition 2003–>MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)–>“E:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923789)–>E:\WINDOWS\system32\MacroMed\Flash\genuinst.exe E:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB958687)–>“E:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Mozilla Firefox (3.0.5)–>E:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NETGEAR WPN311 Wireless Adapter–>E:\Program Files\InstallShield Installation Information{AB938897-211A-4999-9749-236D2E8E464A}\setup.exe -runfromtemp -l0x0409
Notepad+±->E:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers–>E:\WINDOWS\system32\nvuide.exe UninstallGUI
NVIDIA PhysX v8.10.13–>MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)–>E:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u E:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
Pixelfusion WMP Plugin 1.60–>“E:\Program Files\QO Labs\Pixelfusion WMP Plugin\unins000.exe”
Pro Evolution Soccer 2009–>MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
PunkBuster Services–>E:\WINDOWS\system32\pbsvc.exe -u
QT Lite 2.7.0–>“E:\Program Files\QT Lite\unins000.exe”
Real Alternative 1.9.0 Lite–>“E:\Program Files\Real Alternative\unins000.exe”
Realtek AC’97 Audio–>RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “E:\Program Files\InstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe” -l0x40c -removeonly
Resident Evil 4 1.10–>“E:\Program Files\Capcom\Resident Evil 4\unins000.exe”
R-Studio 4.2–>E:\Program Files\R-Studio\Uninstall.exe
Serious Samurize–>“E:\Program Files\Samurize\Uninstall.exe”
System Requirements Lab–>E:\Program Files\SystemRequirementsLab\Uninstall.exe
TD74 USB2.0 PC Camera–>RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “E:\Program Files\InstallShield Installation Information{36820BCA-FC55-452E-9085-6E6F1F55508D}\Setup.exe” -l0x9
TVAnts 1.0–>E:\PROGRA~1\TVAnts\UNWISE.EXE E:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.4.1.0–>E:\Program Files\TVUPlayer\uninst.exe
UsbFix–>E:\Program Files\UsbFix\Uninstal.exe
Windows Live Messenger–>MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
XML Paper Specification Shared Components Language Pack 1.0–>“E:\WINDOWS$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe”

======Security center information======

AV: Kaspersky Anti-Virus

System event log

Computer Name: MACHINENAME
Event Code: 2
Message: Device identified.

Record Number: 5
Source Name: nvatabus
Time Written: 20090117041826.000000+060
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Device identified.

Record Number: 4
Source Name: nvatabus
Time Written: 20090117041826.000000+060
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Device identified.

Record Number: 3
Source Name: nvatabus
Time Written: 20090117041826.000000+060
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Le service d’Enregistrement d’événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090117041807.000000+060
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090117041807.000000+060
Event Type: Informations
User:

Application event log

Computer Name: NASRI-185C4F45D
Event Code: 1000
Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés.
Les données d’enregistrement contiennent les nouvelles valeurs d’index
assignées à ce service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090117032241.000000+060
Event Type: Informations
User:

Computer Name: NASRI-185C4F45D
Event Code: 1000
Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés.
Les données d’enregistrement contiennent les nouvelles valeurs d’index
assignées à ce service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090117032240.000000+060
Event Type: Informations
User:

Computer Name: NASRI-185C4F45D
Event Code: 1000
Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés.
Les données d’enregistrement contiennent les nouvelles valeurs d’index
assignées à ce service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090117032205.000000+060
Event Type: Informations
User:

Computer Name: NASRI-185C4F45D
Event Code: 1000
Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés.
Les données d’enregistrement contiennent les nouvelles valeurs d’index
assignées à ce service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090117032203.000000+060
Event Type: Informations
User:

Computer Name: NASRI-185C4F45D
Event Code: 1000
Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés.
Les données d’enregistrement contiennent les nouvelles valeurs d’index
assignées à ce service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090117032202.000000+060
Event Type: Informations
User:

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=15
“PROCESSOR_IDENTIFIER”=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
“PROCESSOR_REVISION”=6b01
“NUMBER_OF_PROCESSORS”=2
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“SamDir”=SINSTDIR

-----------------EOF-----------------

Logfile of random's system information tool 1.05 (written by random/random) Run by Sofiane at 2009-01-18 00:54:30 Microsoft Windows XP Professionnel Service Pack 3 System drive E: has 450 GB (94%) free of 477 GB Total RAM: 2046 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:54:32, on 18/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\acs.exe
E:\WINDOWS\system32\userinit.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\VMSnap23.exe
E:\WINDOWS\Domino.exe
E:\Program Files\ASUS\Ai Booster\OverClk.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\NETGEAR\WPN311\wlancfg5.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Documents and Settings\Sofiane\Mes documents\RSIT.exe
D:\telechargements\Logiciels\Sofiane.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [AVP] “E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [BigDogPath323VMSnap] E:\WINDOWS\VMSnap23.exe
O4 - HKLM…\Run: [BigDogPath323Domino] E:\WINDOWS\Domino.exe
O4 - HKLM…\Run: [Launch Ai Booster] “E:\Program Files\ASUS\Ai Booster\OverClk.exe”
O4 - HKCU…\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-20…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS.DEFAULT…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = E:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE…
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {05CA9FB0-3E3E-4b36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - www.nvidia.com…
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com…
O16 - DPF: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (MUWebControl Class) - update.microsoft.com…
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - www.nvidia.com…
O17 - HKLM\System\CCS\Services\Tcpip…{8EC7B328-D752-4FC8-A951-A441FF0DC9F3}: NameServer = 212.27.54.252,212.27.53.252
O20 - AppInit_DLLs: E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - E:\WINDOWS\system32\acs.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe

