Virus qui revient une fois supprimé

Bonjour,

Moi aussi j’ai deux virus qui n’arrêtent pas de revenir. Ils sont très faciles à supprimer mais ils reviennent. Je ne sais pas si ils fonctionnent les 2 en même temps. L’un s’installe dans système 32 et l’autre dans C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 puis dans un répertoire avec des noms du genre WTERGHYB ou 4XU70HYR .

J’ai essayé CCLEANER, avast, j’ai décocher l’option de restauration système mais rien n’y fait . Ce sont selon avast des chevaux de Troie.

j’ai aussi essayé HijackThis mais je ne sais pas quoi en déduire, si vous pouviez m’aider, voici les logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37:02, on 29/10/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\tsnp2std.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
E:\program files 2\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM…\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com…
O17 - HKLM\System\CCS\Services\Tcpip…{67C5EF35-5761-48B1-8BC4-68DE902AE1BB}: NameServer = 10.0.1.246
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

Merci

Re

dans un premier temps fais ceci

1)Mets au moins le SP2 sur ton PC

==>Windows XP Service Pack 2

aprés

2)Mets à jour Explorer

==>Explorer

aprés

3)télécharges --> Malwarebytes’ (mbam)

==>Malwarebytes’ (mbam)

installes + mise a jour
et
Redémarre en “Mode sans échec”

tapote sur la touche F8 jusqu’à l’affichage du menu des options avancées de Windows, et sélectionne “Mode sans échec”.
Choisis ta session habituelle

Lances–> Malwarebytes (MBAM)
==> Puis vas dans l’onglet “Recherche”, coche “Exécuter un examen complet” puis “Rechercher”
==> Sélectionnes tes disques durs" puis clique sur “Lancer l’examen”
==> A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
==> Suppression des éléments détectés --> cliques sur Supprimer la sélection==>Important à faire
=> S’il t’ es demandé de redémarrer, clique sur "oui "

aprés la suppression(s) de ou des infections trouvées --> poste le rapport ici

ensuite

4. télécharge GenProc sur ton bureau

==> GenProc

dézippe le dossier, double-clique sur GenProc.bat

réponds " oui" à la fenêtre qui apparait

poste le contenu du rapport qui s’ouvre

et pour terminer

5. Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

==>Random’s System Information Tool (RSIT)

==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu de log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

@+ cricri58

je vais essayer de le faire mais par contre je peux pas installer le service pack 2, j’ avais Vista avant j’ai eu beaucoup de problème et j’ai pris le cd XP de mon père. Bref je peux plus faire de mise à jour windows … C’est à dire plus d 'internet explorer, j’utilise mozilla firefox et je l’ai mis à jour aujourd’hui.

Je vais essayer avec Mbam et je te dis le résultat.

Mbam n’a rien trouvé:

lwarebytes’ Anti-Malware 1.41
Version de la base de données: 3056
Windows 5.1.2600 Service Pack 1 (Safe Mode)

29/10/2009 22:10:20
mbam-log-2009-10-29 (22-10-20).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 141770
Temps écoulé: 17 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

---

voila le rapport de Genproc:

Rapport GenProc 2.640 [1] - 29/10/2009 à 22:17:17
@ Windows XP Service Pack 1 - Mode normal
@ Mozilla Firefox (3.0.15) [Navigateur par défaut]

GenProc n’a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

Poste un rapport Nod32 www.eset-nod32.fr… (il faut utiliser Internet Explorer)

