Salut essaye d'allez voir la

http://www.commentcamarche.net/forum/affich 3115551 detournement de dns                            ...IL N'Y A PAS D'ARNAQUE SANS PI­GEON ...
      Google est votre meilleur ami avant Comment Ca Marche ­alors cherchez une peu ...

Merci mais sa mavantage pas

Salut :


Télécharger Smitfraudfix par S!RI :



Décompresser l'archive
Exécuter le en double cliquant sur Smitfraudfix.cmd
Appuyer sur une touche pour continuer
Arriver à l'invite de commande, saisir la lettre L afin de basculer le fix en langue française
Au menu, choisir l’option Recherche
Poster le rapport ainsi généré G3и-н@¢км@и™©®

Quand je le demare, mon anti virus,il detecte 2 virus

ses des SPR/Tool.Reboot.F

Normal il faut le desactiver G3и-н@¢км@и™©®

Desactiver l anti virus

Ben oui G3и-н@¢км@и™©®

Jte trust pas

Ok debord



SmitFraudFix v2.418

Rapport fait à 22:02:56,25, 2009-06-03
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Ethernet intégré à base de Intel 82558 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

C'est pas un detournement de dns apparement :)

G3и-н@¢км@и™©®

Si je fais recherche de detournement de dns ssa donne seci



SmitFraudFix v2.418

Rapport fait à 15:36:25,21, 2009-06-04
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

Description: Ethernet intégré à base de Intel 82558 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189

»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

Description: Ethernet intégré à base de Intel 82558 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3788D129-4AEC-4C30-8E8C-F­50D563F52BE}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189

Et bien oui ce sont les memes avant et apres

l'outils smitfraudfix te remets les dns d'origine (avec l'option 5)mais comme ils y sont deja il ne fait rien :)

sinon explique le souci que tu as on pourra peut-etre , eventuellement utiliser les outils adequats s'il y a lieu G3и-н@¢км@и™©®

Bocoup de page web ne marche pas et sa fait
*******

Bonsoir,

pour avancer gen-hackman, fais un rapport RSIT pour qu'il puisse vérifier à son retour si il y a des infections dans ton PC...

▶ Télécharge Random's System Information Tool (RSIT).

▶ Un tutoriel sera à ta disposition sur mon site web pour l'installer et l'utiliser correctement.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur 'Continue' à l'écran Disclaimer.

▶ Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.

( C:\RSIT\log.txt et C:\RSIT\info.txt )

CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-06-04 21:51:38
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 464 GB (97%) free of 477 GB
Total RAM: 1022 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:51:59, on 2009-06-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://commentcamarche.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WordQ carat flag] C:\Program Files\WordQ2Fr\WordQcrs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WordQCRS.lnk = C:\Program Files\WordQ2Fr\WordQcrs.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/...
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
End of file - 6503 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{C7DA25BA-80E5-4FD7-91BC-0BC68B0480A6}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-04 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-04 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-04-27 413696]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-04 148888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"WordQ carat flag"=C:\Program Files\WordQ2Fr\WordQcrs.exe [2009-03-03 24576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WordQCRS.lnk - C:\Program Files\WordQ2Fr\WordQcrs.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ӟ"="DEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ӟ:*:Enabled:Nod32 Runtime"
"C:\Program Files\CCleaner\CCleaner.exe"="C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:CCleaner"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms\NMService.exe"="C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\D-Day Normandy\egl.exe"="C:\Program Files\D-Day Normandy\egl.exe:*:Enabled:egl"
"C:\Documents and Settings\Administrateur\Mes documents\Nexuiz_20_PC_jeu_gratuit_3\Nexuiz\nexuiz.exe"="C:\Documents and Settings\Administrateur\Mes documents\Nexuiz_20_PC_jeu_gratuit_3\Nexuiz\nexuiz.exe:*:Disabled:Nexuiz"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