–
End of file - 6506 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - E:\Program Files\Java\jre6\bin\ssv.dll [2009-01-17 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-17 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“AVP”=E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-11-11 206088]
“NvCplDaemon”=E:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
“nwiz”=nwiz.exe /install []
“NvMediaCenter”=E:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
“SoundMan”=E:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
“BigDogPath323VMSnap”=E:\WINDOWS\VMSnap23.exe [2006-09-19 212992]
“BigDogPath323Domino”=E:\WINDOWS\Domino.exe [2006-06-28 49152]
“Launch Ai Booster”=E:\Program Files\ASUS\Ai Booster\OverClk.exe [2005-06-16 3627520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NETGEAR WPN311 Smart Wizard.lnk - E:\Program Files\NETGEAR\WPN311\wlancfg5.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=“E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
E:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
E:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\wpdshserviceobj.dll [2008-10-01 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=255
“ForceClassicControlPanel”=1
“NoResolveTrack”=1
“NoResolveSearch”=1
“NoStartMenuPinnedList”=1
“NoSMConfigurePrograms”=1
“NoDriveAutoRun”=00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“E:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“E:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“E:\Program Files\Windows Live\Messenger\livecall.exe”="E:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)”
“E:\Program Files\ma-config.com\maconfservice.exe”=“E:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice”
“E:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe”=“E:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe::Enabled:Pro Evolution Soccer 2009"
“E:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe”="E:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe::Enabled:Far Cry 2”
“E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe”=“E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe::Enabled:Far Cry 2 Updater"
“E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe”="E:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe::Enabled:Editeur”
“E:\WINDOWS\system32\PnkBstrA.exe”=“E:\WINDOWS\system32\PnkBstrA.exe::Enabled:PnkBstrA"
“E:\WINDOWS\system32\PnkBstrB.exe”="E:\WINDOWS\system32\PnkBstrB.exe::Enabled:PnkBstrB”
“E:\Documents and Settings\Sofiane\Mes documents\PortChkPES2009EUPC_103\PortChkPES2009EUPC.exe”=“E:\Documents and Settings\Sofiane\Mes documents\PortChkPES2009EUPC_103\PortChkPES2009EUPC.exe::Enabled:Port Checker"
“E:\Program Files\TVUPlayer\TVUPlayer.exe”="E:\Program Files\TVUPlayer\TVUPlayer.exe::Enabled:TVUPlayer Component”
“E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe”="E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“E:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“E:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger"
“E:\Program Files\Windows Live\Messenger\livecall.exe”="E:\Program Files\Windows Live\Messenger\livecall.exe::Enabled:Windows Live Messenger (Phone)”