• coche toutes les cases à chaque fois, et lorsque c’est terminé, colle le rapport :
  C:\Program Files\EsetOnlineScanner\log.txt

~~~~ INFORMATION COMPLEMENTAIRE ~~~~

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:22, on 29/10/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\tsnp2std.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\cmd.exe
E:\download\GenProc\outil\Tidus_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM…\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com…
O17 - HKLM\System\CCS\Services\Tcpip…{67C5EF35-5761-48B1-8BC4-68DE902AE1BB}: NameServer = 10.0.1.246
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

–
End of file - 6382 bytes

---

Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com

---

et les deux rapport de RSIT:

info.txt logfile of random’s system information tool 1.06 2009-10-29 22:20:47

======Uninstall list======

–>C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Agere Systems HDA Modem v6081–>agrsmdel
aMSN 0.97.2–>C:\Program Files\aMSN\uninstall.exe
avast! Antivirus–>C:\Program Files\Alwil Software\Avast4\aswRunDll.exe “C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll”,RunSetup
BisonCam–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{4A57592C-FF92-4083-97A9-92783BD5AFB4}\Setup.exe” -l0x40c
BlueSoleil–>MsiExec.exe /X{E82C83C0-8897-4D91-949D-E051E3F24626}
CCleaner (remove only)–>“C:\Program Files\CCleaner\uninst.exe”
Condition Zero Deleted Scenes–>“E:\program files 2\steam.exe” uninstall…
Condition Zero No Steam–>C:\Program Files\Valve Lan\Désinstaller Condition Zero Lan.exe
Condition Zero–>“E:\program files 2\steam.exe” uninstall…
Correctif Windows XP - KB810217–>C:\WINDOWS$NtUninstallKB810217$\spuninst\spuninst.exe
Correctif Windows XP - KB841873–>C:\WINDOWS$NtUninstallKB841873$\spuninst\spuninst.exe
Correctif Windows XP - KB842773–>C:\WINDOWS$NtUninstallKB842773$\spuninst\spuninst.exe
Correctif Windows XP - KB873339–>C:\WINDOWS$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835–>C:\WINDOWS$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836–>C:\WINDOWS$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB888302–>C:\WINDOWS$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859–>“C:\WINDOWS$NtUninstallKB890859$\spuninst\spuninst.exe”
Correctif Windows XP - KB891781–>C:\WINDOWS$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB892944–>“C:\WINDOWS$NtUninstallKB892944$\spuninst\spuninst.exe”
Correctif Windows XP - KB911567–>“C:\WINDOWS$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\spuninst.exe”
Correctif Windows XP - KB918439–>“C:\WINDOWS$NtUninstallKB918439-IE6SP1-20060530.145346$\spuninst\spuninst.exe”
Correctif Windows XP - KB918899–>“C:\WINDOWS$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\spuninst.exe”
Correctif Windows XP - KB925486–>“C:\WINDOWS$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe”
Counter-Strike 1.6 Lan–>C:\Program Files\Valve Lan\Désinstaller Counter-Strike 1.6 Lan.exe
Counter-Strike Steamworks Beta–>“E:\program files 2\steam.exe” uninstall…
Counter-Strike™–>MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike–>“E:\program files 2\steam.exe” uninstall…
Day of Defeat 1.3 Lan–>C:\Program Files\Valve Lan\Désinstaller Day of Defeat 1.3 Lan.exe
Day of Defeat–>“E:\program files 2\steam.exe” uninstall…
Deathmatch Classic–>“E:\program files 2\steam.exe” uninstall…
DivX Player–>C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Pro Trial–>C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD Solution–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe” -uninstall
EES - Engineering Equation Solver - Academic–>C:\EES_AV\UNWISE.EXE C:\EES_AV\INSTALL.LOG
Half-Life Lan–>C:\Program Files\Valve Lan\Désinstaller Half-Life Lan.exe
High Definition Audio Driver Package - KB888111–>“C:\WINDOWS$NtUninstallKB888111WXP$\spuninst\spuninst.exe”
HijackThis 2.0.2–>“C:\Program Files\Trend Micro\HijackThis\HijackThis.exe” /uninstall
iPod for Windows 2006-03-23–>C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1036
iTunes–>C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{59C4F14F-7590-45FC-BE9F-A67AB3590709} /l1036
IZArc 3.81–>“C:\Program Files\IZArc\unins000.exe”
Java™ 6 Update 16–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Maple 11–>“C:\Program Files\Maple 11\Uninstall_Maple 11\Uninstall Maple 11.exe”
Maple 7–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{E5D4D448-01C2-11D5-96D9-0001023B4117}\Setup.exe”
Marco Polo Français Allemand 3.50–>C:\WINDOWS\iun6002ev.exe “C:\Program Files\Marco Polo Français Allemand 3.50\irunin.ini”
Matroska Pack - Lazy Man’s MKV 0.9.9–>“C:\Program Files\LD-Anime\unins000.exe”
MediaCoder 0.7.2.4522–>C:\Program Files\MediaCoder\uninst.exe
MediaShow 3.0–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe” -uninstall
Microsoft Halo–>“C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE” /runtemp /addremove
Microsoft Office 2000 Premium–>MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)–>“C:\WINDOWS$NtUninstallKB911564$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media 8 (KB917734)–>“C:\WINDOWS$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB890046)–>“C:\WINDOWS$NtUninstallKB890046$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB893756)–>“C:\WINDOWS$NtUninstallKB893756$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB896358)–>“C:\WINDOWS$NtUninstallKB896358$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB896423)–>“C:\WINDOWS$NtUninstallKB896423$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB896424)–>“C:\WINDOWS$NtUninstallKB896424$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB896428)–>“C:\WINDOWS$NtUninstallKB896428$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB899587)–>“C:\WINDOWS$NtUninstallKB899587$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB899591)–>“C:\WINDOWS$NtUninstallKB899591$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB900725)–>“C:\WINDOWS$NtUninstallKB900725$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB901017)–>“C:\WINDOWS$NtUninstallKB901017$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB901214)–>“C:\WINDOWS$NtUninstallKB901214$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB902400)–>“C:\WINDOWS$NtUninstallKB902400$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB904706)–>“C:\WINDOWS$NtUninstallKB904706$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB905414)–>“C:\WINDOWS$NtUninstallKB905414$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB905495)–>“C:\WINDOWS$NtUninstallKB905495$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB905749)–>“C:\WINDOWS$NtUninstallKB905749$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB908519)–>“C:\WINDOWS$NtUninstallKB908519$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB911562)–>“C:\WINDOWS$NtUninstallKB911562$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB911927)–>“C:\WINDOWS$NtUninstallKB911927$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB912919)–>“C:\WINDOWS$NtUninstallKB912919$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB913433)–>C:\WINDOWS\System32\MacroMed\Flash\genuinst.exe C:\WINDOWS\System32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB913580)–>“C:\WINDOWS$NtUninstallKB913580$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB914388)–>“C:\WINDOWS$NtUninstallKB914388$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB914389)–>“C:\WINDOWS$NtUninstallKB914389$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB917344)–>“C:\WINDOWS$NtUninstallKB917344$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB917422)–>“C:\WINDOWS$NtUninstallKB917422$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB917953)–>“C:\WINDOWS$NtUninstallKB917953$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB919007)–>“C:\WINDOWS$NtUninstallKB919007$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB920670)–>“C:\WINDOWS$NtUninstallKB920670$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB920683)–>“C:\WINDOWS$NtUninstallKB920683$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB920685)–>“C:\WINDOWS$NtUninstallKB920685$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB921398)–>“C:\WINDOWS$NtUninstallKB921398$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB921883)–>“C:\WINDOWS$NtUninstallKB921883$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB922616)–>“C:\WINDOWS$NtUninstallKB922616$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB922819)–>“C:\WINDOWS$NtUninstallKB922819$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923191)–>“C:\WINDOWS$NtUninstallKB923191$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923414)–>“C:\WINDOWS$NtUninstallKB923414$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB924191)–>“C:\WINDOWS$NtUninstallKB924191$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB924496)–>“C:\WINDOWS$NtUninstallKB924496$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB835409)–>“C:\WINDOWS$NtUninstallKB835409$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB898461)–>“C:\WINDOWS$NtUninstallKB898461$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB908531)–>“C:\WINDOWS$NtUninstallKB908531$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB910437)–>“C:\WINDOWS$NtUninstallKB910437$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB911280)–>“C:\WINDOWS$NtUninstallKB911280$\spuninst\spuninst.exe”
Mozilla Firefox (3.0.15)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)–>C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 Parser and SDK–>MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero - Burning Rom–>MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NVIDIA Drivers–>C:\WINDOWS\System32\nvudisp.exe UninstallGUI
O2Micro Flash Memory Card Reader Driver Installer(x86)–>MsiExec.exe /X{372B31CF-77FB-4E29-860C-A0EA2985AB7F}
OpenOffice.org 3.1–>MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Package du correctif Windows XP [voir Q329115 pour plus de détails]–>C:\WINDOWS$NtUninstallQ329115$\spuninst\spuninst.exe
Package du correctif Windows XP [voir Q329390 pour plus de détails]–>C:\WINDOWS$NtUninstallQ329390$\spuninst\spuninst.exe
Pcsx2 0.9.6–>MsiExec.exe /I{0E2B767B-EA6A-489B-BF83-8083FE1DB661}
PhotoNow! 1.0–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe” -uninstall
Power2Go 5.0–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe” -uninstall
PowerBackup 2.5–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe” -uninstall
PowerDirector Express–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe” -uninstall
PowerDVD Copy 1.0–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{E3D04529-6EDB-11D8-A372-0050BAE317E1}\setup.exe” -uninstall
PowerDVD–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe” -uninstall
PowerProducer–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe” -uninstall
QuickTime–>C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1036
Ralink Wireless LAN Card–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe” -l0x9 -removeonly
Razer DeathAdder™ Mouse–>C:\Program Files\InstallShield Installation Information{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}\setup.exe -runfromtemp -l0x040c -removeonly
RealPlayer–>C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE” -l0x40c -removeonly
REALTEK PCIE NIC Driver–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}\SETUP.EXE” -l0x40c REMOVE
Return to Castle Wolfenstein–>C:\PROGRA~1\RETURN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\RETURN~1\Uninstall\Install.log
Ricochet–>“E:\program files 2\steam.exe” uninstall…
Steam™–>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Control Manager–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe” -l0x9 -removeonly
USB2.0 PC Camera (SN9C201&202)–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\Setup.exe” -l0x9
VLC media player 0.9.8a–>C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Driver Package - Agere (AgereSoftModem) Modem (09/08/2005 2.1.60)–>C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\System32\DRVSTORE\agrmdwxp_8C3F8C7251C901A7E72D51DE20B8FFBC93DD587D\agrmdwxp.inf
Windows Driver Package - Cypress (CyUsb) USB -->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\System32\DRVSTORE\cyusb_13860389BCE916343D6A5C65169C6F0C6BF6E3EA\cyusb.inf
Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0)–>C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\System32\DRVSTORE\dadder_1D206EBC9FC4C5439CDE5E133FD5DADD76F8E58F\dadder.inf
Windows Installer 3.1 (KB893803)–>“C:\WINDOWS$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe”
XviD MPEG-4 Video Codec–>“C:\Program Files\XviD\unins000.exe”

======System event log======

Computer Name: 2B223_PIERRO
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l’état : en cours d’exécution.

Record Number: 15779
Source Name: Service Control Manager
Time Written: 20090918171557.000000+120
Event Type: Informations
User:

Computer Name: 2B223_PIERRO
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

Record Number: 15778
Source Name: Service Control Manager
Time Written: 20090918171557.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: 2B223_PIERRO
Event Code: 7036
Message: Le service avast! Mail Scanner est entré dans l’état : en cours d’exécution.

Record Number: 15777
Source Name: Service Control Manager
Time Written: 20090918171557.000000+120
Event Type: Informations
User:

Computer Name: 2B223_PIERRO
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service aswRdr.

Record Number: 15776
Source Name: Service Control Manager
Time Written: 20090918171557.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: 2B223_PIERRO
