ComboFix 09-09-20.01 - BEA ET PATRICK 21/09/2009 11:41:05.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.33.1036.18.2047.1455 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\BEA ET PATRICK\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\BEAETP~1\LOCALS~1\Temp\35.tmp
C:\Documents and Settings\BEA ET PATRICK\Application Data\020000005ad4d2ae669C.manifest
C:\Documents and Settings\BEA ET PATRICK\Application Data\020000005ad4d2ae669O.manifest
C:\Documents and Settings\BEA ET PATRICK\Application Data\020000005ad4d2ae669P.manifest
C:\Documents and Settings\BEA ET PATRICK\Application Data\020000005ad4d2ae669S.manifest
C:\Documents and Settings\BEA ET PATRICK\Local Settings\Temp\35.tmp
C:\Documents and Settings\CLEMENT\Application Data\020000005ad4d2ae669C.manifest
C:\Documents and Settings\CLEMENT\Application Data\020000005ad4d2ae669O.manifest
C:\Documents and Settings\CLEMENT\Application Data\020000005ad4d2ae669P.manifest
C:\Documents and Settings\CLEMENT\Application Data\020000005ad4d2ae669S.manifest
C:\Documents and Settings\CLEMENT\Cookies\clement@managerzone.bbgames[2].txt
C:\Documents and Settings\LAURA\Application Data\020000005ad4d2ae669C.manifest
C:\Documents and Settings\LAURA\Application Data\020000005ad4d2ae669O.manifest
C:\Documents and Settings\LAURA\Application Data\020000005ad4d2ae669P.manifest
C:\Documents and Settings\LAURA\Application Data\020000005ad4d2ae669S.manifest
C:\WINDOWS\GnuHashes.ini
C:\WINDOWS\Installer\3749c6.msi
C:\WINDOWS\system32\8.tmp
C:\WINDOWS\system32\D.tmp
C:\WINDOWS\system32\GroupPolicy000.dat
C:\WINDOWS\system32\LocalService\293.crack.zip
C:\WINDOWS\system32\LocalService\293.crack.zip.kwd
C:\WINDOWS\system32\LocalService\294.keygen.zip
C:\WINDOWS\system32\LocalService\294.keygen.zip.kwd
C:\WINDOWS\system32\LocalService\295.serial.zip
C:\WINDOWS\system32\LocalService\295.serial.zip.kwd
C:\WINDOWS\system32\LocalService\296.setup.zip
C:\WINDOWS\system32\LocalService\296.setup.zip.kwd
C:\WINDOWS\system32\LocalService\301.music.au.kwd
C:\WINDOWS\system32\LocalService\302.music2.au.kwd
C:\WINDOWS\system32\LocalService\303.music3.au.kwd
C:\WINDOWS\system32\LocalService\304.music4.au.kwd

C:\WINDOWS\system32\qmgr.dll . . . est infecté!!

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-21 au 2009-09-21 ))))))))))))))))))))))))))))))))))))
.