======List of files/folders created in the last 1 months======

2009-01-18 00:54:30 ----D---- E:\rsit
2009-01-17 23:51:24 ----D---- E:\WINDOWS\Minidump
2009-01-17 22:46:35 ----SHD---- E:\WINDOWS\ftpcache
2009-01-17 22:43:32 ----A---- E:\WINDOWS\game.ini
2009-01-17 22:30:14 ----D---- E:\Program Files\Activision
2009-01-17 21:18:42 ----D---- E:\Documents and Settings\All Users\Application Data\TVU Networks
2009-01-17 21:18:03 ----D---- E:\Program Files\TVUPlayer
2009-01-17 21:17:14 ----D---- E:\Program Files\TVAnts
2009-01-17 18:41:56 ----D---- E:\Documents and Settings\Sofiane\Application Data\Malwarebytes
2009-01-17 18:41:52 ----D---- E:\Program Files\Malwarebytes’ Anti-Malware
2009-01-17 18:41:52 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-17 18:26:44 ----A---- E:\TB.txt
2009-01-17 18:26:29 ----D---- E:\ToolBar SD
2009-01-17 18:10:24 ----A---- E:\WINDOWS\system32\tmp.txt
2009-01-17 18:10:16 ----A---- E:\rapport.txt
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\WS2Fix.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\VCCLSID.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\VACFix.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\swxcacls.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\swsc.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\swreg.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\SrchSTS.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\Process.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\IEDFix.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\dumphive.exe
2009-01-17 18:09:50 ----A---- E:\WINDOWS\system32\404Fix.exe
2009-01-17 18:04:05 ----HD---- E:\WINDOWS\system32\GroupPolicy
2009-01-17 17:25:22 ----HD---- E:\autorun.inf
2009-01-17 17:24:12 ----A---- E:\UsbFix.txt
2009-01-17 17:22:19 ----D---- E:\Program Files\UsbFix
2009-01-17 14:51:05 ----A---- E:\WINDOWS\system32\AsIO.dll
2009-01-17 14:51:04 ----D---- E:\Program Files\ASUS
2009-01-17 14:44:43 ----N---- E:\WINDOWS\system32\nvuide.exe
2009-01-17 14:08:09 ----D---- E:\Program Files\AIDA32 - Personal System Information
2009-01-17 13:37:14 ----RHD---- E:\Documents and Settings\Sofiane\Application Data\SecuROM
2009-01-17 13:27:13 ----A---- E:\WINDOWS\system32\CmdLineExt.dll
2009-01-17 13:25:26 ----A---- E:\WINDOWS\system32\PnkBstrB.exe
2009-01-17 13:25:25 ----D---- E:\WINDOWS\system32\LogFiles
2009-01-17 13:25:25 ----A---- E:\WINDOWS\system32\PnkBstrA.exe
2009-01-17 13:25:25 ----A---- E:\WINDOWS\system32\pbsvc.exe
2009-01-17 13:21:02 ----D---- E:\Program Files\Ubisoft
2009-01-17 13:19:20 ----D---- E:\WINDOWS\system32\appmgmt
2009-01-17 06:48:20 ----D---- E:\WINDOWS\pss
2009-01-17 06:46:20 ----D---- E:\Program Files\DIFX
2009-01-17 06:04:09 ----D---- E:\WINDOWS\EffectResources
2009-01-17 06:04:09 ----A---- E:\WINDOWS\system32\vfwwdm32.dll
2009-01-17 05:48:32 ----D---- E:\Program Files\R-Studio
2009-01-17 05:21:11 ----A---- E:\WINDOWS\system32\setupfilter.exe
2009-01-17 05:21:10 ----D---- E:\Program Files\TD74 Corporation
2009-01-17 05:21:08 ----D---- E:\WINDOWS\CatRoot
2009-01-17 05:21:08 ----D---- E:\Program Files\STV
2009-01-17 05:21:08 ----A---- E:\WINDOWS\VMSnap23.exe
2009-01-17 05:21:08 ----A---- E:\WINDOWS\VMCap323.exe
2009-01-17 05:21:08 ----A---- E:\WINDOWS\VmCam.exe
2009-01-17 05:21:08 ----A---- E:\WINDOWS\Domino.exe
2009-01-17 05:18:23 ----D---- E:\Documents and Settings\All Users\Application Data\KONAMI
2009-01-17 05:13:47 ----SHD---- E:\RECYCLER
2009-01-17 05:13:33 ----D---- E:\Program Files\QO Labs
2009-01-17 05:06:20 ----D---- E:\Program Files\KONAMI
2009-01-17 05:00:26 ----A---- E:\WINDOWS\system32\ChCfg.exe
2009-01-17 05:00:16 ----A---- E:\WINDOWS\system32\ksuser.dll
2009-01-17 05:00:12 ----D---- E:\Program Files\Realtek AC97
2009-01-17 05:00:11 ----A---- E:\WINDOWS\system32\RTLCPL.exe
2009-01-17 05:00:11 ----A---- E:\WINDOWS\system32\RtlCPAPI.dll
2009-01-17 05:00:11 ----A---- E:\WINDOWS\soundman.exe
2009-01-17 05:00:10 ----A---- E:\WINDOWS\alcupd.exe
2009-01-17 05:00:10 ----A---- E:\WINDOWS\Alcrmv.exe
2009-01-17 05:00:03 ----D---- E:\Program Files\Fichiers communs\InstallShield
2009-01-17 04:57:55 ----D---- E:\Program Files\ma-config.com
2009-01-17 04:57:55 ----D---- E:\Documents and Settings\All Users\Application Data\ma-config.com
2009-01-17 04:47:52 ----D---- E:\Program Files\Capcom
2009-01-17 04:25:57 ----D---- E:\Documents and Settings\Sofiane\Application Data\Media Player Classic
2009-01-17 04:22:00 ----A---- E:\WINDOWS\system32\h323log.txt
2009-01-17 04:21:07 ----A---- E:\WINDOWS\system32\usbui.dll
2009-01-17 04:20:31 ----A---- E:\WINDOWS\imsins.BAK
2009-01-17 04:20:29 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2009-01-17 04:20:28 ----SHD---- E:\WINDOWS\Installer
2009-01-17 04:20:28 ----D---- E:\Program Files\Fichiers communs\ODBC
2009-01-17 04:20:28 ----A---- E:\WINDOWS\ODBCINST.INI
2009-01-17 04:20:26 ----RD---- E:\Program Files
2009-01-17 04:20:26 ----D---- E:\Program Files\Fichiers communs\SpeechEngines
2009-01-17 04:20:26 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
2009-01-17 04:20:26 ----D---- E:\Program Files\Fichiers communs
2009-01-17 04:20:24 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2009-01-17 04:20:24 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2009-01-17 04:20:24 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2009-01-17 04:20:23 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2009-01-17 04:20:23 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2009-01-17 04:20:23 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2009-01-17 04:20:23 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2009-01-17 04:20:23 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2009-01-17 04:20:23 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2009-01-17 04:20:22 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2009-01-17 04:20:22 ----RA---- E:\WINDOWS\system32\kbdur.dll
2009-01-17 04:20:22 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2009-01-17 04:20:22 ----RA---- E:\WINDOWS\system32\kbdru.dll
2009-01-17 04:20:22 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2009-01-17 04:20:22 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2009-01-17 04:20:21 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2009-01-17 04:20:20 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2009-01-17 04:20:20 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2009-01-17 04:20:20 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2009-01-17 04:20:20 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2009-01-17 04:20:20 ----RA---- E:\WINDOWS\system32\kbdest.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdro.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdcz2.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdcz1.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdcz.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2009-01-17 04:20:19 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2009-01-17 04:20:16 ----A---- E:\WINDOWS\system32\irclass.dll
2009-01-17 04:20:15 ----A---- E:\WINDOWS\system32\spxcoins.dll
2009-01-17 04:20:15 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2009-01-17 04:20:15 ----A---- E:\WINDOWS\system32\dgsetup.dll
2009-01-17 04:20:15 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2009-01-17 04:20:14 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2009-01-17 04:20:14 ----A---- E:\WINDOWS\TASKMAN.EXE
2009-01-17 04:20:13 ----A---- E:\WINDOWS\system32\storprop.dll
2009-01-17 04:20:13 ----A---- E:\WINDOWS\system32\batt.dll
2009-01-17 04:20:13 ----A---- E:\WINDOWS\NOTEPAD.EXE