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l’état : en cours d’exécution.

Record Number: 15775
Source Name: Service Control Manager
Time Written: 20090918171557.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: PC-DE-GRIZARD
Event Code: 0
Message:
Record Number: 1140
Source Name: gupdate1c987d0138248a4
Time Written: 20090429192739.000000+120
Event Type: Informations
User:

Computer Name: PC-DE-GRIZARD
Event Code: 1015
Message: Le délai d’exécution de la fonction “PerfProc” de collecte de données de
performance dans la bibliothèque “C:\WINDOWS\system32\perfproc.dll” a expiré. Il y a peut-être un
problème pour ce compteur extensible ou le service dont il tire ses
informations, ou le système était peut-être très occupé au moment où
l’appel a été tenté.

Record Number: 1139
Source Name: Perflib
Time Written: 20090428193536.000000+120
Event Type: erreur
User:

Computer Name: PC-DE-GRIZARD
Event Code: 0
Message:
Record Number: 1138
Source Name: gupdate1c987d0138248a4
Time Written: 20090428193533.000000+120
Event Type: Informations
User:

Computer Name: PC-DE-GRIZARD
Event Code: 0
Message:
Record Number: 1137
Source Name: RichVideo
Time Written: 20090428193504.000000+120
Event Type: Informations
User:

Computer Name: PC-DE-GRIZARD
Event Code: 0
Message:
Record Number: 1136
Source Name: gupdate1c987d0138248a4
Time Written: 20090428193503.000000+120
Event Type: Informations
User:

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem
“windir”=%SystemRoot%
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 14 Stepping 12, GenuineIntel
“PROCESSOR_REVISION”=0e0c
“NUMBER_OF_PROCESSORS”=2
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“CLASSPATH”=C:\Program Files\QuickTime\QTSystem\QTJava.zip
“QTJAVA”=C:\Program Files\QuickTime\QTSystem\QTJava.zip
“KMP_DUPLICATE_LIB_OK”=TRUE

-----------------EOF-----------------

---

Logfile of random's system information tool 1.06 (written by random/random) Run by Tidus at 2009-10-29 22:20:42 Microsoft Windows XP Professionnel Service Pack 1 System drive C: has 24 GB (67%) free of 35 GB Total RAM: 1023 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:20:44, on 29/10/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\tsnp2std.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tidus\Bureau\RSIT.exe
C:\Program Files\trend micro\Tidus.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM…\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com…
O17 - HKLM\System\CCS\Services\Tcpip…{67C5EF35-5761-48B1-8BC4-68DE902AE1BB}: NameServer = 10.0.1.246
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

–
End of file - 6397 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-20 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=C:\WINDOWS\System32\NvCpl.dll [2006-07-20 7581696]
“tsnp2std”=C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
“MGSysCtrl”=C:\Program Files\System Control Manager\MGSysCtrl.exe [2006-12-13 180736]
“AGRSMMSG”=C:\WINDOWS\AGRSMMSG.exe [2005-09-09 88203]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2006-09-22 16236032]
“Alcmtr”=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
“nwiz”=nwiz.exe /install []
“DeathAdder”=C:\Program Files\Razer\DeathAdder\razerhid.exe [2008-09-05 159744]
“NeroCheck”=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 155648]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
“TkBellExe”=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-20 185872]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-23 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=C:\WINDOWS\System32\ctfmon.exe [2003-04-24 13312]
“Power2GoExpress”= []
“DAEMON Tools”=C:\Program Files\DAEMON Tools\daemon.exe [2007-08-16 167368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
C:\Program Files\Softwin\BitDefender10\bdagent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2006-02-23 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-11-29 58928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2006-12-05 2486272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-12-20 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files 2\steam.exe [2009-10-25 1217808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-20 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Ralink Wireless Utility.lnk]
C:\PROGRA~1\RALINK\Common\RaUI.exe [2006-03-15 593920]

C:\Documents and Settings\Tidus\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-10-29 22:20:42 ----D---- C:\rsit
2009-10-29 21:50:15 ----D---- C:\WINDOWS\CSC
2009-10-29 21:50:09 ----A---- C:\WINDOWS\ntbtlog.txt
2009-10-29 20:36:51 ----D---- C:\Program Files\Trend Micro
2009-10-28 12:49:12 ----SHD---- C:\WINDOWS\ftpcache
2009-10-24 14:22:40 ----A---- C:\WINDOWS\iun6002ev.exe
2009-10-24 14:22:39 ----D---- C:\Program Files\Marco Polo Français Allemand 3.50
2009-10-13 18:15:22 ----D---- C:\EES_AV
2009-10-13 17:54:43 ----D---- C:\Documents and Settings\Tidus\Application Data\Broad Intelligence
2009-10-13 17:54:18 ----D---- C:\Program Files\MediaCoder
2009-10-13 17:27:44 ----D---- C:\Documents and Settings\Tidus\Application Data\Apowersoft
2009-10-13 17:27:32 ----D---- C:\Program Files\Apowersoft
2009-10-11 13:04:10 ----D---- C:\Program Files\DAEMON Tools
2009-10-09 20:12:17 ----D---- C:\Program Files\Valve Lan
2009-10-05 19:34:19 ----D---- C:\Program Files\LD-Anime

======List of files/folders modified in the last 1 months======

2009-10-29 22:17:54 ----D---- C:\WINDOWS\Prefetch
2009-10-29 22:13:13 ----D---- C:\Program Files\Mozilla Firefox
2009-10-29 22:12:50 ----D---- C:\WINDOWS\Temp
2009-10-29 21:52:27 ----D---- C:\WINDOWS
2009-10-29 21:48:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-29 20:36:51 ----RD---- C:\Program Files
2009-10-29 20:33:26 ----D---- C:\Program Files\Mozilla Thunderbird
2009-10-29 19:19:31 ----D---- C:\WINDOWS\System32\CatRoot2
2009-10-29 18:20:15 ----D---- C:\WINDOWS\system32
2009-10-29 16:31:09 ----SD---- C:\Documents and Settings\Tidus\Application Data\Microsoft
2009-10-28 17:15:27 ----SHD---- C:\System Volume Information
2009-10-28 17:15:27 ----D---- C:\WINDOWS\System32\Restore
2009-10-26 20:56:35 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-10-26 20:44:22 ----D---- C:\WINDOWS\System32\drivers
2009-10-25 21:48:59 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2009-10-20 20:37:46 ----SHD---- C:\WINDOWS\Installer
2009-10-15 14:23:00 ----D---- C:\Program Files\VLC
2009-10-10 14:09:06 ----D---- C:\WINDOWS\Debug
2009-10-01 11:32:00 ----D---- C:\Documents and Settings\Tidus\Application Data\Real

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2009-08-17 51376]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2008-12-20 20747]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2009-08-17 94160]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2005-09-26 1145728]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2003-04-24 57344]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2009-08-17 23152]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-10-23 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 Cam5603D;BisonCam, NB Pro; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-04-19 788224]
R3 CmBatt;Pilote d’adaptateur secteur Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2002-08-29 13184]
R3 DAdderFltr;DeathAdder Mouse; C:\WINDOWS\system32\drivers\dadder.sys [2007-08-02 22784]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-22 4381696]
R3 MGHwCtrl;MGHwCtrl; ??\C:\WINDOWS\System32\drivers\MGHwCtrl.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NETw3x32;Pilote de carte réseau Intel® PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [2006-09-26 1709696]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2003-04-24 57984]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-24 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
S3 aev4ucvz;aev4ucvz; C:\WINDOWS\System32\drivers\aev4ucvz.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2003-04-24 68864]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2003-04-24 68864]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; ??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 EagleNT;EagleNT; ??\C:\WINDOWS\System32\drivers\EagleNT.sys []
S3 mbr;mbr; ??\C:\DOCUME~1\Tidus\LOCALS~1\Temp\mbr.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 Profos;Profos; ??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 Trufos;Trufos; ??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\System32\DRIVERS\sr.sys [2003-04-24 69376]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-23 153376]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-07-20 143426]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2006-02-23 323584]

-----------------EOF-----------------

---

Une chose qui me semble importante à dire: au moment ou j'ai fait effectué toute ces manips (RSIT, genproc), il n'y avait pas le virus. Si tu veux je te posterai un log quand le virus sera là ?

Salut

On ne va pas attendre ==>Fais et lis bien

Désactives ton antivirus

Télécharge OTM de OldTimer sur le bureau :

==>OTM de OldTimer

Double-clique sur OTM.exe sur le bureau

—> sous VISTA: clic droit: exécuter en temps qu’administrateur.

• Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée

• Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste Instructions for Items to be Moved

• Clique sur MoveIt! pour lancer la suppression.
• Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTM qui se trouve dans C:_OTM\MovedFiles.

Réactives ton antivirus

ensuite

2)Télécharge Winsockxpfix

sur ton bureau sans l executer au cas tu en aurai besoin aprés

==>winsockxpfix

ensuite

3)Désactives ton antivirus et antispyware

Télécharge Combofix

==>Combofix

==>sur ton Bureau(et pas ailleurs) et renomme le avant qu’il vienne sur ton bureau.
pour ce faire fait un clic droit sur Combofix.exe ,choisis “enregistrer la cible du lien sous…” et renomme le en==>tidus912.com
==> et pour l’emplacement choisis ton bureau et cliques sur “enregistrer”
Fermez toutes les fenêtres ouvertes

Double clique==> tidus912.com ==>(Fichier renommé)
Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.
Lorsque le scan sera terminé, un rapport apparaîtra. Copie/colle ce rapport ici même.
==>Le rapport se trouve également ici : C:\Combofix.txt
==> tu ne devras pas cliquer dans la fenêtre de Combofix pendant l’analyse ; ceci provoquerait le blocage du programme.

Réactives ton antivirus et antispyware

PS
si ta connexion internet n’est plus active après le redémarrage

Windows XP ==>Fais un double clic sur le fichier de WinsockXPFix
clique sur “Fix”

au cas faudra faire une réparation manuelle image ci dessous

@+ cricri58

All processes killed
========== FILES ==========
C:\WINDOWS\iun6002ev.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: Tidus
->Temp folder emptied: 1813419 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55649696 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\LastGood.Tmp\System32\RTCOM folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\System32\drivers folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\System32 folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\INF folder deleted successfully.
C:\WINDOWS\LastGood.Tmp folder deleted successfully.
%systemroot% .tmp files removed: 41443913 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_10c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 49152 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 94,50 mb

OTM by OldTimer - Version 3.0.0.6 log created on 10302009_173017

Files moved on Reboot…
File C:\WINDOWS\temp\Perflib_Perfdata_10c.dat not found!

Registry entries deleted on Reboot…

ComboFix 09-10-28.08 - Tidus 30/10/2009 17:43.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.33.1036.18.1023.686 [GMT 1:00]
Lancé depuis: c:\documents and settings\Tidus\Bureau\tidus912.com.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-09-28 au 2009-10-30 ))))))))))))))))))))))))))))))))))))
.

2009-10-30 16:30 . 2009-10-30 16:30 -------- d-----w- C:_OTM
2009-10-29 19:36 . 2009-10-29 21:20 -------- d-----w- c:\program files\Trend Micro
2009-10-28 11:49 . 2009-10-28 11:49 -------- d-sh–w- c:\windows\ftpcache
2009-10-24 13:22 . 2009-10-30 11:59 -------- d-----w- c:\program files\Marco Polo Français Allemand 3.50
2009-10-13 17:15 . 2009-10-26 18:43 -------- d-----w- C:\EES_AV
2009-10-13 16:54 . 2009-10-13 16:54 -------- d-----w- c:\documents and settings\Tidus\Application Data\Broad Intelligence
2009-10-13 16:54 . 2009-10-13 16:54 -------- d-----w- c:\documents and settings\Tidus\Menu DÚmarrer
2009-10-13 16:54 . 2009-10-13 17:21 -------- d-----w- c:\program files\MediaCoder
2009-10-13 16:27 . 2009-10-13 16:27 -------- d-----w- c:\documents and settings\Tidus\Application Data\Apowersoft
2009-10-13 16:27 . 2009-10-13 16:27 -------- d-----w- c:\program files\Apowersoft
2009-10-11 12:04 . 2009-10-11 12:04 -------- d-----w- c:\program files\DAEMON Tools
2009-10-11 11:57 . 2009-10-11 12:02 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-09 19:12 . 2009-10-10 10:02 -------- d-----w- c:\program files\Valve Lan
2009-10-06 17:31 . 2009-10-06 17:31 -------- d-----w- c:\documents and settings\Tidus\fontconfig
2009-10-06 17:31 . 2009-10-06 17:34 -------- d-----w- c:\documents and settings\Tidus.smplayer
2009-10-05 18:34 . 2009-10-05 18:34 -------- d-----w- c:\program files\LD-Anime