2009-09-21 08:52:59 . 2003-04-24 12:00:00 29184 -c--a-w- C:\WINDOWS\system32\dllcache\lmmib2.­dll
2009-09-21 08:51:59 . 2002-05-14 10:08:54 20536 -c--a-w- C:\WINDOWS\system32\dllcache\shtml.d­ll
2009-09-21 08:49:54 . 2003-04-24 12:00:00 106562 -c--a-w- C:\WINDOWS\system32\dllcache\srchct­ls.dll
2009-09-21 08:47:54 . 2003-04-24 12:00:00 275968 -c--a-w- C:\WINDOWS\system32\dllcache\pinbal­l.exe
2009-09-21 08:45:51 . 2002-08-28 23:32:28 5888 ----a-w- C:\WINDOWS\system32\drivers\splitter.­sys
2009-09-21 08:45:42 . 2001-08-17 19:59:58 50048 ----a-w- C:\WINDOWS\system32\drivers\DMusic.s­ys
2009-09-21 08:32:09 . 2002-08-29 09:23:30 57728 ----a-w- C:\WINDOWS\system32\drivers\redbook.­sys
2009-09-21 08:31:47 . 2009-09-21 08:31:56 0 d-----w- C:\WINDOWS\NV908920.TMP
2009-09-21 08:30:36 . 2001-08-23 15:47:06 4096 ----a-w- C:\WINDOWS\system32\ksuser.dll
2009-09-21 08:30:08 . 2002-08-29 09:45:22 38024 ----a-w- C:\WINDOWS\system32\drivers\termdd.s­ys
2009-09-21 08:30:07 . 2002-08-28 23:06:36 182400 ----a-w- C:\WINDOWS\system32\drivers\rdpdr.s­ys
2009-09-20 17:18:57 . 2009-09-21 07:30:36 0 d-----w- C:\ToolBar SD
2009-09-20 16:48:17 . 2009-09-20 16:48:39 0 d-----w- C:\rsit
2009-09-20 16:48:17 . 2009-09-20 16:48:37 0 d-----w- C:\Program Files\trend micro
2009-09-20 16:21:44 . 2009-09-20 16:21:44 0 d-----w- C:\Program Files\VS Revo Group
2009-09-18 19:01:44 . 2009-09-18 19:01:44 0 d-----w- C:\Documents and Settings\CLEMENT\Local Settings\Application Data\HP
2009-09-18 18:35:24 . 2009-09-21 09:50:36 0 d-sh--w- C:\WINDOWS\system32\LocalService
2009-09-18 12:30:46 . 2009-09-18 12:30:47 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\Avira
2009-09-18 12:17:58 . 2009-03-30 08:32:47 96104 ----a-w- C:\WINDOWS\system32\drivers\avipbb.s­ys
2009-09-18 12:17:58 . 2009-02-13 10:28:39 22360 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr­.sys
2009-09-18 12:17:58 . 2009-02-13 10:17:49 45416 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.­sys
2009-09-18 12:17:53 . 2009-09-18 12:18:23 0 d-----w- C:\Documents and Settings\All Users\Application Data\Avira
2009-09-18 12:17:53 . 2009-09-18 12:17:53 0 d-----w- C:\Program Files\Avira
2009-09-17 17:24:59 . 2009-09-17 17:24:59 123392 ----a-w- C:\WINDOWS\system32\FM2032.dll
2009-09-16 17:53:07 . 2009-09-16 17:53:07 0 d-----w- C:\WINDOWS\l2schemas
2009-09-16 17:53:06 . 2009-09-16 17:53:06 0 d-----w- C:\WINDOWS\system32\fr
2009-09-16 17:53:06 . 2009-09-16 17:53:06 0 d-----w- C:\WINDOWS\system32\bits
2009-09-16 13:35:41 . 2009-09-16 13:35:45 0 d-----w- C:\Program Files\Guitar Pro 5
2009-09-05 17:45:23 . 2009-09-05 17:45:23 0 d-----w- C:\Documents and Settings\LAURA\Local Settings\Application Data\Microsoft Help
2009-09-05 15:32:53 . 2009-09-18 17:27:17 0 d-----w- C:\Documents and Settings\LAURA\Tracing
2009-09-03 15:34:33 . 2009-09-03 15:34:33 0 d-----w- C:\WINDOWS\system32\drivers\umdf
2009-08-29 19:23:22 . 2009-08-29 19:23:22 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\AVS4YOU
2009-08-29 19:23:20 . 2009-08-29 19:23:20 0 d-----w- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-08-29 19:22:27 . 2009-09-03 15:35:36 0 d-----w- C:\Program Files\Fichiers communs\AVSMedia
2009-08-29 19:22:16 . 2008-08-13 09:22:42 974848 ----a-w- C:\WINDOWS\system32\mfc70.dll
2009-08-29 19:22:16 . 2008-08-13 09:22:40 24576 ----a-w- C:\WINDOWS\system32\msxml3a.dll
2009-08-29 19:22:15 . 2009-09-03 15:35:42 0 d-----w- C:\Program Files\AVS4YOU
2009-08-29 18:51:02 . 2009-08-29 18:51:02 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\VistaCodecs
2009-08-29 18:50:54 . 2009-08-29 18:51:03 0 d-----w- C:\Program Files\VistaCodecPack
2009-08-29 18:49:57 . 2009-08-29 18:51:02 0 d-----w- C:\Documents and Settings\All Users\Application Data\VistaCodecs
2009-08-29 16:42:20 . 2009-08-29 16:42:20 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Local Settings\Application Data\WinAVI
2009-08-29 16:42:14 . 2009-08-29 17:10:10 0 d-----w- C:\Program Files\WinAVI Video Converter
2009-08-29 16:09:59 . 2009-08-29 16:09:59 70144 ----a-w- C:\WINDOWS\system32\drivers\qrppcqbw­qwkutoic.sys
2009-08-27 09:16:46 . 2002-08-28 23:32:32 56832 ----a-w- C:\WINDOWS\system32\drivers\usbaudio­.sys
2009-08-27 08:05:29 . 2009-08-27 08:05:29 0 d-----w- C:\WINDOWS\system32\XPSViewer
2009-08-27 08:05:16 . 2009-08-27 08:05:16 0 d-----w- C:\Program Files\Reference Assemblies
2009-08-27 08:04:45 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-27 08:04:45 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dll
2009-08-27 08:04:45 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dll
2009-08-27 08:02:08 . 2009-08-27 08:02:08 0 d-----w- C:\Program Files\MSXML 6.0
2009-08-26 20:06:13 . 2009-08-26 20:06:13 0 d-----w- C:\Documents and Settings\All Users\Application Data\Ahead
2009-08-25 09:45:17 . 1999-12-17 07:13:04 86016 ----a-w- C:\WINDOWS\unvise32.exe
2009-08-25 09:43:54 . 2002-06-13 13:08:46 14604 ----a-w- C:\WINDOWS\system32\drivers\pfc.sys
2009-08-25 09:43:17 . 2009-08-25 09:44:14 0 d-----w- C:\Program Files\Pinnacle