2009-01-17 04:20:10 ----ASH---- E:\Documents and Settings\All Users\Application Data\desktop.ini
2009-01-17 04:19:07 ----D---- E:\Documents and Settings\Sofiane\Application Data\DAEMON Tools Pro
2009-01-17 04:19:07 ----D---- E:\Documents and Settings\Sofiane\Application Data\DAEMON Tools
2009-01-17 04:18:28 ----RA---- E:\WINDOWS\SET8.tmp
2009-01-17 04:18:27 ----RA---- E:\WINDOWS\SET4.tmp
2009-01-17 04:18:26 ----RA---- E:\WINDOWS\SET3.tmp
2009-01-17 04:18:26 ----D---- E:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-01-17 04:18:23 ----D---- E:\WINDOWS\system32\CatRoot2
2009-01-17 04:18:23 ----D---- E:\WINDOWS\system32\CatRoot
2009-01-17 04:18:17 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-17 04:18:07 ----A---- E:\WINDOWS\setuplog.txt
2009-01-17 04:18:04 ----SHD---- E:\System Volume Information
2009-01-17 04:18:04 ----D---- E:\Documents and Settings
2009-01-17 04:15:49 ----D---- E:\WINDOWS\system32\AGEIA
2009-01-17 04:15:49 ----D---- E:\Program Files\AGEIA Technologies
2009-01-17 04:15:36 ----D---- E:\Program Files\Fichiers communs\Wise Installation Wizard
2009-01-17 04:15:18 ----D---- E:\WINDOWS\nview
2009-01-17 04:15:18 ----A---- E:\WINDOWS\system32\nvudisp.exe
2009-01-17 04:14:30 ----SD---- E:\WINDOWS\Downloaded Program Files
2009-01-17 04:14:30 ----RSD---- E:\WINDOWS\Fonts
2009-01-17 04:14:30 ----RD---- E:\WINDOWS\Web
2009-01-17 04:14:30 ----HD---- E:\WINDOWS\inf
2009-01-17 04:14:30 ----D---- E:\WINDOWS\WinSxS
2009-01-17 04:14:30 ----D---- E:\WINDOWS\WBEM
2009-01-17 04:14:30 ----D---- E:\WINDOWS\twain_32
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Temp
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\wins
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\wbem
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\usmt
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\spool
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\ShellExt
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\Setup
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\ras
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\oobe
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\npp
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\mui
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\inetsrv
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\IME
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\icsxml
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\ias
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\fr-fr
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\fr
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\export
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\drivers
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\dhcp
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\config
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\3com_dmi
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\3076
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\2052
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1054
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1042
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1041
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1037
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1036
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1033
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1031
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1028
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32\1025
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system32
2009-01-17 04:14:30 ----D---- E:\WINDOWS\system
2009-01-17 04:14:30 ----D---- E:\WINDOWS\security
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Resources
2009-01-17 04:14:30 ----D---- E:\WINDOWS\repair
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Provisioning
2009-01-17 04:14:30 ----D---- E:\WINDOWS\PeerNet
2009-01-17 04:14:30 ----D---- E:\WINDOWS\pchealth
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Offline Web Pages
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Network Diagnostic
2009-01-17 04:14:30 ----D---- E:\WINDOWS\mui
2009-01-17 04:14:30 ----D---- E:\WINDOWS\msapps
2009-01-17 04:14:30 ----D---- E:\WINDOWS\msagent
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Media
2009-01-17 04:14:30 ----D---- E:\WINDOWS\L2Schemas
2009-01-17 04:14:30 ----D---- E:\WINDOWS\java
2009-01-17 04:14:30 ----D---- E:\WINDOWS\ime
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Help
2009-01-17 04:14:30 ----D---- E:\WINDOWS\ehome
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Driver Cache
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Debug
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Cursors
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Connection Wizard
2009-01-17 04:14:30 ----D---- E:\WINDOWS\Config
2009-01-17 04:14:30 ----D---- E:\WINDOWS\AppPatch
2009-01-17 04:14:30 ----D---- E:\WINDOWS\addins
2009-01-17 04:14:30 ----D---- E:\WINDOWS
2009-01-17 04:03:15 ----D---- E:\Documents and Settings\Sofiane\Application Data\DAEMON Tools Lite
2009-01-17 03:53:52 ----D---- E:\WINDOWS\system32\ReinstallBackups
2009-01-17 03:53:49 ----A---- E:\WINDOWS\system32\nvunrm.exe
2009-01-17 03:53:31 ----A---- E:\WINDOWS\system32\NVUNINST.EXE
2009-01-17 03:53:24 ----D---- E:\NVIDIA
2009-01-17 03:51:41 ----A---- E:\WINDOWS\system32\MRT.exe
2009-01-17 03:51:36 ----HDC---- E:\WINDOWS$NtUninstallKB958687$
2009-01-17 03:51:31 ----D---- E:\WINDOWS\ie7updates
2009-01-17 03:49:23 ----D---- E:\Program Files\SystemRequirementsLab
2009-01-17 03:48:36 ----D---- E:\Documents and Settings\Sofiane\Application Data\Macromedia
2009-01-17 03:48:33 ----D---- E:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-01-17 03:47:54 ----A---- E:\WINDOWS\system32\wuapi.dll.mui
2009-01-17 03:47:38 ----D---- E:\Documents and Settings\Sofiane\Application Data\Adobe
2009-01-17 03:46:38 ----HD---- E:\Program Files\InstallShield Installation Information
2009-01-17 03:46:28 ----A---- E:\WINDOWS\system32\results.txt
2009-01-17 03:46:16 ----D---- E:\Program Files\NETGEAR
2009-01-17 03:46:07 ----D---- E:\WINDOWS\Downloaded Installations
2009-01-17 03:40:37 ----AD---- E:\Program Files\XYplorer
2009-01-17 03:40:31 ----DC---- E:\WINDOWS\system32\DRVSTORE
2009-01-17 03:40:28 ----D---- E:\Program Files\Windows Live
2009-01-17 03:40:08 ----D---- E:\Program Files\Samurize
2009-01-17 03:39:56 ----D---- E:\Program Files\Raxco
2009-01-17 03:39:50 ----D---- E:\Program Files\Notepad++
2009-01-17 03:39:50 ----D---- E:\Documents and Settings\Sofiane\Application Data\Notepad++
2009-01-17 03:39:31 ----A---- E:\WINDOWS\ODBC.INI
2009-01-17 03:39:25 ----A---- E:\WINDOWS\system32\mdimon.dll
2009-01-17 03:38:42 ----D---- E:\Program Files\Fichiers communs\DESIGNER
2009-01-17 03:38:36 ----D---- E:\WINDOWS\SHELLNEW
2009-01-17 03:38:35 ----D---- E:\Program Files\Microsoft.NET
2009-01-17 03:38:35 ----D---- E:\Program Files\Microsoft Office
2009-01-17 03:37:19 ----D---- E:\Program Files\Kaspersky Lab
2009-01-17 03:37:19 ----D---- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-01-17 03:36:56 ----D---- E:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-17 03:36:53 ----D---- E:\Program Files\QT Lite
2009-01-17 03:36:42 ----D---- E:\Program Files\Real Alternative
2009-01-17 03:36:42 ----D---- E:\Documents and Settings\Sofiane\Application Data\Real
2009-01-17 03:36:42 ----D---- E:\Documents and Settings\All Users\Application Data\Real
2009-01-17 03:36:42 ----A---- E:\WINDOWS\system32\rmoc3260.dll
2009-01-17 03:36:42 ----A---- E:\WINDOWS\system32\pndx5032.dll