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-30 16:17 . 2009-09-14 10:56 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-10-26 19:56 . 2009-02-05 21:49 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-10-25 20:48 . 2003-04-24 12:00 62872 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-25 20:48 . 2003-04-24 12:00 396650 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-15 13:23 . 2009-09-29 10:43 -------- d-----w- c:\program files\VLC
2009-09-23 16:42 . 2009-01-04 17:55 31696 ----a-w- c:\documents and settings\Tidus\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-23 16:39 . 2009-09-23 16:39 -------- d-----w- c:\documents and settings\Tidus\Application Data\OpenOffice.org
2009-09-23 16:35 . 2009-09-23 16:35 -------- d-----w- c:\program files\JRE
2009-09-23 16:35 . 2009-09-23 16:35 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-23 16:34 . 2009-01-04 16:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-23 16:34 . 2009-09-23 16:34 -------- d-----w- c:\program files\Java
2009-09-16 18:50 . 2009-09-16 18:49 -------- d-----w- c:\program files\IZArc
2008-12-21 10:33 . 2008-12-21 10:33 56 --sh–r- c:\windows\system32\219338D836.sys
2008-12-21 10:33 . 2008-12-21 10:33 2098 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[7] 2004-08-19 . 8558905BA81F6EFAAF9667139BB117DD . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wscntfy.exe

[7] 2004-08-19 . 912591E2055E26566D1CB54092A7E8B0 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\xmlprov.dll

c:\windows\system32\wscntfy.exe … manque !!
c:\windows\system32\xmlprov.dll … manque !!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“DAEMON Tools”=“c:\program files\DAEMON Tools\daemon.exe” [2007-08-16 167368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=“c:\windows\System32\NvCpl.dll” [2006-07-20 7581696]
“tsnp2std”=“c:\windows\tsnp2std.exe” [2005-08-17 90112]
“MGSysCtrl”=“c:\program files\System Control Manager\MGSysCtrl.exe” [2006-12-13 180736]
“DeathAdder”=“c:\program files\Razer\DeathAdder\razerhid.exe” [2008-09-05 159744]
“NeroCheck”=“c:\windows\System32\NeroCheck.exe” [2001-07-09 155648]
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-08-17 81000]
“TkBellExe”=“c:\program files\Fichiers communs\Real\Update_OB\realsched.exe” [2009-01-20 185872]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-09-23 149280]
“AGRSMMSG”=“AGRSMMSG.exe” - c:\windows\AGRSMMSG.exe [2005-09-09 88203]
“RTHDCPL”=“RTHDCPL.EXE” - c:\windows\RTHDCPL.exe [2006-09-22 16236032]
“nwiz”=“nwiz.exe” - c:\windows\system32\nwiz.exe [2006-07-20 1519616]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2003-04-24 13312]

c:\documents and settings\Tidus\Menu D?marrer\Programmes\D?marrage
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [20/12/2008 21:28 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20/12/2008 21:28 35712]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [15/09/2009 19:08 114768]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [25/05/2009 12:11 22784]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [20/12/2008 21:49 9088]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [20/12/2008 21:49 40960]

— Autres Services/Pilotes en mémoire —

NewlyCreated - CLASSPNP_2
NewlyCreated - PCIIDEX_2
Deregistered - CLASSPNP_2
Deregistered - mbr
Deregistered - PCIIDEX_2
.
.
------- Examen supplémentaire -------
.
uStart Page = www.google.fr…
uInternet Settings,ProxyOverride = local
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
TCP: {67C5EF35-5761-48B1-8BC4-68DE902AE1BB} = 10.0.1.246
FF - ProfilePath - c:\documents and settings\Tidus\Application Data\Mozilla\Firefox\Profiles\40gdvusd.default
FF - prefs.js: browser.startup.homepage - www.google.fr…
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.

• • • • ORPHELINS SUPPRIMES - - - -

HKCU-Run-Power2GoExpress - (no file)
AddRemove-Marco Polo Français Allemand 3.50 - c:\windows\iun6002ev.exe

---

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-10-30 17:49
Windows 5.1.2600 Service Pack 1 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

---

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, www.gmer.net…

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, www.gmer.net…

atapi.sys @ 0x0 0x0 bytes

\Driver\atapi [ IRP_MJ_CREATE ] 0x986C != 0xF7674510 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0x986C != 0xF7674510 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0x9882 != 0xF7674510 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x603C != 0xF7674510 atapi.sys
\Driver\atapi [ IRP_MJ_POWER ] 0x98A2 != 0xF7674510 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0xFBE0 != 0xF7674510 atapi.sys
\Driver\atapi IRP hooks detected !

---

.
--------------------- DLLs chargées dans les processus actifs ---------------------

• • • • • • • ‘winlogon.exe’(1228)
              c:\windows\system32\ODBC32.dll

• • • • • • • ‘lsass.exe’(1284)
              c:\windows\System32\dssenh.dll

• • • • • • • ‘explorer.exe’(948)
              c:\windows\System32\msi.dll
              .
              Heure de fin: 2009-10-30 17:50
              ComboFix-quarantined-files.txt 2009-10-30 16:50

Avant-CF: 24 635 887 616 octets libres
Après-CF: 24 605 061 120 octets libres

winxpsp1_fr_pro_bf.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Professionnel” /fastdetect

• • End Of File - - 9D9D546CE9334928623CECC7D1701341

Re
Comment ce Comporte ton PC

et bien le virus n’est pas revenu. Je pense qu’il ne reviendra pas car il n’y a plus de fichier avec des noms bizarres à l’endroit où il se trouvait.
Si demain il ne réapparait pas ça voudra dire que la procédure à fonctionné.

Merci pour ton aide

Si ils sont revenus … et les deux en même temps… J’en ai supprimé un avec mbam je vais voir ce qui ça va faire.

Désactive ton Antivirus

Télécharge SDFix (créé par AndyManchesta) – sauvegarde le sur ton Bureau.

==>SDFix

Double clique sur SDFix.exe et choisis Install pour l’extraire dans un dossier dédié sur le Bureau.
une fois SDFix installé

le Fix ne Fonctionne pas en Mode normal

Redémarre ton ordinateur en mode sans Echec–> important !!

: redémarres ton ordinateur et tapote sur la touche F8 jusqu’à l’affichage du menu des options avancées de Windows, et sélectionne “Mode sans échec”.
Choisis ta session habituelle

cliques sur le menu Démarrer puis Exécuter et Tapes la commande suivant : C:\SDFix\RunThis.bat ==>tu te le noteras avant
Cliques sur OK.
==>Ouvre le dossier SDFix qui vient d’être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
==>Appuies sur Y pour commencer le processus de nettoyage.
==>Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d’appuyer sur une touche pour redémarrer.
==>Appuie sur une touche pour redémarrer le PC.
==>Ton système sera plus long pour redémarrer qu’à l’accoutumée car l’outil va continuer à s’exécuter et supprimer des fichiers.
==> Après le chargement du Bureau, l’outil terminera son travail et affichera Finished.
SDFix --> signale que l’ordinateur doit être redémarré

==> Appuie sur une touche pour finir l’exécution du script et charger les icônes de ton Bureau.
==> Les icônes du Bureau affichées, le rapport SDFix s’ouvrira à l’écran et s’enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
==> Enfin, copie/colle le contenu du fichier Report.txt ici même

je n’ai pas eu le temps de taper C:\SDFix\RunThis.bat mais il m’a fait ce rapport:

Removing Temp Files

ADS Check :

                             [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-10-30 21:27:14
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes …

scanning hidden services & system hive …

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
“s1”=dword:4dd23bed
“s2”=dword:1562b047
“h0”=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
“p0”=“C:\Program Files\DAEMON Tools”
“h0”=dword:00000000
“khjeh”=hex:3e,bd,b6,d5,d6,86,ed,96,52,12,cf,24,68,f1,1d,37,5d,aa,d8,d9,fd,…

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
“a0”=hex:20,01,00,00,9d,bf,c8,33,7a,eb,97,3b,a5,9a,58,af,8b,21,b5,f5,e3,…
“khjeh”=hex:d6,3a,ed,d6,22,c3,40,9e,8e,fb,dc,28,c8,ce,8a,d1,3d,43,26,d5,e1,…

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
“khjeh”=hex:05,91,b2,f9,01,bd,d0,85,5c,a3,d6,db,be,3c,68,05,61,7a,40,0b,8d,…
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
“p0”=“C:\Program Files\DAEMON Tools”
“h0”=dword:00000000
“khjeh”=hex:3e,bd,b6,d5,d6,86,ed,96,52,12,cf,24,68,f1,1d,37,5d,aa,d8,d9,fd,…

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
“a0”=hex:20,01,00,00,9d,bf,c8,33,7a,eb,97,3b,a5,9a,58,af,8b,21,b5,f5,e3,…
“khjeh”=hex:d6,3a,ed,d6,22,c3,40,9e,8e,fb,dc,28,c8,ce,8a,d1,3d,43,26,d5,e1,…

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
“khjeh”=hex:05,91,b2,f9,01,bd,d0,85,5c,a3,d6,db,be,3c,68,05,61,7a,40,0b,8d,…

scanning hidden registry entries …

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
“TracesProcessed”=dword:00000093
“TracesSuccessful”=dword:00000003

scanning hidden files …

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files :

Files with Hidden Attributes :

Sun 21 Dec 2008 56 …SHR — “C:\WINDOWS\system32\219338D836.sys”
Sun 21 Dec 2008 2,098 A.SH. — “C:\WINDOWS\system32\KGyGaAvL.sys”

Finished!

Re

lances Ccleaner

cliques sur “Options”, “Avancé” et décoche la case

–>“Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures”.
–>Clique sur l’onglet “Nettoyeur” puis sur “Lancer le Nettoyage”.
–> Ensuite clique sur l’icone Registre, à droite, clique sur “Chercher des erreurs” puis sur “Réparer les erreurs sélectionnées”.

Accepte la sauvegarde, de la BDR (base de registre )qu’il propose .
Je te conseille de le repasser au moins deux fois,(ou + jusqu’à qu’il ne trouve plus d’erreurs.)

Redémarres ton Pc-

poste un nouveau log RSIT

@+

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Tidus at 2009-10-31 11:14:36
Microsoft Windows XP Professionnel Service Pack 1
System drive C: has 23 GB (67%) free of 35 GB
Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:41, on 31/10/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\WINDOWS\tsnp2std.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tidus\Bureau\RSIT.exe
C:\Program Files\trend micro\Tidus.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM…\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [Malwarebytes Anti-Malware (reboot)] “C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com…
O17 - HKLM\System\CCS\Services\Tcpip…{67C5EF35-5761-48B1-8BC4-68DE902AE1BB}: NameServer = 10.0.1.246
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

–
End of file - 6549 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-20 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=C:\WINDOWS\System32\NvCpl.dll [2006-07-20 7581696]
“tsnp2std”=C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
“MGSysCtrl”=C:\Program Files\System Control Manager\MGSysCtrl.exe [2006-12-13 180736]
“AGRSMMSG”=C:\WINDOWS\AGRSMMSG.exe [2005-09-09 88203]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2006-09-22 16236032]
“nwiz”=nwiz.exe /install []
“DeathAdder”=C:\Program Files\Razer\DeathAdder\razerhid.exe [2008-09-05 159744]
“NeroCheck”=C:\WINDOWS\System32\NeroCheck.exe [2001-07-09 155648]
“avast!”=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
“TkBellExe”=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-20 185872]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-23 149280]
“Malwarebytes Anti-Malware (reboot)”=C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“DAEMON Tools”=C:\Program Files\DAEMON Tools\daemon.exe [2007-08-16 167368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
C:\Program Files\Softwin\BitDefender10\bdagent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2006-02-23 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-11-29 58928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2006-12-05 2486272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-12-20 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files 2\steam.exe [2009-10-25 1217808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-20 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Ralink Wireless Utility.lnk]
C:\PROGRA~1\RALINK\Common\RaUI.exe [2006-03-15 593920]

C:\Documents and Settings\Tidus\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDriveAutoRun”=67108863
“NoDrives”=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“NoDrives”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-10-31 11:14:36 ----D---- C:\rsit
2009-10-30 21:20:53 ----D---- C:\WINDOWS\ERUNT
2009-10-30 17:42:31 ----RASHD---- C:\cmdcons
2009-10-30 17:39:21 ----A---- C:\WINDOWS\zip.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\SWSC.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\SWREG.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\sed.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\PEV.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\MBR.exe
2009-10-30 17:39:21 ----A---- C:\WINDOWS\grep.exe
2009-10-30 17:39:14 ----D---- C:\WINDOWS\ERDNT
2009-10-29 21:50:15 ----SHD---- C:\WINDOWS\CSC
2009-10-29 20:36:51 ----D---- C:\Program Files\Trend Micro
2009-10-28 12:49:12 ----SHD---- C:\WINDOWS\ftpcache
2009-10-24 14:22:39 ----D---- C:\Program Files\Marco Polo Français Allemand 3.50
2009-10-13 18:15:22 ----D---- C:\EES_AV
2009-10-13 17:54:43 ----D---- C:\Documents and Settings\Tidus\Application Data\Broad Intelligence
2009-10-13 17:54:18 ----D---- C:\Program Files\MediaCoder
2009-10-13 17:27:44 ----D---- C:\Documents and Settings\Tidus\Application Data\Apowersoft
2009-10-13 17:27:32 ----D---- C:\Program Files\Apowersoft
2009-10-11 13:04:10 ----D---- C:\Program Files\DAEMON Tools