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-21 09:50:35 . 2009-09-21 09:50:33 523264 --sha-w- C:\WINDOWS\system32\1.tmp
2009-09-21 09:08:24 . 2009-01-17 15:08:30 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\HPAppData
2009-09-21 09:02:10 . 2009-01-16 10:46:04 115184 ----a-w- C:\Documents and Settings\BEA ET PATRICK\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-21 08:59:57 . 2003-04-24 12:00:00 90268 ----a-w- C:\WINDOWS\system32\perfc00C.dat
2009-09-21 08:59:57 . 2003-04-24 12:00:00 525742 ----a-w- C:\WINDOWS\system32\perfh00C.dat
2009-09-21 08:48:25 . 2009-01-16 10:04:21 23032 ----a-w- C:\WINDOWS\system32\emptyregdb.dat
2009-09-20 16:15:14 . 2009-01-17 14:46:58 0 d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-20 15:14:04 . 2009-01-27 16:32:17 0 d-----w- C:\Documents and Settings\CLEMENT\Application Data\HPAppData
2009-09-18 19:01:33 . 2009-01-27 16:27:10 115184 ----a-w- C:\Documents and Settings\CLEMENT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-18 17:27:13 . 2009-02-24 16:22:54 115184 ----a-w- C:\Documents and Settings\LAURA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-18 12:14:20 . 2009-01-17 14:46:58 0 d-----w- C:\Program Files\Spybot - Search & Destroy
2009-09-17 18:35:36 . 2009-01-16 10:14:38 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-09-17 18:15:37 . 2009-03-17 17:18:29 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\FrostWire
2009-09-17 17:25:01 . 2009-09-17 17:25:00 523264 --sha-w- C:\WINDOWS\system32\4E.tmp
2009-09-17 17:11:27 . 2009-01-18 17:25:03 0 d-----w- C:\Program Files\eMule
2009-09-11 09:47:24 . 2009-01-16 20:49:43 0 d-----w- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-05 17:45:47 . 2009-02-24 16:26:52 0 d-----w- C:\Documents and Settings\LAURA\Application Data\HPAppData
2009-08-31 15:15:04 . 2009-01-27 16:59:23 0 d-----w- C:\Documents and Settings\ROMANE\Application Data\HPAppData
2009-08-30 16:52:34 . 2009-03-21 09:57:03 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\dvdcss
2009-08-27 12:21:32 . 2009-01-27 16:54:39 114784 ----a-w- C:\Documents and Settings\ROMANE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-27 09:19:36 . 2009-05-02 11:49:06 0 d-----w- C:\Documents and Settings\BEA ET PATRICK\Application Data\vlc
2009-08-27 08:05:25 . 2009-01-16 20:53:48 0 d-----w- C:\Program Files\MSBuild
2009-08-26 20:17:31 . 2009-02-13 14:01:15 0 d-----w- C:\Program Files\Windows Desktop Search
2009-08-26 08:17:25 . 2009-04-29 15:04:53 55656 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
2009-08-19 16:35:06 . 2009-06-05 16:54:03 0 d-----w- C:\Program Files\Windows Live
2009-08-19 16:34:34 . 2009-08-19 16:34:34 0 d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2009-08-19 16:33:46 . 2009-01-28 09:17:44 0 d-----w- C:\Program Files\MSN Messenger
2009-08-19 16:33:08 . 2009-08-19 16:33:08 0 d-----w- C:\Program Files\Microsoft
2009-08-19 16:32:48 . 2009-08-19 16:32:48 0 d-----w- C:\Program Files\Windows Live SkyDrive
2009-08-19 07:57:33 . 2009-06-05 16:54:03 0 d-----w- C:\Program Files\Messenger Plus! Live
2009-08-07 18:17:31 . 2009-08-07 18:17:30 0 d-----w- C:\Program Files\Fichiers communs\DVDVIDEOSOFT
2009-08-05 17:26:31 . 2009-08-05 17:26:31 0 d-----w- C:\Program Files\TechCity Solutions
2009-08-05 17:26:23 . 2009-08-05 17:22:52 0 d-----w- C:\Program Files\Alice
2009-07-26 14:44:56 . 2009-07-26 14:44:56 48448 ----a-w- C:\WINDOWS\system32\sirenacm.dll
2009-07-12 10:21:50 . 2009-01-16 10:40:13 233472 ------w- C:\WINDOWS\system32\wmpdxm.dll
2009-07-10 11:01:54 . 2009-07-10 11:01:54 307560 ----a-w- C:\WINDOWS\WLXPGSS.SCR
2009-06-29 01:32:08 . 2009-06-29 01:32:08 85504 ----a-w- C:\WINDOWS\system32\ff_vfw.dll
2009-06-26 15:45:50 . 2009-06-26 15:45:50 1035776 ----a-w- C:\WINDOWS\system32\VSFilter.dll
2009-03-19 18:26:29 . 2009-03-19 18:26:28 56 --sh--r- C:\WINDOWS\system32\7B17252C37.sys
2009-03-19 18:26:29 . 2009-03-19 18:26:28 1682 --sha-w- C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[-] 2008-04-14 02:34:29 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\wscntfy.exe
[-] 2008-04-14 02:34:29 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\wscntfy.exe