2009-01-17 03:36:42 ----A---- E:\WINDOWS\system32\pndx5016.dll
2009-01-17 03:36:42 ----A---- E:\WINDOWS\system32\pncrt.dll
2009-01-17 03:36:42 ----A---- E:\WINDOWS\system32\msvcp71.dll
2009-01-17 03:36:30 ----A---- E:\WINDOWS\system32\unrar.dll
2009-01-17 03:36:30 ----A---- E:\WINDOWS\avisplitter.ini
2009-01-17 03:36:29 ----A---- E:\WINDOWS\system32\yv12vfw.dll
2009-01-17 03:36:29 ----A---- E:\WINDOWS\system32\xvidcore.dll
2009-01-17 03:36:29 ----A---- E:\WINDOWS\system32\x264vfw.dll
2009-01-17 03:36:29 ----A---- E:\WINDOWS\system32\huffyuv.dll
2009-01-17 03:36:28 ----A---- E:\WINDOWS\system32\xvidvfw.dll
2009-01-17 03:36:28 ----A---- E:\WINDOWS\system32\qt-dx331.dll
2009-01-17 03:36:28 ----A---- E:\WINDOWS\system32\dpl100.dll
2009-01-17 03:36:28 ----A---- E:\WINDOWS\system32\divx.dll
2009-01-17 03:36:27 ----D---- E:\Program Files\K-Lite Codec Pack
2009-01-17 03:36:27 ----A---- E:\WINDOWS\system32\msvcr71.dll
2009-01-17 03:36:27 ----A---- E:\WINDOWS\system32\ff_vfw.dll.manifest
2009-01-17 03:36:27 ----A---- E:\WINDOWS\system32\ff_vfw.dll
2009-01-17 03:36:18 ----D---- E:\Program Files\Foxit Software
2009-01-17 03:36:09 ----D---- E:\Documents and Settings\Sofiane\Application Data\Mozilla
2009-01-17 03:36:07 ----D---- E:\Program Files\Mozilla Firefox
2009-01-17 03:36:01 ----D---- E:\Program Files\CCleaner
2009-01-17 03:35:20 ----D---- E:\Program Files\Adobe
2009-01-17 03:35:02 ----D---- E:\Documents and Settings\All Users\Application Data\ACD Systems
2009-01-17 03:34:59 ----D---- E:\Program Files\Fichiers communs\ACD Systems
2009-01-17 03:34:59 ----D---- E:\Program Files\ACD Systems
2009-01-17 03:34:39 ----D---- E:\Program Files\7-Zip
2009-01-17 03:34:37 ----D---- E:\Program Files\SuperCopier2
2009-01-17 03:34:25 ----A---- E:\WINDOWS\system32\mu_launcher.bat
2009-01-17 03:34:21 ----D---- E:\WINDOWS\system32\SoftwareDistribution
2009-01-17 03:34:21 ----A---- E:\WINDOWS\system32\wups2.dll
2009-01-17 03:34:21 ----A---- E:\WINDOWS\system32\wucltui.dll.mui
2009-01-17 03:34:21 ----A---- E:\WINDOWS\system32\wuaueng.dll.mui
2009-01-17 03:34:13 ----A---- E:\WINDOWS\system32\OGACheckControl.dll
2009-01-17 03:34:13 ----A---- E:\WINDOWS\system32\muweb.dll
2009-01-17 03:33:35 ----D---- E:\WINDOWS\system32\URTTEMP
2009-01-17 03:33:13 ----HDC---- E:\WINDOWS$NtUninstallXPSEPSCLP$
2009-01-17 03:32:59 ----D---- E:\WINDOWS\system32\XPSViewer
2009-01-17 03:32:59 ----D---- E:\WINDOWS\system32\en-us
2009-01-17 03:32:59 ----D---- E:\Program Files\MSBuild
2009-01-17 03:32:57 ----D---- E:\Program Files\Reference Assemblies
2009-01-17 03:32:53 ----N---- E:\WINDOWS\system32\spmsg2.dll
2009-01-17 03:32:51 ----A---- E:\WINDOWS\system32\rgb9rast_2.dll
2009-01-17 03:32:32 ----RSD---- E:\WINDOWS\assembly
2009-01-17 03:32:22 ----D---- E:\WINDOWS\Microsoft.NET
2009-01-17 03:32:14 ----N---- E:\WINDOWS\system32\XpsSvcs.dll
2009-01-17 03:32:14 ----N---- E:\WINDOWS\system32\XPSSHHDR.dll
2009-01-17 03:32:09 ----N---- E:\WINDOWS\system32\prntvpt.dll
2009-01-17 03:31:47 ----A---- E:\WINDOWS\system32\javaws.exe
2009-01-17 03:31:47 ----A---- E:\WINDOWS\system32\javaw.exe
2009-01-17 03:31:47 ----A---- E:\WINDOWS\system32\java.exe
2009-01-17 03:31:47 ----A---- E:\WINDOWS\system32\deploytk.dll
2009-01-17 03:31:42 ----D---- E:\Program Files\Java
2009-01-17 03:31:39 ----D---- E:\Documents and Settings\Sofiane\Application Data\Sun
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\XAudio2_3.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\XAudio2_2.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\XAPOFX1_2.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\XAPOFX1_1.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\xactengine3_3.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\xactengine3_2.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\X3DAudio1_5.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\D3DX9_40.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\d3dx10_40.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\d3dx10_39.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\D3DCompiler_40.dll
2009-01-17 03:31:36 ----A---- E:\WINDOWS\system32\D3DCompiler_39.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\XAudio2_1.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\XAudio2_0.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\XAPOFX1_0.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\xactengine3_1.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\X3DAudio1_4.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\D3DX9_39.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\D3DX9_38.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\d3dx10_38.dll
2009-01-17 03:31:35 ----A---- E:\WINDOWS\system32\D3DCompiler_38.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\xactengine3_0.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\xactengine2_10.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\X3DAudio1_3.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\D3DX9_37.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\d3dx9_36.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\d3dx10_37.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\d3dx10_36.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\D3DCompiler_37.dll
2009-01-17 03:31:34 ----A---- E:\WINDOWS\system32\D3DCompiler_36.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\xinput1_3.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\xactengine2_9.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\xactengine2_8.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\xactengine2_7.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\X3DAudio1_2.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\d3dx9_35.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\d3dx9_34.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\d3dx10_35.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\d3dx10_34.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\d3dx10_33.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-17 03:31:33 ----A---- E:\WINDOWS\system32\D3DCompiler_33.dll
2009-01-17 03:31:32 ----A---- E:\WINDOWS\system32\xactengine2_6.dll
2009-01-17 03:31:32 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2009-01-17 03:31:32 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2009-01-17 03:31:32 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2009-01-17 03:31:32 ----A---- E:\WINDOWS\system32\d3dx9_33.dll
2009-01-17 03:31:32 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\d3dx9_31.dll
2009-01-17 03:31:31 ----A---- E:\WINDOWS\system32\d3dx9_30.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\d3dx9_28.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2009-01-17 03:31:30 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2009-01-17 03:31:29 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2009-01-17 03:31:29 ----A---- E:\WINDOWS\system32\d3dx9_24.dll
2009-01-17 03:31:18 ----D---- E:\WINDOWS\system32\DirectX
2009-01-17 03:31:17 ----D---- E:\WINDOWS\Logs
2009-01-17 03:31:12 ----A---- E:\WPI_Log_2009.01.17_03.31.12.txt
2009-01-17 03:28:47 ----D---- E:\Documents and Settings\Sofiane\Application Data\Identities
2009-01-17 03:28:44 ----HD---- E:\Program Files\Uninstall Information
2009-01-17 03:28:41 ----SD---- E:\Documents and Settings\Sofiane\Application Data\Microsoft
2009-01-17 03:28:41 ----ASH---- E:\Documents and Settings\Sofiane\Application Data\desktop.ini
2009-01-17 03:28:14 ----D---- E:\WINDOWS\SoftwareDistribution
2009-01-17 03:28:13 ----SD---- E:\WINDOWS\system32\Microsoft
2009-01-17 03:28:13 ----D---- E:\WINDOWS\Prefetch