2009-10-09 20:12:17 ----D---- C:\Program Files\Valve Lan
2009-10-05 19:34:19 ----D---- C:\Program Files\LD-Anime

======List of files/folders modified in the last 1 months======

2009-10-31 11:12:21 ----D---- C:\WINDOWS
2009-10-31 11:12:18 ----D---- C:\WINDOWS\Temp
2009-10-31 11:06:54 ----D---- C:\Program Files\Mozilla Firefox
2009-10-31 00:20:14 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-10-30 22:29:56 ----D---- C:\WINDOWS\system32
2009-10-30 22:29:29 ----D---- C:\WINDOWS\System32\CatRoot2
2009-10-30 22:25:43 ----D---- C:\Program Files\Mozilla Thunderbird
2009-10-30 21:27:13 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2009-10-30 20:07:50 ----D---- C:\WINDOWS\Prefetch
2009-10-30 17:49:13 ----A---- C:\WINDOWS\system.ini
2009-10-30 17:49:05 ----D---- C:\WINDOWS\System32\drivers
2009-10-30 17:46:54 ----D---- C:\WINDOWS\AppPatch
2009-10-30 17:46:51 ----D---- C:\Program Files\Fichiers communs
2009-10-30 17:42:35 ----RASH---- C:\boot.ini
2009-10-30 17:40:38 ----SHD---- C:\System Volume Information
2009-10-30 17:40:38 ----D---- C:\WINDOWS\System32\Restore
2009-10-30 17:30:19 ----SHD---- C:\RECYCLER
2009-10-30 17:29:15 ----D---- C:\Documents and Settings
2009-10-29 20:36:51 ----RD---- C:\Program Files
2009-10-29 16:31:09 ----SD---- C:\Documents and Settings\Tidus\Application Data\Microsoft
2009-10-26 20:56:35 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-10-20 20:37:46 ----SHD---- C:\WINDOWS\Installer
2009-10-15 14:23:00 ----D---- C:\Program Files\VLC
2009-10-10 14:09:06 ----D---- C:\WINDOWS\Debug
2009-10-01 11:32:00 ----D---- C:\Documents and Settings\Tidus\Application Data\Real

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2009-08-17 51376]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2008-12-20 20747]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2009-08-17 94160]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2005-09-26 1145728]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2003-04-24 57344]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2009-08-17 23152]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-10-23 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 Cam5603D;BisonCam, NB Pro; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-04-19 788224]
R3 CmBatt;Pilote d’adaptateur secteur Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2002-08-29 13184]
R3 DAdderFltr;DeathAdder Mouse; C:\WINDOWS\system32\drivers\dadder.sys [2007-08-02 22784]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-22 4381696]
R3 MGHwCtrl;MGHwCtrl; ??\C:\WINDOWS\System32\drivers\MGHwCtrl.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NETw3x32;Pilote de carte réseau Intel® PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [2006-09-26 1709696]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2003-04-24 57984]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-24 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2002-08-29 19328]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2002-08-29 51968]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2002-08-29 19328]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\System32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
S3 af6u1zqa;af6u1zqa; C:\WINDOWS\System32\drivers\af6u1zqa.sys []
S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2003-04-24 68864]
S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2003-04-24 68864]
S3 catchme;catchme; ??\C:\DOCUME~1\Tidus\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; ??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 EagleNT;EagleNT; ??\C:\WINDOWS\System32\drivers\EagleNT.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 Profos;Profos; ??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 Trufos;Trufos; ??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 21760]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-23 153376]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-07-20 143426]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2006-02-23 323584]

-----------------EOF-----------------

Bonjour,

Il n’y a pas le message d’infection dans le rapport:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, www.gmer.net…

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

Mais depuis la dernière manipulation, le virus à disparu soit 14 h sans le voir au total ! J’attend de voir si il va revenir.

Merci

En fait, avant de faire cette manipulation, je vais attendre que le virus revienne. Et depuis Samedi plus aucun signe ça doit être bon.
Mais je n’arrive plus à ouvrir à Avast. Il y a toujours la protection résidente mais dés que j’essaie de faire un scan il m’indique un message d’erreur.

ComboFix 09-11-01.04 - Tidus 02/11/2009 18:50.2.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.33.1036.18.1023.463 [GMT 1:00]
Lancé depuis: c:\documents and settings\Tidus\Bureau\tidus912.com.exe
Commutateurs utilisés :: c:\documents and settings\Tidus\Bureau\CFScript.txt

file zipped: c:\windows\system32\219338D836.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\219338D836.sys

.
--------------- FCopy ---------------

c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wscntfy.exe --> c:\windows\system32\wscntfy.exe
c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\xmlprov.dll --> c:\windows\system32\xmlprov.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-02 au 2009-11-02 ))))))))))))))))))))))))))))))))))))
.

2009-11-02 17:50 . 2004-08-19 23:10 13824 ----a-w- c:\windows\system32\wscntfy.exe
2009-11-02 17:50 . 2004-08-19 23:09 129536 ----a-w- c:\windows\system32\xmlprov.dll
2009-10-30 20:20 . 2009-10-30 20:20 -------- d-----w- c:\windows\ERUNT
2009-10-29 19:36 . 2009-10-31 10:14 -------- d-----w- c:\program files\Trend Micro
2009-10-28 11:49 . 2009-10-28 11:49 -------- d-sh–w- c:\windows\ftpcache
2009-10-24 13:22 . 2009-10-30 11:59 -------- d-----w- c:\program files\Marco Polo Français Allemand 3.50
2009-10-13 17:15 . 2009-10-26 18:43 -------- d-----w- C:\EES_AV
2009-10-13 16:54 . 2009-10-13 16:54 -------- d-----w- c:\documents and settings\Tidus\Application Data\Broad Intelligence
2009-10-13 16:54 . 2009-10-13 16:54 -------- d-----w- c:\documents and settings\Tidus\Menu DÚmarrer
2009-10-13 16:54 . 2009-10-13 17:21 -------- d-----w- c:\program files\MediaCoder
2009-10-13 16:27 . 2009-10-13 16:27 -------- d-----w- c:\documents and settings\Tidus\Application Data\Apowersoft
2009-10-13 16:27 . 2009-10-13 16:27 -------- d-----w- c:\program files\Apowersoft
2009-10-11 12:04 . 2009-10-11 12:04 -------- d-----w- c:\program files\DAEMON Tools
2009-10-11 11:57 . 2009-10-11 12:02 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-09 19:12 . 2009-10-10 10:02 -------- d-----w- c:\program files\Valve Lan
2009-10-06 17:31 . 2009-10-06 17:31 -------- d-----w- c:\documents and settings\Tidus\fontconfig
2009-10-06 17:31 . 2009-10-06 17:34 -------- d-----w- c:\documents and settings\Tidus.smplayer
2009-10-05 18:34 . 2009-10-05 18:34 -------- d-----w- c:\program files\LD-Anime

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-02 17:31 . 2009-09-14 10:56 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-10-31 20:58 . 2009-10-31 20:58 -------- d-----w- c:\program files\directx
2009-10-31 20:54 . 2009-10-31 20:50 -------- d-----w- c:\program files\UnrealTournament
2009-10-31 12:41 . 2009-09-29 10:43 -------- d-----w- c:\program files\VLC
2009-10-30 20:27 . 2003-04-24 12:00 62872 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-30 20:27 . 2003-04-24 12:00 396650 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-26 19:56 . 2009-02-05 21:49 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-09-23 16:42 . 2009-01-04 17:55 31696 ----a-w- c:\documents and settings\Tidus\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-23 16:39 . 2009-09-23 16:39 -------- d-----w- c:\documents and settings\Tidus\Application Data\OpenOffice.org
2009-09-23 16:35 . 2009-09-23 16:35 -------- d-----w- c:\program files\JRE
2009-09-23 16:35 . 2009-09-23 16:35 -------- d-----w- c:\program files\OpenOffice.org 3
2009-09-23 16:34 . 2009-01-04 16:20 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-23 16:34 . 2009-09-23 16:34 -------- d-----w- c:\program files\Java
2009-09-16 18:50 . 2009-09-16 18:49 -------- d-----w- c:\program files\IZArc
2009-09-15 18:08 . 2009-09-15 18:08 -------- d-----w- c:\program files\Alwil Software
2009-09-15 18:00 . 2008-12-20 21:43 81984 ----a-w- c:\windows\system32\bdod.bin
2009-09-15 17:19 . 2009-09-15 17:19 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-09-15 11:59 . 2009-11-01 20:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 11:56 . 2009-11-01 20:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 11:56 . 2009-11-01 20:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 11:55 . 2009-11-01 20:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 11:54 . 2009-11-01 20:14 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-09-15 11:54 . 2009-11-01 20:14 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-15 11:53 . 2009-11-01 20:14 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-15 11:53 . 2009-11-01 20:14 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-14 10:57 . 2009-09-14 10:57 -------- d-----w- c:\documents and settings\Tidus\Application Data\Thunderbird
2009-09-10 13:54 . 2009-02-05 21:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 13:53 . 2009-02-05 21:49 18520 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-06 14:41 . 2009-09-06 14:41 96 —ha-w- c:\windows\system32\HsInfo.dat
2009-09-06 14:37 . 2008-12-20 19:03 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-08-28 10:44 . 2009-08-28 10:44 265797 ----a-w- c:\windows\system32\pdvcodec.dll
2008-12-21 10:33 . 2008-12-21 10:33 2098 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\EES_AV ----

2009-10-13 17:15 . 2009-10-26 18:43 3423 ----a-w- c:\ees_av\EES.PRF
2009-10-13 17:15 . 2009-10-13 17:15 29299 ----a-w- c:\ees_av\INSTALL.LOG
2009-10-13 17:15 . 2009-06-29 15:06 5120000 ----a-w- c:\ees_av\ees.exe
2009-10-13 17:15 . 2009-06-20 11:15 3412550 ----a-w- c:\ees_av\Ees.hlp
2009-10-13 17:15 . 2007-02-08 18:32 1675 ----a-w- c:\ees_av\Ees_dflt.dvi
2009-10-13 17:15 . 2001-04-26 06:50 58880 ----a-w- c:\ees_av\Userlib\Libr\LIBR.dll
2009-10-13 17:15 . 1997-11-04 12:43 338 ----a-w- c:\ees_av\Userlib\BrineProp\Brine2.lkt
2009-10-13 17:15 . 2007-10-18 18:32 15529 ----a-w- c:\ees_av\Userlib\Libr\Libr.hlp
2009-10-13 17:15 . 1997-11-04 12:17 11088 ----a-w- c:\ees_av\Userlib\BrineProp\Brine1.lkt
2009-10-13 17:15 . 2000-09-02 13:16 113 ----a-w- c:\ees_av\Userlib\Libr\Libr.ctx
2009-10-13 17:15 . 2005-03-19 19:44 147037 ----a-w- c:\ees_av\Userlib\Examples\2-D Conduction.EES
2009-10-13 17:15 . 2005-06-04 18:26 65472 ----a-w- c:\ees_av\Userlib\Examples\Absorp.ees
2009-10-13 17:15 . 2002-07-29 05:41 4371 ----a-w- c:\ees_av\Userlib\Examples\BasicEqn.EES
2009-10-13 17:15 . 2008-07-10 20:18 50751 ----a-w- c:\ees_av\Userlib\Examples\capvst.ees
2009-10-13 17:15 . 2006-06-21 09:44 17319 ----a-w- c:\ees_av\Userlib\Examples\Ch1ex.ees
2009-10-13 17:15 . 2002-06-22 09:08 25121 ----a-w- c:\ees_av\Userlib\Examples\ChemEq.EES
2009-10-13 17:15 . 2002-11-16 19:41 4913 ----a-w- c:\ees_av\Userlib\Examples\complexroots.EES
2009-10-13 17:15 . 2002-11-17 14:47 10067 ----a-w- c:\ees_av\Userlib\Examples\Convect.ees
2009-10-13 17:15 . 2005-08-18 05:57 5433 ----a-w- c:\ees_av\Userlib\Examples\Convert.EES
2009-10-13 17:15 . 2007-01-17 19:47 14385 ----a-w- c:\ees_av\Userlib\Examples\Copper.ees
2009-10-13 17:15 . 2002-07-29 05:59 4621 ----a-w- c:\ees_av\Userlib\Examples\Dbl_intg.ees
2009-10-13 17:15 . 2006-06-21 09:47 22162 ----a-w- c:\ees_av\Userlib\Examples\DFQ_1.ees
2009-10-13 17:15 . 2006-05-28 15:09 12856 ----a-w- c:\ees_av\Userlib\Examples\DiagrmW.ees
2009-10-13 17:15 . 2005-02-16 18:59 9872 ----a-w- c:\ees_av\Userlib\Examples\Difeqn1.ees
2009-10-13 17:15 . 2005-02-16 19:00 13585 ----a-w- c:\ees_av\Userlib\Examples\Difeqn2.ees
2009-10-13 17:15 . 2005-02-10 18:08 4094 ----a-w- c:\ees_av\Userlib\Examples\Dinner.ees
2009-10-13 17:15 . 2009-06-19 18:32 22862 ----a-w- c:\ees_av\Userlib\Examples\drag.ees
2009-10-13 17:15 . 2006-07-08 10:53 10196 ----a-w- c:\ees_av\Userlib\Examples\Examples.txb
2009-10-13 17:15 . 2004-03-04 19:49 10848 ----a-w- c:\ees_av\Userlib\Examples\Flamet.ees
2009-10-13 17:15 . 2005-09-01 18:30 19322 ----a-w- c:\ees_av\Userlib\Examples\guesses.EES
2009-10-13 17:15 . 2005-07-24 14:30 16945 ----a-w- c:\ees_av\Userlib\Examples\Heatex.ees
2009-10-13 17:15 . 2005-02-10 20:07 5239 ----a-w- c:\ees_av\Userlib\Examples\iftest.ees
2009-10-13 17:15 . 2006-07-08 09:28 23149 ----a-w- c:\ees_av\Userlib\Examples\janaf.ees
2009-10-13 17:15 . 2002-07-29 07:00 14796 ----a-w- c:\ees_av\Userlib\Examples\LaGrange.EES
2009-10-13 17:15 . 2007-11-19 19:54 9077 ----a-w- c:\ees_av\Userlib\Examples\Matrix.ees
2009-10-13 17:15 . 2007-11-19 19:52 10349 ----a-w- c:\ees_av\Userlib\Examples\Matrix2.ees
2009-10-13 17:15 . 2009-04-29 09:01 13317 ----a-w- c:\ees_av\Userlib\Examples\Maxpower.ees
2009-10-13 17:15 . 2002-11-17 14:14 12073 ----a-w- c:\ees_av\Userlib\Examples\min_G.EES
2009-10-13 17:15 . 2005-11-19 11:31 9970 ----a-w- c:\ees_av\Userlib\Examples\moody.ees
2009-10-13 17:15 . 2005-07-11 18:43 15325 ----a-w- c:\ees_av\Userlib\Examples\Nlinrg.ees
2009-10-13 17:15 . 2005-09-01 18:30 8483 ----a-w- c:\ees_av\Userlib\Examples\Prop2.EES
2009-10-13 17:15 . 2005-09-01 18:29 19851 ----a-w- c:\ees_av\Userlib\Examples\Prop3.ees
2009-10-13 17:15 . 2001-01-03 22:10 96802 ----a-w- c:\ees_av\Userlib\Examples\Propcalc.hlp