======List of files/folders created in the last 1 months======

2009-06-04 21:51:38 ----D---- C:\rsit
2009-06-04 21:51:38 ----D---- C:\Program Files\trend micro
2009-06-04 21:46:50 ----D---- C:\Program Files\Audacity
2009-06-04 20:53:58 ----D---- C:\eJay
2009-06-04 17:51:01 ----D---- C:\Program Files\LimeWire
2009-06-03 21:57:28 ----A---- C:\WINDOWS\system32\tmp.txt
2009-06-03 21:57:14 ----A---- C:\rapport.txt
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\swsc.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\swreg.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\Process.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-06-03 21:56:46 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-06-03 19:17:40 ----D---- C:\CoinsHifi
2009-06-03 18:15:19 ----D---- C:\Program Files\Notepad++
2009-06-03 18:15:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\Notepad++
2009-05-29 21:33:37 ----D---- C:\WINDOWS\system32\NtmsData
2009-05-22 22:37:40 ----A---- C:\WINDOWS\system32\b833B.tmp
2009-05-21 17:53:07 ----D---- C:\Documents and Settings\Administrateur\Application Data\Acapela Group
2009-05-21 17:52:13 ----A---- C:\WINDOWS\WiViK3.ini
2009-05-21 17:51:47 ----D---- C:\Program Files\WordQ2Fr
2009-05-20 07:40:03 ----D---- C:\WINDOWS\Minidump
2009-05-20 07:39:17 ----A---- C:\WINDOWS\DDMv3.INI
2009-05-19 06:37:06 ----D---- C:\Program Files\Bridge Building Game
2009-05-18 18:28:33 ----D---- C:\Program Files\ScreenMates
2009-05-18 10:36:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\Opera
2009-05-18 10:35:33 ----D---- C:\Program Files\Opera
2009-05-18 09:43:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-05-15 06:51:17 ----D---- C:\Documents and Settings\Administrateur\Application Data\FrostWire
2009-05-15 06:21:01 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-05-14 22:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-05-14 22:02:43 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-05-14 22:02:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-05-14 22:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-05-14 20:46:35 ----D---- C:\Documents and Settings\All Users\Application Data\NexonUS
2009-05-14 19:18:37 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files
2009-05-14 19:18:23 ----D---- C:\Program Files\Pando Networks
2009-05-14 19:18:23 ----D---- C:\Program Files\Media Booster
2009-05-14 18:15:51 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss
2009-05-14 18:15:09 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2009-05-14 18:13:39 ----D---- C:\Program Files\VideoLAN
2009-05-14 13:19:47 ----A---- C:\WINDOWS\system32\muweb.dll
2009-05-14 13:19:47 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-05-14 13:19:47 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-05-11 16:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-05-11 16:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-05-11 16:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-05-11 16:58:44 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-05-11 16:58:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-05-11 16:58:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-05-11 16:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-05-11 16:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-05-11 16:57:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-05-11 16:57:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-05-11 16:57:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-05-11 16:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-05-11 16:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-05-11 16:57:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-05-11 16:57:15 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-05-11 16:57:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-05-11 16:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-05-11 16:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-05-11 16:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-05-11 16:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-05-11 16:56:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-05-11 16:56:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-05-11 16:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-05-11 16:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-05-11 16:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-05-11 16:56:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-05-11 16:56:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-05-11 16:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-05-11 16:56:00 ----D---- C:\Program Files\MSXML 4.0
2009-05-11 16:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-05-11 16:48:54 ----D---- C:\WINDOWS\system32\PreInstall