2009-01-17 03:28:13 ----A---- E:\WINDOWS\SchedLgU.Txt
2009-01-17 03:25:33 ----D---- E:\WINDOWS\system32\PreInstall
2009-01-17 03:25:33 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2009-01-17 03:25:27 ----D---- E:\Program Files\MSXML 4.0
2009-01-17 03:24:41 ----N---- E:\WINDOWS\system32\spmsg.dll
2009-01-17 03:24:40 ----HD---- E:\WINDOWS$hf_mig$
2009-01-17 03:24:37 ----A---- E:\WINDOWS\OEWABLog.txt
2009-01-17 03:24:37 ----A---- E:\WINDOWS\control.ini
2009-01-17 03:24:27 ----D---- E:\WINDOWS\system32\dllcache
2009-01-17 03:24:27 ----A---- E:\WINDOWS\system32\mapi32.dll
2009-01-17 03:23:54 ----RAH---- E:\WINDOWS\system32\logonui.exe.manifest
2009-01-17 03:23:52 ----RAH---- E:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-17 03:23:49 ----HD---- E:\Program Files\WindowsUpdate
2009-01-17 03:23:48 ----D---- E:\Program Files\Services en ligne
2009-01-17 03:23:40 ----A---- E:\WINDOWS\system32\desktop.ini
2009-01-17 03:23:40 ----A---- E:\WINDOWS\system32\atrace.dll
2009-01-17 03:23:40 ----A---- E:\WINDOWS\desktop.ini
2009-01-17 03:23:37 ----A---- E:\WINDOWS\system32\nmevtmsg.dll
2009-01-17 03:23:36 ----D---- E:\Program Files\Fichiers communs\Services
2009-01-17 03:23:36 ----A---- E:\WINDOWS\system32\acctres.dll
2009-01-17 03:23:34 ----SD---- E:\WINDOWS\Tasks
2009-01-17 03:23:34 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2009-01-17 03:23:33 ----D---- E:\Program Files\Fichiers communs\MSSoap
2009-01-17 03:23:32 ----D---- E:\WINDOWS\system32\Macromed
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuweb.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wups.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wucltui.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuauserv.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuaueng.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuauclt.exe
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\wuapi.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\bitsprx4.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2009-01-17 03:23:30 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2009-01-17 03:23:29 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2009-01-17 03:23:29 ----A---- E:\WINDOWS\system32\qmgr.dll
2009-01-17 03:23:27 ----D---- E:\Program Files\Movie Maker
2009-01-17 03:23:15 ----A---- E:\WINDOWS\system32\safrslv.dll
2009-01-17 03:23:15 ----A---- E:\WINDOWS\system32\safrdm.dll
2009-01-17 03:23:15 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2009-01-17 03:23:15 ----A---- E:\WINDOWS\system32\racpldlg.dll
2009-01-17 03:23:12 ----D---- E:\WINDOWS\system32\Restore
2009-01-17 03:23:12 ----A---- E:\WINDOWS\system32\srsvc.dll
2009-01-17 03:23:12 ----A---- E:\WINDOWS\system32\srrstr.dll
2009-01-17 03:23:12 ----A---- E:\WINDOWS\system32\srclient.dll
2009-01-17 03:23:12 ----A---- E:\WINDOWS\system32\fltMc.exe
2009-01-17 03:23:12 ----A---- E:\WINDOWS\system32\fltlib.dll
2009-01-17 03:23:11 ----A---- E:\WINDOWS\system32\nmmkcert.dll
2009-01-17 03:23:11 ----A---- E:\WINDOWS\system32\msconf.dll
2009-01-17 03:23:11 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2009-01-17 03:23:11 ----A---- E:\WINDOWS\system32\mnmdd.dll
2009-01-17 03:23:11 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2009-01-17 03:23:11 ----A---- E:\WINDOWS\system32\ils.dll
2009-01-17 03:23:09 ----D---- E:\Program Files\NetMeeting
2009-01-17 03:23:09 ----A---- E:\WINDOWS\system32\msoert2.dll
2009-01-17 03:23:09 ----A---- E:\WINDOWS\system32\msoeacct.dll
2009-01-17 03:23:08 ----A---- E:\WINDOWS\system32\inetres.dll
2009-01-17 03:23:08 ----A---- E:\WINDOWS\system32\inetcomm.dll
2009-01-17 03:23:07 ----D---- E:\Program Files\Outlook Express
2009-01-17 03:23:07 ----A---- E:\WINDOWS\system32\schedsvc.dll
2009-01-17 03:23:07 ----A---- E:\WINDOWS\system32\mstinit.exe
2009-01-17 03:23:07 ----A---- E:\WINDOWS\system32\mstask.dll
2009-01-17 03:23:06 ----A---- E:\WINDOWS\system32\isign32.dll
2009-01-17 03:23:06 ----A---- E:\WINDOWS\system32\inetcfg.dll
2009-01-17 03:23:06 ----A---- E:\WINDOWS\system32\icwphbk.dll
2009-01-17 03:23:06 ----A---- E:\WINDOWS\system32\icwdial.dll
2009-01-17 03:23:03 ----D---- E:\Program Files\Fichiers communs\System
2009-01-17 03:23:02 ----D---- E:\Program Files\Internet Explorer
2009-01-17 03:22:43 ----D---- E:\Program Files\ComPlus Applications
2009-01-17 03:22:43 ----A---- E:\WINDOWS\vbaddin.ini
2009-01-17 03:22:43 ----A---- E:\WINDOWS\vb.ini
2009-01-17 03:22:42 ----D---- E:\WINDOWS\Registration
2009-01-17 03:22:38 ----D---- E:\Program Files\Windows Media Connect 2
2009-01-17 03:22:37 ----D---- E:\Program Files\Windows Media Player
2009-01-17 03:22:35 ----D---- E:\Program Files\MSN Gaming Zone
2009-01-17 03:22:35 ----A---- E:\WINDOWS\system32\write.exe
2009-01-17 03:22:29 ----A---- E:\WINDOWS\system32\sndvol32.exe
2009-01-17 03:22:29 ----A---- E:\WINDOWS\system32\hticons.dll
2009-01-17 03:22:29 ----A---- E:\WINDOWS\system32\avwav.dll
2009-01-17 03:22:29 ----A---- E:\WINDOWS\system32\avtapi.dll
2009-01-17 03:22:29 ----A---- E:\WINDOWS\system32\avmeter.dll
2009-01-17 03:22:28 ----A---- E:\WINDOWS\system32\winchat.exe
2009-01-17 03:22:25 ----A---- E:\WINDOWS\system32\getuname.dll
2009-01-17 03:22:24 ----A---- E:\WINDOWS\system32\winmine.exe
2009-01-17 03:22:24 ----A---- E:\WINDOWS\system32\sol.exe
2009-01-17 03:22:24 ----A---- E:\WINDOWS\system32\mshearts.exe
2009-01-17 03:22:24 ----A---- E:\WINDOWS\system32\charmap.exe
2009-01-17 03:22:24 ----A---- E:\WINDOWS\system32\calc.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\tsshutdn.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\tslabels.ini
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\tskill.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\tsdiscon.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\tscon.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\shadow.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\rwinsta.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\reset.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\regini.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\rdpcfgex.dll
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\qwinsta.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\qappsrv.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\msg.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\logoff.exe
2009-01-17 03:22:23 ----A---- E:\WINDOWS\system32\freecell.exe
2009-01-17 03:22:22 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2009-01-17 03:22:22 ----A---- E:\WINDOWS\system32\cdmodem.dll
2009-01-17 03:22:19 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2009-01-17 03:22:18 ----A---- E:\WINDOWS\system32\sndrec32.exe
2009-01-17 03:22:18 ----A---- E:\WINDOWS\system32\mplay32.exe
2009-01-17 03:22:18 ----A---- E:\WINDOWS\system32\hypertrm.dll
2009-01-17 03:22:18 ----A---- E:\WINDOWS\system32\accwiz.exe
2009-01-17 03:22:17 ----D---- E:\Program Files\Windows NT
2009-01-17 03:22:17 ----A---- E:\WINDOWS\system32\spider.exe
2009-01-17 03:22:17 ----A---- E:\WINDOWS\system32\mspaint.exe
2009-01-17 03:22:17 ----A---- E:\WINDOWS\system32\clipbrd.exe
2009-01-17 03:22:16 ----A---- E:\WINDOWS\system32\tsgqec.dll
2009-01-17 03:22:16 ----A---- E:\WINDOWS\system32\tscfgwmi.dll
2009-01-17 03:22:16 ----A---- E:\WINDOWS\system32\rhttpaa.dll
2009-01-17 03:22:16 ----A---- E:\WINDOWS\system32\aaclient.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\termsrv.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\sessmgr.exe
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\remotepg.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\rdshost.exe