2009-10-13 17:15 . 2003-08-06 21:56 22980 ----a-w- c:\ees_av\Userlib\Examples\Property_Calculator.EES
2009-10-13 17:15 . 2000-07-04 08:24 136 ----a-w- c:\ees_av\Userlib\Examples\PropPlot_hs.emf
2009-10-13 17:15 . 2000-07-04 08:24 138 ----a-w- c:\ees_av\Userlib\Examples\PropPlot_Ph.emf
2009-10-13 17:15 . 2000-07-04 08:25 138 ----a-w- c:\ees_av\Userlib\Examples\PropPlot_Pv.emf
2009-10-13 17:15 . 2000-07-04 08:23 138 ----a-w- c:\ees_av\Userlib\Examples\PropPlot_Ts.emf
2009-10-13 17:15 . 2000-07-04 08:23 140 ----a-w- c:\ees_av\Userlib\Examples\PropPlot_Tv.emf
2009-10-13 17:15 . 2005-02-16 18:58 30675 ----a-w- c:\ees_av\Userlib\Examples\Rankine.ees
2009-10-13 17:15 . 2005-02-16 19:08 24900 ----a-w- c:\ees_av\Userlib\Examples\Refrig.ees
2009-10-13 17:15 . 2002-11-16 19:40 24705 ----a-w- c:\ees_av\Userlib\Examples\Regen.ees
2009-10-13 17:15 . 2002-11-17 12:33 5216 ----a-w- c:\ees_av\Userlib\Examples\Rk4_test.ees
2009-10-13 17:15 . 2002-11-17 13:03 7158 ----a-w- c:\ees_av\Userlib\Examples\sonic_v.EES
2009-10-13 17:15 . 2005-02-16 19:44 30294 ----a-w- c:\ees_av\Userlib\Examples\SteamCyc.ees
2009-10-13 17:15 . 2002-11-16 19:44 42148 ----a-w- c:\ees_av\Userlib\Examples\Steam_flow vectors.EES
2009-10-13 17:15 . 2002-11-17 14:25 7966 ----a-w- c:\ees_av\Userlib\Examples\Solid-Liquid_Props.EES
2009-10-13 17:15 . 2005-02-16 19:01 8092 ----a-w- c:\ees_av\Userlib\Examples\Substeps.ees
2009-10-13 17:15 . 2002-11-17 14:44 34824 ----a-w- c:\ees_av\Userlib\Examples\Supermkt.ees
2009-10-13 17:15 . 2003-10-01 16:15 88698 ----a-w- c:\ees_av\Userlib\Examples\Blasius.EES
2009-10-13 17:15 . 2007-11-19 19:55 16941 ----a-w- c:\ees_av\Userlib\Examples\ArrayRange_Notation.EES
2009-10-13 17:15 . 2002-11-17 14:14 13355 ----a-w- c:\ees_av\Userlib\Examples\Modules.EES
2009-10-13 17:15 . 2005-01-30 20:58 15386 ----a-w- c:\ees_av\Userlib\Examples\Uncertainty.EES
2009-10-13 17:15 . 2005-11-30 19:18 17830 ----a-w- c:\ees_av\Userlib\Examples\compressorMap.EES
2009-10-13 17:15 . 2001-07-27 16:27 32 ----a-w- c:\ees_av\Userlib\Examples\IncludePrgm1.txt
2009-10-13 17:15 . 2001-07-27 19:35 16 ----a-w- c:\ees_av\Userlib\Examples\IncludePrgm2.txt
2009-10-13 17:15 . 2002-06-23 09:05 5955 ----a-w- c:\ees_av\Userlib\Examples\testinclude.EES
2009-10-13 17:15 . 2003-02-23 11:31 20206 ----a-w- c:\ees_av\Userlib\Examples\Plot_strings.EES
2009-10-13 17:15 . 2008-03-08 10:35 163 ----a-w- c:\ees_av\Userlib\Examples\psych.emf
2009-10-13 17:15 . 2005-02-10 19:26 6845 ----a-w- c:\ees_av\Userlib\Examples\adiabatic_combustion.EES
2009-10-13 17:15 . 2002-11-16 20:02 29687 ----a-w- c:\ees_av\Userlib\Examples\nozzle.EES
2009-10-13 17:15 . 2008-03-23 12:10 21171 ----a-w- c:\ees_av\Userlib\Examples\psych.EES
2009-10-13 17:15 . 2002-06-08 20:04 3767 ----a-w- c:\ees_av\Userlib\Examples$Warning.EES
2009-10-13 17:15 . 2002-11-16 20:18 20042 ----a-w- c:\ees_av\Userlib\Examples\ChemEq_converge.EES
2009-10-13 17:15 . 2002-11-16 21:21 4646 ----a-w- c:\ees_av\Userlib\Examples\UnitConversion F=ma.EES
2009-10-13 17:15 . 2004-08-03 19:03 17150 ----a-w- c:\ees_av\Userlib\Examples$export_import.ees
2009-10-13 17:15 . 2002-11-16 21:24 5201 ----a-w- c:\ees_av\Userlib\Examples$reference.ees
2009-10-13 17:15 . 2006-07-08 09:39 13170 ----a-w- c:\ees_av\Userlib\Examples\Modules&Subprograms.EES
2009-10-13 17:15 . 1999-10-23 19:54 38 ----a-w- c:\ees_av\Userlib\Examples\btest.emf
2009-10-13 17:15 . 2002-08-31 09:18 4887 ----a-w- c:\ees_av\Userlib\Examples\FindingtheLimit.EES
2009-10-13 17:15 . 2002-12-21 10:01 11719 ----a-w- c:\ees_av\Userlib\Examples\runaround_HX.EES
2009-10-13 17:15 . 2003-09-25 19:15 17921 ----a-w- c:\ees_av\Userlib\Examples\ShootingMethod_DFQ.EES
2009-10-13 17:15 . 2002-09-04 08:46 6983 ----a-w- c:\ees_av\Userlib\Examples\TabStops.EES
2009-10-13 17:15 . 2005-11-30 07:30 12025 ----a-w- c:\ees_av\Userlib\Examples\Blackbody.EES
2009-10-13 17:15 . 2009-06-20 11:18 218707 ----a-w- c:\ees_av\NewFeatures.htm
2009-10-13 17:15 . 2002-12-05 19:13 4036 ----a-w- c:\ees_av\Userlib\VoltTC\testVoltTC.EES
2009-10-13 17:15 . 2007-03-03 14:19 10892 ----a-w- c:\ees_av\Userlib\VoltTC\VoltTC.chm
2009-10-13 17:15 . 2002-12-07 12:07 6887 ----a-w- c:\ees_av\Userlib\VoltTC\VoltTC.lib
2009-10-13 17:15 . 2002-12-25 15:47 954 ----a-w- c:\ees_av\EESRU.txt
2009-10-13 17:15 . 2003-01-03 07:24 4682 ----a-w- c:\ees_av\Userlib\Examples$IFNOT directive.EES
2009-10-13 17:15 . 2003-05-10 18:12 5947 ----a-w- c:\ees_av\Userlib\Examples$IF StringVariable.EES
2009-10-13 17:15 . 2007-08-26 13:39 35021 ----a-w- c:\ees_av\Userlib\Examples\Regen_minmax.EES
2009-10-13 17:15 . 2005-02-14 19:51 8468 ----a-w- c:\ees_av\Userlib\Examples\errorbars.EES
2009-10-13 17:15 . 2004-01-08 17:30 4714 ----a-w- c:\ees_av\Userlib\Examples\Singularity.EES
2009-10-13 17:15 . 2003-12-27 13:57 41607 ----a-w- c:\ees_av\Userlib\Examples\gas spring.EES
2009-10-13 17:15 . 2008-01-02 20:17 288430 ----a-w- c:\ees_av\Userlib\Examples\4-stroke engine.EES
2009-10-13 17:15 . 2008-01-02 20:16 629858 ----a-w- c:\ees_av\Userlib\Examples\2-stroke engine.EES
2009-10-13 17:15 . 2003-12-29 12:11 709317 ----a-w- c:\ees_av\Userlib\Examples\Diesel engine.EES
2009-10-13 17:15 . 2004-01-18 10:37 526240 ----a-w- c:\ees_av\Userlib\Examples\projectile.EES
2009-10-13 17:15 . 2004-01-06 16:56 359836 ----a-w- c:\ees_av\Userlib\Examples\air compressor.EES
2009-10-13 17:15 . 2008-01-02 20:18 96694 ----a-w- c:\ees_av\Userlib\Examples\Water change in phase.EES
2009-10-13 17:15 . 2004-04-04 14:35 8308 ----a-w- c:\ees_av\Userlib\Examples\globalConstant.EES
2009-10-13 17:15 . 2005-02-16 19:03 72484 ----a-w- c:\ees_av\Userlib\Examples\Transient Conduction through a Plane Wall.EES
2009-10-13 17:15 . 2004-05-10 18:37 5438 ----a-w- c:\ees_av\Userlib\Examples$IF StringVariable2.EES
2009-10-13 17:15 . 2004-06-11 11:18 4636 ----a-w- c:\ees_av\Userlib\Examples\AvoidLogProblem.EES
2009-10-13 17:15 . 2004-08-03 19:18 17642 ----a-w- c:\ees_av\Userlib\Examples$savetable.ees
2009-10-13 17:15 . 2004-07-30 11:26 58336 ----a-w- c:\ees_av\Userlib\Examples\curvefit.ees
2009-10-13 17:15 . 2004-09-23 08:03 298099 ----a-w- c:\ees_av\Userlib\Examples\spring.EES
2009-10-13 17:15 . 2005-08-18 05:10 4344 ----a-w- c:\ees_av\Userlib\Examples\convert.htm
2009-10-13 17:15 . 2004-11-21 19:08 17468 ----a-w- c:\ees_av\Userlib\Examples\Trace.EES
2009-10-13 17:15 . 2005-08-18 04:56 3703 ----a-w- c:\ees_av\Userlib\Examples\BasicEqn.htm
2009-10-13 17:15 . 2006-07-29 14:00 1057659 ----a-w- c:\ees_av\Userlib\NASA\NASA.dlp
2009-10-13 17:15 . 2006-03-25 20:47 52835 ----a-w- c:\ees_av\Userlib\NASA\Nasa.hlp
2009-10-13 17:15 . 2006-04-09 16:56 102253 ----a-w- c:\ees_av\Userlib\Examples\Indicated power.EES
2009-10-13 17:15 . 2007-02-26 19:50 20159 ----a-w- c:\ees_av\Userlib\EES_System\Gen_eos.chm
2009-10-13 17:15 . 2001-04-24 19:32 48128 ----a-w- c:\ees_av\Userlib\EES_System\GEN_EOS.dll
2009-10-13 17:15 . 2006-05-24 17:06 698 ----a-w- c:\ees_av\Userlib\EES_System\Interpolate2DM.LIB
2009-10-13 17:15 . 2003-06-11 17:21 3582 ----a-w- c:\ees_av\Userlib\EES_System\KelvinFunctions.LIB
2009-10-13 17:15 . 2003-06-05 05:25 37201 ----a-w- c:\ees_av\Userlib\EES_System\KelvinFunctions.pdf
2009-10-13 17:15 . 2005-11-19 20:52 1362 ----a-w- c:\ees_av\Userlib\EES_System\Moody.LIB
2009-10-13 17:15 . 2004-03-17 16:05 161 ----a-w- c:\ees_av\Userlib\EES_System\PENG_Robinson.ctx
2009-10-13 17:15 . 2005-05-06 08:23 57856 ----a-w- c:\ees_av\Userlib\EES_System\Peng_Robinson.dll
2009-10-13 17:15 . 2007-02-25 18:20 20683 ----a-w- c:\ees_av\Userlib\EES_System\PENG_Robinson.chm
2009-10-13 17:15 . 2001-06-08 08:49 18432 ----a-w- c:\ees_av\Userlib\EES_System\pwf.dlf
2009-10-13 17:15 . 2001-04-26 06:57 646 ----a-w- c:\ees_av\Userlib\EES_System\pwf.hlp
2009-10-13 17:15 . 2005-02-10 07:34 1208 ----a-w- c:\ees_av\Userlib\EES_System\RealCubicRoots.LIB
2009-10-13 17:15 . 2006-05-24 19:19 15503 ----a-w- c:\ees_av\Userlib\Examples\Tungsten.EES
2009-10-13 17:15 . 2003-06-06 19:49 3206 ----a-w- c:\ees_av\Userlib\mhe Property Files\FC72.mhe
2009-10-13 17:15 . 2004-08-21 12:50 3109 ----a-w- c:\ees_av\Userlib\mhe Property Files\FC87.mhe
2009-10-13 17:15 . 2004-08-16 08:22 3605 ----a-w- c:\ees_av\Userlib\mhe Property Files\HFE7000.mhe
2009-10-13 17:15 . 2002-03-16 16:42 3442 ----a-w- c:\ees_av\Userlib\mhe Property Files\HFE7100.mhe
2009-10-13 17:15 . 2004-09-05 13:14 3571 ----a-w- c:\ees_av\Userlib\mhe Property Files\ISCEON89.mhe
2009-10-13 17:15 . 2005-08-27 15:19 3487 ----a-w- c:\ees_av\Userlib\mhe Property Files\isoPropanol.mhe
2009-10-13 17:15 . 1995-12-30 10:08 2892 ----a-w- c:\ees_av\Userlib\mhe Property Files\r113.mhe
2009-10-13 17:15 . 2005-06-17 19:30 3243 ----a-w- c:\ees_av\Userlib\mhe Property Files\R236fa.mhe
2009-10-13 17:15 . 2002-03-16 16:56 3168 ----a-w- c:\ees_av\Userlib\mhe Property Files\r600a.mhe
2009-10-13 17:15 . 2006-08-03 12:20 2891 ----a-w- c:\ees_av\Userlib\mhe Property Files\Sodium.mhe
2009-10-13 17:15 . 2006-11-28 18:26 46592 ----a-w- c:\ees_av\Userlib\EES_System\nh3h2o.dlp
2009-10-13 17:15 . 1999-08-09 06:09 1444 ----a-w- c:\ees_av\Userlib\mhe Property Files\Testidg.idg
2009-10-13 17:15 . 2006-12-22 16:18 2580 ----a-w- c:\ees_av\Userlib\EES_System\nh3h2o.hlp
2009-10-13 17:15 . 2001-08-07 06:47 1286 ----a-w- c:\ees_av\Userlib\EES_System\rk4.lib
2009-10-13 17:15 . 1999-01-01 02:00 112640 ----a-w- c:\ees_av\aunzip32.dll
2009-10-13 17:15 . 2001-04-25 19:44 298558 ----a-w- c:\ees_av\Userlib\NASA\janaf.dlp
2009-10-13 17:15 . 2002-11-08 16:04 192 ----a-w- c:\ees_av\Eng_DefaultUnits.unt
2009-10-13 17:15 . 2001-02-23 19:08 12879 ----a-w- c:\ees_av\Userlib\NASA\Janaf.hlp
2009-10-13 17:15 . 2007-02-06 14:14 2251 ----a-w- c:\ees_av\ees.dft
2009-10-13 17:15 . 2002-11-08 16:02 171 ----a-w- c:\ees_av\SI_DefaultUnits.unt
2009-10-13 17:15 . 2006-06-25 19:32 17595 ----a-w- c:\ees_av\Userlib\EES_System\interpolate2dm.pdf
2009-10-13 17:15 . 2009-10-26 18:42 434 ----a-w- c:\ees_av\hello.txt
2009-10-13 17:15 . 2008-12-21 11:42 74778 ----a-w- c:\ees_av\Userlib\Examples\Diagram_IN_OUT.EES
2009-10-13 17:15 . 2009-05-28 15:31 1947231 ----a-w- c:\ees_av\EES_manual.pdf
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_10s.bmp
2009-10-13 17:15 . 2006-08-03 08:28 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_11s.bmp
2009-10-13 17:15 . 2006-08-03 07:40 8816 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_11s.gif
2009-10-13 17:15 . 2006-08-03 08:28 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_12s.bmp
2009-10-13 17:15 . 2006-08-03 07:32 9293 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_12s.gif
2009-10-13 17:15 . 2006-08-03 08:27 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_13s.bmp
2009-10-13 17:15 . 2006-08-03 07:14 11329 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_13s.gif
2009-10-13 17:15 . 2006-08-03 08:27 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_14s.bmp
2009-10-13 17:15 . 2006-08-03 08:09 5833 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_14s.gif
2009-10-13 17:15 . 2006-08-03 08:30 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_15s.bmp
2009-10-13 17:15 . 2006-08-03 06:23 4458 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_15s.gif
2009-10-13 17:15 . 2006-08-03 08:28 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_16s.bmp
2009-10-13 17:15 . 2006-08-03 08:25 10458 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_16s.gif
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_1s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_2s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_3s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_4s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_5s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_6s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_7s.bmp
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_8s.bmp
2009-10-13 17:15 . 2008-11-28 19:57 2528 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\Stress Concentration.toc
2009-10-13 17:15 . 2006-08-10 08:16 34998 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\bmps\SCF_9s.bmp
2009-10-13 17:15 . 2006-08-03 09:21 19812 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\Stress Concentration Factors.LIB
2009-10-13 17:15 . 2006-07-31 13:26 2265 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\notched_rod_tension.txt
2009-10-13 17:15 . 2007-03-05 17:28 166453 ----a-w- c:\ees_av\Userlib\Stress Concentration Factors\stress concentration factors.chm
2009-10-13 17:15 . 2001-05-24 10:59 162304 ----a-w- c:\ees_av\UNWISE.EXE
2009-10-13 17:15 . 2009-02-16 20:07 11069 ----a-w- c:\ees_av\Userlib\BrineProp\BrineProp2.chm
2009-10-13 17:15 . 2006-11-11 17:14 8660 ----a-w- c:\ees_av\Userlib\BrineProp\Brineprop2.LIB
2009-10-13 17:15 . 2009-03-11 18:59 3415 ----a-w- c:\ees_av\Constants.txt
2009-10-13 17:15 . 2008-12-17 20:08 4384 ----a-w- c:\ees_av\units.txt
2009-10-13 17:15 . 2006-08-08 07:52 420 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Building Materials.txt
2009-10-13 17:15 . 2008-01-19 08:51 758 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Brass.LKT
2009-10-13 17:15 . 2001-03-19 13:36 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Brick-common.LKT
2009-10-13 17:15 . 2004-10-20 19:56 496 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Bronze.LKT
2009-10-13 17:15 . 2001-03-17 14:10 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-glass fiber rho=32.LKT
2009-10-13 17:15 . 2001-03-17 14:09 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-glass fiber rho=48.LKT
2009-10-13 17:15 . 2001-08-21 08:33 694 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Boron.LKT