2009-05-11 16:48:52 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-05-11 16:41:21 ----D---- C:\WINDOWS\Prefetch
2009-05-11 16:36:56 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-05-11 16:36:55 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-05-11 16:36:34 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-05-11 16:36:33 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-05-11 16:36:33 ----N---- C:\WINDOWS\system32\azroles.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-05-11 16:36:32 ----N---- C:\WINDOWS\system32\credssp.dll
2009-05-11 16:36:30 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-05-11 16:36:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-05-11 16:36:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-05-11 16:36:30 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-05-11 16:36:30 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\mssha.dll
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-05-11 16:36:29 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-05-11 16:36:28 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-05-11 16:36:28 ----N---- C:\WINDOWS\system32\onex.dll
2009-05-11 16:36:28 ----N---- C:\WINDOWS\system32\napstat.exe
2009-05-11 16:36:28 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-05-11 16:36:28 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\setupn.exe
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\qutil.dll
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-05-11 16:36:27 ----N---- C:\WINDOWS\system32\qagent.dll
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-05-11 16:36:26 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-05-11 16:36:25 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-05-11 16:36:25 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-05-11 16:36:23 ----D---- C:\WINDOWS\system32\fr
2009-05-11 16:36:23 ----D---- C:\WINDOWS\system32\bits
2009-05-11 16:36:23 ----D---- C:\WINDOWS\l2schemas
2009-05-11 16:30:07 ----D---- C:\WINDOWS\network diagnostic
2009-05-11 16:28:31 ----A---- C:\WINDOWS\002997_.tmp
2009-05-11 16:24:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-05-11 16:11:45 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-05-11 16:01:16 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-05-11 16:01:15 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-05-11 16:01:15 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-05-11 16:01:10 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2009-05-11 16:01:10 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-05-11 16:01:10 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\ieencode.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\ati3duag.dll
2009-05-11 16:01:09 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-05-11 16:01:08 ----N---- C:\WINDOWS\system32\slserv.exe
2009-05-11 16:01:08 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-05-11 16:01:08 ----N---- C:\WINDOWS\system32\slgen.dll
2009-05-11 16:01:08 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-05-11 16:01:08 ----N---- C:\WINDOWS\slrundll.exe
2009-05-11 15:58:34 ----D---- C:\WINDOWS\ServicePackFiles
2009-05-11 15:57:59 ----A---- C:\WINDOWS\000001_.tmp
2009-05-11 07:38:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-11 06:59:33 ----D---- C:\Program Files\Microsoft
2009-05-11 06:59:17 ----D---- C:\Program Files\Windows Live SkyDrive
2009-05-11 06:58:55 ----D---- C:\Program Files\Windows Live
2009-05-11 06:56:34 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-05-11 06:52:10 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-05-10 20:27:11 ----D---- C:\Program Files\Trillian
2009-05-10 20:22:08 ----D---- C:\Program Files\Navilog1
2009-05-10 19:29:04 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-05-10 19:28:33 ----D---- C:\Program Files\Microsoft Works
2009-05-10 19:28:18 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-05-10 19:25:55 ----D---- C:\WINDOWS\SHELLNEW
2009-05-10 19:25:34 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-05-10 19:25:12 ----RHD---- C:\MSOCache
2009-05-10 16:26:53 ----D---- C:\Program Files\Avira
2009-05-07 20:33:56 ----D---- C:\Program Files\drive memo
2009-05-07 20:33:55 ----D---- C:\Documents and Settings\Administrateur\Application Data\drive memo
2009-05-07 19:30:29 ----D---- C:\Program Files\7-Zip
2009-05-07 07:50:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\ESET
2009-05-07 07:49:02 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-05-05 17:46:04 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-05 17:10:14 ----D---- C:\Program Files\uTorrent
2009-05-05 17:09:56 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent