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\rdsaddin.exe
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\rdpwsx.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\rdpsnd.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\rdpclip.exe
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\rdchost.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\qprocess.exe
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\mstscax.dll
2009-01-17 03:22:15 ----A---- E:\WINDOWS\system32\mstsc.exe
2009-01-17 03:22:14 ----D---- E:\WINDOWS\system32\MsDtc
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\xolehlp.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\mtxoci.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\msdtctm.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\msdtclog.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\msdtc.exe
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\icaapi.dll
2009-01-17 03:22:14 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2009-01-17 03:22:13 ----D---- E:\WINDOWS\system32\Com
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\stclient.dll
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\mtxex.dll
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\mtxdm.dll
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\comrepl.dll
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\comaddin.dll
2009-01-17 03:22:13 ----A---- E:\WINDOWS\system32\colbact.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\comuid.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\comsvcs.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\comsnap.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\clbcatex.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\catsrvut.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\catsrvps.dll
2009-01-17 03:22:12 ----A---- E:\WINDOWS\system32\catsrv.dll
2009-01-17 03:22:11 ----A---- E:\WINDOWS\system32\clbcatq.dll
2009-01-17 03:22:08 ----A---- E:\WINDOWS\system32\servdeps.dll
2009-01-17 03:22:08 ----A---- E:\WINDOWS\system32\mmfutil.dll
2009-01-17 03:22:08 ----A---- E:\WINDOWS\system32\licwmi.dll
2009-01-17 03:22:08 ----A---- E:\WINDOWS\system32\cmprops.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nwiz.exe
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwssr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwss.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrszht.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrszhc.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrstr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsth.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrssv.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrssl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrssk.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsru.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsptb.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrspt.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrspl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsno.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsnl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsko.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsja.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsit.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrshu.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrshe.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsfr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsfi.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsesm.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrses.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrseng.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsel.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsde.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsda.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrscs.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwrsar.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwimg.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwdmcpl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvwddi.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvvitvsr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvvitvs.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvsvc32.exe
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvshell.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrszht.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrszhc.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrstr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsth.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrssv.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrssl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrssk.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsru.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsptb.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrspt.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrspl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsno.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsnl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsko.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsja.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsit.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrshu.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrshe.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsfr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsfi.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsesm.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrses.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrseng.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsel.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsde.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsda.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrscs.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvrsar.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvoglnt.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmoblsr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmobls.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmctray.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmccssr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmccss.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmccsrs.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvmccs.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nview.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvgamesr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvgames.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvdspsch.exe
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvdispsr.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvdisps.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcuda.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcpluir.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcplui.exe
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcpl.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcolor.exe
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcodins.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvcod.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvappbar.exe
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nvapi.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\nv4_disp.dll
2008-12-26 00:08:00 ----A---- E:\WINDOWS\system32\keystone.exe