[-] 2008-04-14 02:33:52 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\xmlprov.dll
[-] 2008-04-14 02:33:52 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\xmlprov.dll

[-] 2008-04-13 18:53:34 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\ip6fw.sys
[-] 2008-04-13 18:53:34 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ip6fw.sys

[-] 2008-04-14 02:33:32 . AA370F0D5B900E13D40E9CB834B5DA10 . 52736 . . [9.0.1.56] . . C:\WINDOWS\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\mspmsnsv.dll
[-] 2006-08-24 20:30:20 . 482069CDA24AA0E94B1351E30EB3D01F . 27648 . . [11.0.5705.5043] . . C:\WINDOWS\system32\mspmsnsv.dll
[-] 2004-08-19 15:09:34 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 15:07:20 2260480]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 14:44:52 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 15:28:32 790528]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 04:46:00 13529088]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:11 209153]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 04:46:00 86016]
"nwiz"="nwiz.exe" - C:\WINDOWS\system32\nwiz.exe [2008-05-03 04:46:00 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-04-24 12:00:00 13312]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 20:41:34 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\f09cf21e669]
2009-09-17 17:24:59 123392 ----a-w- C:\WINDOWS\system32\FM2032.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Accélérateur de démarrage AutoCAD.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Accélérateur de démarrage AutoCAD.lnk
backup=C:\WINDOWS\pss\Accélérateur de démarrage AutoCAD.lnkCommon Startup

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AliceSAV"=C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"D:\\StubInstaller.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:emule entrant
"4672:UDP"= 4672:UDP:emule sortant