2009-10-13 17:15 . 2001-03-17 14:11 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-glass fiber rho=16.LKT
2009-10-13 17:15 . 2001-03-17 14:11 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-glass fiber rho=24.LKT
2009-10-13 17:15 . 2001-03-17 14:16 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-Al-silica rho=64.LKT
2009-10-13 17:15 . 2001-03-17 14:20 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-Al-silica rho=96.LKT
2009-10-13 17:15 . 2001-03-17 13:57 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-glass fiber rho=12.LKT
2009-10-13 17:15 . 2004-10-20 19:56 496 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Bismuth.LKT
2009-10-13 17:15 . 2001-03-17 14:19 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-Al-silica rho=128.LKT
2009-10-13 17:15 . 2001-03-17 14:14 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Blanket-Al-silica rho=48.LKT
2009-10-13 17:15 . 2004-10-20 19:57 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Beryllium oxide.LKT
2009-10-13 17:15 . 2004-10-20 19:56 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Beryllium.LKT
2009-10-13 17:15 . 2001-03-16 14:06 363 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Bismuth-liquid.LKT
2009-10-13 17:15 . 2006-05-23 07:47 710 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Aluminum_Polished.lkt
2009-10-13 17:15 . 2001-03-19 13:40 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Asphalt.LKT
2009-10-13 17:15 . 2001-03-19 13:40 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Bakelite.LKT
2009-10-13 17:15 . 2001-03-17 05:46 384 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Al oxide-sapphire.LKT
2009-10-13 17:15 . 2006-04-21 18:02 3642 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Aluminum.lkt
2009-10-13 17:15 . 2001-03-19 13:31 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Acoustic tile.LKT
2009-10-13 17:15 . 2006-05-23 07:47 842 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\AISI-304_Polished.lkt
2009-10-13 17:15 . 2001-08-22 05:51 562 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Al oxide-polycryst.LKT
2009-10-13 17:15 . 2006-04-01 13:23 2606 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Cadmium.LKT
2009-10-13 17:15 . 2004-10-20 19:55 628 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Carbon_steel.LKT
2009-10-13 17:15 . 2004-10-20 19:55 562 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Carbon_steel_AISI1010.LKT
2009-10-13 17:15 . 2001-03-19 13:35 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\cement mortar.LKT
2009-10-13 17:15 . 2006-04-01 13:13 3002 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Chromium.LKT
2009-10-13 17:15 . 2006-05-23 07:46 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Chromium_Polished.lkt
2009-10-13 17:15 . 2001-03-19 13:42 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Clay.LKT
2009-10-13 17:15 . 2006-05-23 07:46 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Clay_Smooth.lkt
2009-10-13 17:15 . 2001-03-19 13:42 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Coal-anthracite.LKT
2009-10-13 17:15 . 2004-10-20 19:54 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Cobalt.LKT
2009-10-13 17:15 . 2006-05-23 07:46 512 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Cobalt_Smooth.lkt
2009-10-13 17:15 . 2001-03-19 13:43 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Concrete & stone mix.LKT
2009-10-13 17:15 . 2008-01-05 12:48 1022 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Copper.lkt
2009-10-13 17:15 . 2006-05-23 07:47 556 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Copper_Polished.lkt
2009-10-13 17:15 . 2001-03-19 13:43 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Cotton.LKT
2009-10-13 17:15 . 2005-01-11 07:51 2938 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Dowtherm_Q.lkt
2009-10-13 17:15 . 2005-01-11 07:51 2740 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Dowtherm_RP.lkt
2009-10-13 17:15 . 2001-07-20 08:19 1354 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Engine Oil-unused.LKT
2009-10-13 17:15 . 2008-07-21 16:44 506 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Fluids.txt
2009-10-13 17:15 . 2004-10-20 19:54 562 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Fused silica.LKT
2009-10-13 17:15 . 2003-10-04 14:16 1220 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\G10_cryogenic.LKT
2009-10-13 17:15 . 2004-10-20 19:53 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Germanium.LKT
2009-10-13 17:15 . 2006-05-23 07:46 468 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Germanium_Polished.lkt
2009-10-13 17:15 . 2006-05-23 07:46 556 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass - Soda Lime_Smooth.lkt
2009-10-13 17:15 . 2001-03-19 13:37 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass fiber batt rho=16.LKT
2009-10-13 17:15 . 2001-03-19 13:37 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass fiber batt rho=28.LKT
2009-10-13 17:15 . 2001-03-19 13:38 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass fiber batt rho=40.LKT
2009-10-13 17:15 . 2001-03-19 13:38 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass fiber duct liner.LKT
2009-10-13 17:15 . 2007-11-26 18:49 1966 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass-Pyrex.LKT
2009-10-13 17:15 . 2001-03-19 13:44 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glass-soda lime.LKT
2009-10-13 17:15 . 2001-07-20 08:18 628 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Glycerin.LKT
2009-10-13 17:15 . 2006-04-01 13:22 2870 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Gold.LKT
2009-10-13 17:15 . 2006-05-23 07:47 622 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Gold_Polished.lkt
2009-10-13 17:15 . 2006-05-23 07:46 534 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Graphite_Smooth.lkt
2009-10-13 17:15 . 2001-03-19 13:36 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Gypsum plaster&sand.LKT
2009-10-13 17:15 . 2006-05-23 07:47 402 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Gypsum_Smooth.lkt
2009-10-13 17:15 . 2001-03-19 13:32 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Hardboard-high density.LKT
2009-10-13 17:15 . 2001-03-19 13:31 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Hardboard-siding.LKT
2009-10-13 17:15 . 2001-03-19 13:34 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Hardwoods-oak-maple.LKT
2009-10-13 17:15 . 2005-01-11 07:52 1023 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Hitec_XL.lkt
2009-10-13 17:15 . 2001-03-17 09:01 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Ice.LKT
2009-10-13 17:15 . 2004-10-20 19:52 628 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Inconel_X_750.LKT
2009-10-13 17:15 . 2006-04-09 15:03 763 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Insulation.txt
2009-10-13 17:15 . 2004-10-20 19:52 826 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Iridium.LKT
2009-10-13 17:15 . 2006-05-23 07:46 490 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Iridium_Smooth.lkt
2009-10-13 17:15 . 2006-04-01 13:26 3002 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Iron.LKT
2009-10-13 17:15 . 2001-08-22 05:37 693 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Iron_Armco.LKT
2009-10-13 17:15 . 2006-05-23 07:47 512 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Iron_Polished.lkt
2009-10-13 17:15 . 2001-03-16 14:06 363 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\lead-liquid.LKT
2009-10-13 17:15 . 2006-04-01 13:30 2672 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Lead.LKT
2009-10-13 17:15 . 2006-08-08 07:57 129 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Liquid Metals.txt
2009-10-13 17:15 . 2001-03-17 14:48 427 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\loose fill-perlite.LKT
2009-10-13 17:15 . 2001-03-17 14:50 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\loose fill-vermiculite 122.LKT
2009-10-13 17:15 . 2001-03-17 14:51 361 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\loose fill-vermiculite 80.LKT
2009-10-13 17:15 . 2001-03-17 14:53 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\loose fill-wood.LKT
2009-10-13 17:15 . 2006-04-01 13:35 2738 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Magnesium.LKT
2009-10-13 17:15 . 2006-05-23 07:46 556 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Magnesium_Vapor_Blasted.lkt
2009-10-13 17:15 . 2001-07-20 08:19 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Mercury-liquid.LKT
2009-10-13 17:15 . 2006-05-23 07:46 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Mercury_Clean.lkt
2009-10-13 17:15 . 2008-01-19 08:43 860 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Metals.txt
2009-10-13 17:15 . 2006-08-08 07:54 537 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Miscellaneous.txt
2009-10-13 17:15 . 2007-08-09 06:22 341 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Molten Salts.txt
2009-10-13 17:15 . 2008-01-05 12:48 2870 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Molybdenum.LKT
2009-10-13 17:15 . 2006-05-23 07:47 754 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Molybdenum_Polished.lkt
2009-10-13 17:15 . 2001-03-16 14:09 363 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\NaK(22-78)-liquid.LKT
2009-10-13 17:15 . 2001-03-16 14:10 363 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\NaK(44-55)-liquid.LKT
2009-10-13 17:15 . 2001-08-22 06:20 418 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Nichrome.LKT
2009-10-13 17:15 . 2006-04-01 13:41 2936 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Nickel.LKT
2009-10-13 17:15 . 2006-05-23 07:47 622 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Nickel_Oxide_Smooth.lkt
2009-10-13 17:15 . 2006-05-23 07:47 644 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Nickel_Polished.lkt
2009-10-13 17:15 . 2006-04-01 13:45 3068 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Niobium.LKT
2009-10-13 17:15 . 2006-05-23 07:47 688 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Niobium_Smooth.lkt
2009-10-13 17:15 . 2008-01-05 12:58 57546 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\NIST data.EES
2009-10-13 17:15 . 2008-01-05 12:48 1482 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\OFHC Copper RRR=100.lkt
2009-10-13 17:15 . 2003-10-04 05:41 1220 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\OFHC_copper_cryogenic.LKT
2009-10-13 17:15 . 2004-10-20 19:49 826 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Palladium.LKT
2009-10-13 17:15 . 2001-03-19 13:45 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Paper.LKT
2009-10-13 17:15 . 2001-03-19 13:45 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Parafin.LKT
2009-10-13 17:15 . 2001-03-19 13:34 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Particle board-high density.LKT
2009-10-13 17:15 . 2001-03-19 13:33 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Particle board-low density.LKT
2009-10-13 17:15 . 2001-03-17 14:21 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-Asbestos 4ply.LKT
2009-10-13 17:15 . 2001-03-17 14:22 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-Asbestos 6ply.LKT
2009-10-13 17:15 . 2001-03-17 14:24 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-Asbestos 8ply.LKT
2009-10-13 17:15 . 2001-03-17 14:28 328 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-calcium silicate.LKT
2009-10-13 17:15 . 2001-03-17 14:31 427 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-cellular glass.LKT
2009-10-13 17:15 . 2001-03-17 14:34 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-diatomaceous.LKT
2009-10-13 17:15 . 2001-03-17 14:25 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-magnesia 85%.LKT
2009-10-13 17:15 . 2001-03-17 14:45 394 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-polystyrene beads.LKT
2009-10-13 17:15 . 2001-03-17 14:42 394 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-polystyrene extru35.LKT
2009-10-13 17:15 . 2001-03-17 14:41 427 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-polystyrene extru56.LKT
2009-10-13 17:15 . 2001-03-17 14:35 229 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Pipe ins-silica.LKT
2009-10-13 17:15 . 2008-01-05 12:58 3002 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Platinum.LKT
2009-10-13 17:15 . 2006-05-23 07:47 710 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Platinum_Smooth.lkt
2009-10-13 17:15 . 2001-03-19 13:31 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Plywood.LKT
2009-10-13 17:15 . 2001-03-19 13:39 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Polystyrene molded beads.LKT
2009-10-13 17:15 . 2001-03-19 13:39 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Polystyrene R12 expanded.LKT
2009-10-13 17:15 . 2001-03-16 14:07 363 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Potassium-liquid.LKT
2009-10-13 17:15 . 2004-10-20 19:47 892 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rhenium.LKT
2009-10-13 17:15 . 2004-10-20 19:47 892 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rhodium.LKT
2009-10-13 17:15 . 2006-05-23 07:48 578 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rhodium_Smooth.lkt
2009-10-13 17:15 . 2001-08-22 08:55 308 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rock-granite.LKT
2009-10-13 17:15 . 2001-03-19 13:46 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rock-limestone.LKT
2009-10-13 17:15 . 2001-03-19 13:46 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rock-marble.LKT