======List of files/folders modified in the last 1 months======

2009-01-17 06:04:43 ----A---- E:\WINDOWS\win.ini
2009-01-17 04:20:26 ----A---- E:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; E:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 AsIO;AsIO; E:\WINDOWS\system32\drivers\AsIO.sys [2004-10-14 4962]
R1 KLIF;Kaspersky Lab Driver; E:\WINDOWS\system32\DRIVERS\klif.sys [2009-01-17 227344]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; E:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-01-17 17801]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 AR5211;NETGEAR WPN311 V1H3 Wireless Adapter Service; E:\WINDOWS\system32\DRIVERS\WPN311.sys [2006-07-05 472000]
R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; E:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-12-16 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; E:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 vmfilter323;323 filter service, Normal; E:\WINDOWS\system32\drivers\vmfilter323.sys [2006-08-08 476672]
R3 ZSMC326;TD74 USB2.0 PC Camera(VC0323); E:\WINDOWS\System32\Drivers\usbvm323.sys [2007-04-24 257408]
S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; ??\E:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-10-01 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-10-01 82944]
S4 atapi;atapi; E:\WINDOWS\system32\drivers\atapi.sys [2008-04-14 96512]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; E:\WINDOWS\system32\acs.exe [2006-12-04 36864]
R2 AVP;Kaspersky Anti-Virus; E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-11-11 206088]
R2 JavaQuickStarterService;Jav

goldorak59 · Janvier 18, 2009, 1:14

Re,

reposte le log rsit log txt;

merci

algerienman_1_1 · Janvier 18, 2009, 1:16

Logfile of random’s system information tool 1.05 (written by random/random)
Run by Sofiane at 2009-01-18 01:16:22
Microsoft Windows XP Professionnel Service Pack 3
System drive E: has 450 GB (94%) free of 477 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:16:23, on 18/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\acs.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\VMSnap23.exe
E:\WINDOWS\Domino.exe
E:\Program Files\ASUS\Ai Booster\OverClk.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Windows Live\Messenger\usnsvc.exe
E:\DOCUME~1\Sofiane\LOCALS~1\Temp\B33C11F5-3A11-4f1e-85E4-C3CABE52C369.exe
E:\WINDOWS\system32\msiexec.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Documents and Settings\Sofiane\Mes documents\RSIT.exe
D:\telechargements\Logiciels\Sofiane.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM…\Run: [AVP] “E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [BigDogPath323VMSnap] E:\WINDOWS\VMSnap23.exe
O4 - HKLM…\Run: [BigDogPath323Domino] E:\WINDOWS\Domino.exe
O4 - HKLM…\Run: [Launch Ai Booster] “E:\Program Files\ASUS\Ai Booster\OverClk.exe”
O4 - HKCU…\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-20…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS.DEFAULT…\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = E:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE…
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {05CA9FB0-3E3E-4b36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - www.nvidia.com…
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com…
O16 - DPF: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (MUWebControl Class) - update.microsoft.com…
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - www.nvidia.com…
O17 - HKLM\System\CCS\Services\Tcpip…{8EC7B328-D752-4FC8-A951-A441FF0DC9F3}: NameServer = 212.27.54.252,212.27.53.252
O20 - AppInit_DLLs: E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - E:\WINDOWS\system32\acs.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - E:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe

–
End of file - 6666 bytes