R2 AntiVirMailService;Avira AntiVir MailGuard;C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [18/09/2009 14:17:56 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files\Avira\AntiVir Desktop\sched.exe [18/09/2009 14:17:58 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe [18/09/2009 14:17:56 434945]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;C:\WINDOWS\system32\TUProgSt.exe [30/01/2009 12:23:31 603904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'

2009-09-16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]

2009-09-21 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04:34 . 2008-12-12 14:04:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.tropal.net/
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
LSP: C:\Program Files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - C:\Documents and Settings\BEA ET PATRICK\Application Data\Mozilla\Firefox\Profiles\h0pfpcdl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2088315&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ecouter-la-radio Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.aliceadsl.fr/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2088315&SearchSource=2&q=
FF - component: C:\Documents and Settings\BEA ET PATRICK\Application Data\Mozilla\Firefox\Profiles\h0pfpcdl.default\extensions\{6e454792-2f36-46d3-bb20-4be949b6fb8a}\components\FFExternalAlert.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
AddRemove-Ask Toolbar_is1 - C:\Program Files\AskBarDis\unins000.exe

Merci de ton aide

Logfile of random's system information tool 1.06 (written by random/random)
Run by BEA ET PATRICK at 2009-09-21 21:47:07
Microsoft Windows XP Professionnel Service Pack 1
System drive C: has 14 GB (36%) free of 40 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:22, on 21/09/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\BEA ET PATRICK\Bureau\RSIT.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\BEA ET PATRICK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tropal.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O20 - Winlogon Notify: f09cf21e669 - C:\WINDOWS\System32\FM2032.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
End of file - 7753 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-12-18 1878872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2003-04-24 846364]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Accélérateur de démarrage AutoCAD.lnk]
C:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE [2006-03-05 11000]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f09cf21e669]
C:\WINDOWS\System32\FM2032.dll [2009-09-17 123392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\StubInstaller.exe"="D:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-09-21 17:25:40 ----A---- C:\WINDOWS\GnuHashes.ini
2009-09-21 17:18:10 ----ASH---- C:\WINDOWS\System32\2.tmp
2009-09-21 11:50:33 ----ASH---- C:\WINDOWS\System32\1.tmp
2009-09-21 11:45:44 ----D---- C:\WINDOWS\temp
2009-09-21 11:39:50 ----A---- C:\Boot.bak
2009-09-21 11:39:45 ----RASHD---- C:\cmdcons
2009-09-21 11:38:03 ----A---- C:\WINDOWS\zip.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWSC.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWREG.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\sed.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\PEV.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\NIRCMD.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\grep.exe
2009-09-21 11:37:55 ----D---- C:\ComboFix
2009-09-21 11:37:55 ----A---- C:\WINDOWS\System32\CF7883.exe
2009-09-21 11:16:33 ----D---- C:\WINDOWS\ERDNT
2009-09-21 11:09:55 ----D---- C:\Qoobox
2009-09-21 10:58:41 ----D---- C:\WINDOWS\Prefetch
2009-09-21 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-21 10:50:15 ----RAH---- C:\WINDOWS\System32\logonui.exe.manifest
2009-09-21 10:49:46 ----A---- C:\WINDOWS\System32\safrslv.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\System32\safrdm.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\System32\safrcdlg.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\System32\racpldlg.dll
2009-09-21 10:49:45 ----A---- C:\WINDOWS\System32\mnmsrvc.exe
2009-09-21 10:49:45 ----A---- C:\WINDOWS\System32\isrdbg32.dll
2009-09-21 10:49:44 ----A---- C:\WINDOWS\System32\inetres.dll
2009-09-21 10:49:43 ----A---- C:\WINDOWS\System32\icwphbk.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\System32\isign32.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\System32\inetcfg.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\System32\icwdial.dll
2009-09-21 10:49:35 ----N---- C:\WINDOWS\System32\qmgr.dll
2009-09-21 10:49:35 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2009-09-21 10:49:30 ----A---- C:\WINDOWS\System32\srrstr.dll
2009-09-21 10:49:29 ----N---- C:\WINDOWS\System32\srsvc.dll