2009-10-13 17:15 . 2001-03-19 13:47 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rock-quartzite.LKT
2009-10-13 17:15 . 2001-03-19 13:47 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rock-sandstone.LKT
2009-10-13 17:15 . 2001-03-19 13:56 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rubber-vulcanized hard.LKT
2009-10-13 17:15 . 2001-03-19 13:56 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rubber-vulcanized soft.LKT
2009-10-13 17:15 . 2006-05-23 08:18 424 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rubber_Hard_Black_Smooth.lkt
2009-10-13 17:15 . 2006-05-23 08:17 424 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Rubber_Soft_Gray_Smooth.lkt
2009-10-13 17:15 . 2007-08-09 15:06 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (25% KF, 75% KBF4).lkt
2009-10-13 17:15 . 2007-08-09 15:08 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (31% RbF, 69% RbBF4).lkt
2009-10-13 17:15 . 2007-08-09 15:08 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (46.5% LiF, 11.5%NaF, 42%KF).lkt
2009-10-13 17:15 . 2007-08-09 15:09 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (49% LiF, 29% NaF, 29% ZrF4).lkt
2009-10-13 17:15 . 2007-08-09 15:09 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (58% KF, 42% ZrF4).lkt
2009-10-13 17:15 . 2007-08-09 15:10 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (58% LiCl, 42% RbCl).lkt
2009-10-13 17:15 . 2007-08-09 15:11 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (58% NaCl, 42% MgCl2).lkt
2009-10-13 17:15 . 2007-08-09 15:11 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (59.5% LiCl, 40.5% KCl).lkt
2009-10-13 17:15 . 2007-08-09 15:12 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (59.5% NaF, 40.5% ZrF4).lkt
2009-10-13 17:15 . 2005-01-11 07:52 913 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (60% NaNO3, 40% KNO3).lkt
2009-10-13 17:15 . 2007-08-09 15:13 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (68% KCl, 32% MgCl2).lkt
2009-10-13 17:15 . 2007-08-09 15:05 1560 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Salt (8% NaF, 92% NaBF4).lkt
2009-10-13 17:15 . 2007-08-09 18:00 10795 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\saltlib_revised.zip
2009-10-13 17:15 . 2001-03-19 13:49 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Sand.LKT
2009-10-13 17:15 . 2001-03-19 13:31 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Sheathing-regular density.LKT
2009-10-13 17:15 . 2006-05-23 07:46 732 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Silicon Dioxide_Fused.lkt
2009-10-13 17:15 . 2009-01-04 21:08 3662 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Silicon.LKT
2009-10-13 17:15 . 2006-05-23 07:47 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Silicon_Polished.lkt
2009-10-13 17:15 . 2006-04-01 13:53 2870 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Silver.LKT
2009-10-13 17:15 . 2006-05-23 07:48 534 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Silver_Smooth.lkt
2009-10-13 17:15 . 2001-03-17 08:38 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Snow rho=110.LKT
2009-10-13 17:15 . 2001-03-17 08:40 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Snow rho=500.LKT
2009-10-13 17:15 . 2001-07-20 08:19 430 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Sodium-liquid.LKT
2009-10-13 17:15 . 2001-03-19 13:35 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Softwoods-fir-pine.LKT
2009-10-13 17:15 . 2001-03-19 13:49 252 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Soil.LKT
2009-10-13 17:15 . 2008-01-05 12:58 22969 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.chm
2009-10-13 17:15 . 2006-04-01 11:08 67 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.ctx
2009-10-13 17:15 . 2001-11-01 19:09 10858 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.EES
2009-10-13 17:15 . 2008-01-05 12:58 39724 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.hsc
2009-10-13 17:15 . 2008-08-28 11:34 13069 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.LIB
2009-10-13 17:15 . 2006-08-08 13:38 13284 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.LIB.xxx
2009-10-13 17:15 . 2006-05-19 13:38 232 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Solid-Liquid_Props.txt
2009-10-13 17:15 . 2003-10-04 05:41 1220 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\SS304_cryogenic.LKT
2009-10-13 17:15 . 2004-10-20 19:44 740 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Stainless_AISI302.LKT
2009-10-13 17:15 . 2008-01-05 12:48 2012 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Stainless_AISI304.LKT
2009-10-13 17:15 . 2004-10-20 19:44 562 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Stainless_AISI316.LKT
2009-10-13 17:15 . 2004-10-20 19:44 562 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Stainless_AISI347.LKT
2009-10-13 17:15 . 2001-03-17 06:06 296 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Sulfur.LKT
2009-10-13 17:15 . 2005-01-11 07:49 1024 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Syltherm _800.lkt
2009-10-13 17:15 . 2006-04-01 13:56 3134 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Tantalum.LKT
2009-10-13 17:15 . 2006-05-23 07:48 930 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Tantalum_Smooth.lkt
2009-10-13 17:15 . 2001-03-17 08:42 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Teflon.LKT
2009-10-13 17:15 . 2005-01-11 07:51 2674 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Therminol_59.lkt
2009-10-13 17:15 . 2005-01-11 07:51 2674 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Therminol_66.lkt
2009-10-13 17:15 . 2005-01-11 07:52 2872 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Therminol_VP1.lkt
2009-10-13 17:15 . 2005-01-11 07:51 2410 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Therminol_XP.lkt
2009-10-13 17:15 . 2004-10-20 19:43 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Thorium dioxide.LKT
2009-10-13 17:15 . 2004-10-20 19:43 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Thorium.LKT
2009-10-13 17:15 . 2006-04-01 13:59 2474 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Tin.LKT
2009-10-13 17:15 . 2006-05-23 12:14 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Tin_Polished.lkt
2009-10-13 17:15 . 2004-10-20 19:42 628 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Titanium dioxide.LKT
2009-10-13 17:15 . 2006-04-01 14:03 3068 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Titanium.LKT
2009-10-13 17:15 . 2006-05-23 07:48 578 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Titanium_Smooth.lkt
2009-10-13 17:15 . 2006-04-01 14:06 3200 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Tungsten.LKT
2009-10-13 17:15 . 2006-05-23 07:48 798 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Tungsten_Smooth.lkt
2009-10-13 17:15 . 2004-10-20 19:41 760 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Uranium.LKT
2009-10-13 17:15 . 2004-10-20 19:41 892 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Vanadium.LKT
2009-10-13 17:15 . 2006-05-23 07:46 556 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Vanadium_Smooth.lkt
2009-10-13 17:15 . 2006-05-23 07:47 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Water_Clean.lkt
2009-10-13 17:15 . 2001-03-19 13:51 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-cross balsa.LKT
2009-10-13 17:15 . 2001-03-19 13:51 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-cross cypress.LKT
2009-10-13 17:15 . 2001-03-19 13:52 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-cross fir.LKT
2009-10-13 17:15 . 2001-03-19 13:52 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-cross oak.LKT
2009-10-13 17:15 . 2001-03-19 13:53 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-cross white pine.LKT
2009-10-13 17:15 . 2001-03-19 13:53 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-cross yellow pine.LKT
2009-10-13 17:15 . 2001-03-19 13:54 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-radial fir.LKT
2009-10-13 17:15 . 2001-03-19 13:53 196 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood-radial oak.LKT
2009-10-13 17:15 . 2006-05-23 08:16 446 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Wood_Smooth.lkt
2009-10-13 17:15 . 2005-01-11 07:49 4060 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Xceltherm_600.lkt
2009-10-13 17:15 . 2006-04-01 14:09 2672 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Zinc.LKT
2009-10-13 17:15 . 2006-04-01 14:11 3002 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Zirconium.LKT
2009-10-13 17:15 . 2004-10-20 19:37 148917 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Zirconium.LKT.EES
2009-10-13 17:15 . 2006-05-23 07:48 578 ----a-w- c:\ees_av\Userlib\EES_System\Solid-Liquid_Props\Zirconium_Polished.lkt

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“DAEMON Tools”=“c:\program files\DAEMON Tools\daemon.exe” [2007-08-16 167368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“NvCplDaemon”=“c:\windows\System32\NvCpl.dll” [2006-07-20 7581696]
“tsnp2std”=“c:\windows\tsnp2std.exe” [2005-08-17 90112]
“MGSysCtrl”=“c:\program files\System Control Manager\MGSysCtrl.exe” [2006-12-13 180736]
“DeathAdder”=“c:\program files\Razer\DeathAdder\razerhid.exe” [2008-09-05 159744]
“NeroCheck”=“c:\windows\System32\NeroCheck.exe” [2001-07-09 155648]
“TkBellExe”=“c:\program files\Fichiers communs\Real\Update_OB\realsched.exe” [2009-01-20 185872]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-09-23 149280]
“Malwarebytes Anti-Malware (reboot)”=“c:\program files\Malwarebytes’ Anti-Malware\mbam.exe” [2009-09-10 1312080]
“avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-09-15 81000]
“AGRSMMSG”=“AGRSMMSG.exe” - c:\windows\AGRSMMSG.exe [2005-09-09 88203]
“RTHDCPL”=“RTHDCPL.EXE” - c:\windows\RTHDCPL.exe [2006-09-22 16236032]
“nwiz”=“nwiz.exe” - c:\windows\system32\nwiz.exe [2006-07-20 1519616]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\System32\CTFMON.EXE” [2003-04-24 13312]

c:\documents and settings\Tidus\Menu D?marrer\Programmes\D?marrage
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnkCommon Startup

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [20/12/2008 21:28 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20/12/2008 21:28 35712]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01/11/2009 21:14 114768]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [25/05/2009 12:11 22784]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [20/12/2008 21:49 9088]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [20/12/2008 21:49 40960]

— Autres Services/Pilotes en mémoire —

Deregistered - mbr
.
.
------- Examen supplémentaire -------
.
uStart Page = www.google.fr…
uInternet Settings,ProxyOverride = local
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
TCP: {67C5EF35-5761-48B1-8BC4-68DE902AE1BB} = 10.0.1.246
FF - ProfilePath - c:\documents and settings\Tidus\Application Data\Mozilla\Firefox\Profiles\40gdvusd.default
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.fr…
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.

---

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-11-02 18:56
Windows 5.1.2600 Service Pack 1 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0

---

.
--------------------- DLLs chargées dans les processus actifs ---------------------

• • • • • • • ‘winlogon.exe’(1232)
              c:\windows\system32\ODBC32.dll

• • • • • • • ‘lsass.exe’(1288)
              c:\windows\System32\dssenh.dll

• • • • • • • ‘explorer.exe’(3924)
              c:\windows\System32\msi.dll
              .
              ------------------------ Autres processus actifs ------------------------
              .
              c:\program files\Alwil Software\Avast4\aswUpdSv.exe
              c:\program files\Alwil Software\Avast4\ashServ.exe
              c:\program files\Java\jre6\bin\jqs.exe
              c:\windows\System32\nvsvc32.exe
              c:\program files\O2Micro Oz128 Driver\o2flash.exe
              c:\program files\CyberLink\Shared Files\RichVideo.exe
              c:\program files\Alwil Software\Avast4\ashWebSv.exe
              c:\program files\Alwil Software\Avast4\ashMaiSv.exe
              c:\windows\System32\wbem\wmiapsrv.exe
              c:\program files\Razer\DeathAdder\razertra.exe
              c:\program files\Razer\DeathAdder\razerofa.exe
              c:\program files\OpenOffice.org 3\program\soffice.exe
              c:\program files\OpenOffice.org 3\program\soffice.bin
              .

---

.
Heure de fin: 2009-11-02 19:00 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-02 18:00

Avant-CF: 22 971 244 544 octets libres
Après-CF: 22 979 977 216 octets libres

• • End Of File - - E50F175B7384AFFFAECCAFD56A0BB198

ça n’a pas exactement fais ce que tu as dit. Tout d’abord il m’a demandé de mettre à jour Combofix et il à commencé le scan, ensuite sans rien me demander il a redémarrer l’ordinateur.

---

excuse pour ce message en retard, je n'avais pas remarquer la deuxième page.

Pour ce qui est du virus, je n’arrive plus à faire d’analyse avec Avast, il ne se lance plus car il n’arrive plus à charger les thèmes. Mais j’arrive quand même à analyser des dossiers en faisant clic droit dessus puis analyser avec avast.

J’ai un problème avec antivir, je ne peux pas le configuré come sur la video quand je clic sur configuration rien ne se passe. Je ne peux pas mettre à jour non plus.

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

–> Recherche:

C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\hijackthis.log: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\WINDOWS\mbr.exe: trouvé !