======List of files/folders modified in the last 1 months======

2009-06-04 21:51:38 ----RD---- C:\Program Files
2009-06-04 20:55:51 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-06-04 20:55:31 ----D---- C:\Program Files\Fichiers communs
2009-06-04 20:54:37 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-06-04 20:53:58 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-04 19:03:22 ----D---- C:\WINDOWS
2009-06-04 17:58:27 ----D---- C:\WINDOWS\Temp
2009-06-04 17:35:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-04 16:22:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-06-04 16:12:01 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-03 22:03:07 ----D---- C:\WINDOWS\system32
2009-06-03 19:18:41 ----RSD---- C:\WINDOWS\Fonts
2009-06-02 06:36:37 ----D---- C:\WINDOWS\system32\drivers
2009-06-01 21:33:19 ----SHD---- C:\WINDOWS\Installer
2009-05-22 21:24:05 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2009-05-22 06:02:21 ----A---- C:\WINDOWS\win.ini
2009-05-21 17:52:17 ----D---- C:\WINDOWS\system32\Setup
2009-05-18 17:28:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-18 10:29:03 ----D---- C:\WINDOWS\Debug
2009-05-18 09:43:17 ----HD---- C:\WINDOWS\inf
2009-05-18 09:42:50 ----D---- C:\WINDOWS\WinSxS
2009-05-18 09:39:05 ----D---- C:\WINDOWS\.jagex_cache_32
2009-05-16 21:25:01 ----SD---- C:\WINDOWS\Tasks
2009-05-15 06:20:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-05-14 13:26:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-05-14 13:18:26 ----D---- C:\WINDOWS\system32\wbem
2009-05-14 13:18:26 ----D---- C:\WINDOWS\AppPatch
2009-05-11 16:58:47 ----D---- C:\Program Files\Messenger
2009-05-11 16:40:40 ----D---- C:\WINDOWS\security
2009-05-11 16:40:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-05-11 16:36:55 ----D---- C:\Program Files\Windows Media Player
2009-05-11 16:36:54 ----D---- C:\WINDOWS\Help
2009-05-11 16:36:42 ----D---- C:\WINDOWS\ehome
2009-05-11 16:36:37 ----D---- C:\WINDOWS\system32\inetsrv
2009-05-11 16:36:36 ----D---- C:\WINDOWS\ime
2009-05-11 16:36:24 ----D---- C:\WINDOWS\system32\usmt
2009-05-11 16:36:24 ----D---- C:\WINDOWS\system32\fr-FR
2009-05-11 16:36:24 ----D---- C:\Program Files\Internet Explorer
2009-05-11 16:36:23 ----D---- C:\WINDOWS\PeerNet
2009-05-11 16:36:23 ----D---- C:\Program Files\Movie Maker
2009-05-11 16:32:45 ----D---- C:\WINDOWS\system32\Restore
2009-05-11 16:32:45 ----D---- C:\WINDOWS\system32\npp
2009-05-11 16:32:44 ----D---- C:\WINDOWS\msagent
2009-05-11 16:32:42 ----D---- C:\WINDOWS\srchasst
2009-05-11 16:32:41 ----D---- C:\Program Files\NetMeeting
2009-05-11 16:32:40 ----D---- C:\WINDOWS\system32\Com
2009-05-11 16:32:37 ----D---- C:\Program Files\Windows NT
2009-05-11 16:32:37 ----D---- C:\Program Files\Outlook Express
2009-05-11 16:32:34 ----D---- C:\Program Files\Fichiers communs\System
2009-05-11 16:32:05 ----D---- C:\WINDOWS\system32\oobe
2009-05-11 16:32:03 ----D---- C:\WINDOWS\system
2009-05-11 16:28:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-05-11 16:01:41 ----RASH---- C:\boot.ini
2009-05-10 21:05:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-10 20:53:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-10 20:52:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-10 19:28:53 ----D---- C:\WINDOWS\system32\config
2009-05-10 19:28:30 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-05-10 19:28:23 ----D---- C:\Program Files\Microsoft Office
2009-05-10 19:27:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-10 19:27:58 ----D---- C:\WINDOWS\pchealth
2009-05-10 16:41:15 ----SHD---- C:\RECYCLER
2009-05-07 03:16:29 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-05 17:49:53 ----D---- C:\WINDOWS\system32\appmgmt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-21 807998]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 gxvxcserv.sys.REN;gxvxcserv.sys.REN; C:\WINDOWS\system32\drivers\gxvxcaordlamyxymxehfttppjrwulhtabuyev.sys []
S2 RPSKT;Security Services Driver (x86); C:\WINDOWS\system32\DRIVERS\rp_skt32.sys []
S3 9253A;9253A; \??\C:\WINDOWS\system32\9253A.sys []
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 i740;i740; C:\WINDOWS\system32\DRIVERS\i740nt5.sys [2001-08-17 58592]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-04-27 79888]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-04 152984]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Il lui faudra aussi le rapport info.txt

C:\RSIT\info.txt Si vous voyez une amélioration sur votre PC, ce n'est pas po­ur autant que la désinfection est terminée... Continuez jusq­u'au bout !!

Comment

laisse ses beau

Quand tu as lancé RSIT, il a du générer 2 rapports ( C:\RSIT\log.txt et C:\RSIT\info.txt )

Il faut les 2 rapports... Vas voir sur ton disque C dans le dossier RSIT Si vous voyez une amélioration sur votre PC, ce n'est pas po­ur autant que la désinfection est terminée... Continuez jusq­u'au bout !!

Le probleme , ses qui en laisse que un


et ses le log