2009-09-21 10:49:29 ----A---- C:\WINDOWS\System32\srclient.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\System32\nmmkcert.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\System32\msconf.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\System32\mnmdd.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\System32\ils.dll
2009-09-21 10:49:25 ----A---- C:\WINDOWS\System32\msoert2.dll
2009-09-21 10:49:25 ----A---- C:\WINDOWS\System32\msoeacct.dll
2009-09-21 10:49:24 ----A---- C:\WINDOWS\System32\inetcomm.dll
2009-09-21 10:49:23 ----N---- C:\WINDOWS\System32\schedsvc.dll
2009-09-21 10:49:23 ----A---- C:\WINDOWS\System32\mstinit.exe
2009-09-21 10:49:23 ----A---- C:\WINDOWS\System32\mstask.dll
2009-09-21 10:47:54 ----A---- C:\WINDOWS\System32\accwiz.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\System32\sndrec32.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\System32\rdshost.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\System32\hypertrm.dll
2009-09-21 10:47:52 ----A---- C:\WINDOWS\System32\qprocess.exe
2009-09-21 10:47:52 ----A---- C:\WINDOWS\System32\mtxoci.dll
2009-09-21 10:47:52 ----A---- C:\WINDOWS\System32\msdtcuiu.dll
2009-09-21 10:47:52 ----A---- C:\WINDOWS\System32\msdtctm.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\System32\xolehlp.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\System32\msdtclog.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\System32\msdtc.exe
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\stclient.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\mtxlegih.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\mtxex.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\mtxdm.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\dcomcnfg.exe
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\comrepl.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\comaddin.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\colbact.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\clbcatex.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\catsrvps.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\System32\catsrv.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\System32\comuid.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\System32\comsnap.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\System32\clbcatq.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\System32\servdeps.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\System32\mplay32.exe
2009-09-21 10:47:44 ----A---- C:\WINDOWS\System32\mmfutil.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\System32\cmprops.dll
2009-09-21 10:47:43 ----A---- C:\WINDOWS\System32\spider.exe
2009-09-21 10:47:43 ----A---- C:\WINDOWS\System32\mspaint.exe
2009-09-21 10:47:43 ----A---- C:\WINDOWS\System32\clipbrd.exe
2009-09-21 10:47:42 ----N---- C:\WINDOWS\System32\wuauclt.exe
2009-09-21 10:47:42 ----A---- C:\WINDOWS\System32\wuauserv.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\System32\wuaueng.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\System32\tscfgwmi.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\System32\mstscax.dll
2009-09-21 10:47:41 ----N---- C:\WINDOWS\System32\termsrv.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\tscupgrd.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\sessmgr.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\remotepg.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\rdsaddin.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\rdpwsx.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\rdpsnd.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\rdpclip.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\rdchost.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\mstsc.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\System32\icaapi.dll
2009-09-21 10:47:40 ----A---- C:\WINDOWS\System32\msdtcprx.dll
2009-09-21 10:47:40 ----A---- C:\WINDOWS\System32\cfgbkend.dll
2009-09-21 10:47:40 ----A---- C:\WINDOWS\System32\catsrvut.dll
2009-09-21 10:47:39 ----A---- C:\WINDOWS\System32\comsvcs.dll
2009-09-21 10:47:35 ----A---- C:\WINDOWS\System32\licwmi.dll
2009-09-21 10:41:05 ----RA---- C:\WINDOWS\SET3E.tmp
2009-09-21 10:41:02 ----RA---- C:\WINDOWS\SET32.tmp
2009-09-21 10:31:47 ----D---- C:\WINDOWS\NV908920.TMP
2009-09-21 10:30:36 ----A---- C:\WINDOWS\System32\ksuser.dll
2009-09-21 10:28:55 ----A---- C:\WINDOWS\imsins.BAK
2009-09-21 10:28:41 ----A---- C:\WINDOWS\System32\irclass.dll
2009-09-21 10:28:40 ----A---- C:\WINDOWS\System32\storprop.dll
2009-09-21 10:28:40 ----A---- C:\WINDOWS\System32\spxcoins.dll
2009-09-21 10:28:22 ----RA---- C:\WINDOWS\SET7C.tmp
2009-09-21 10:28:19 ----RA---- C:\WINDOWS\SET70.tmp
2009-09-21 10:26:20 ----A---- C:\WINDOWS\setuplog.txt
2009-09-20 19:19:51 ----A---- C:\TB.txt
2009-09-20 19:18:57 ----D---- C:\ToolBar SD
2009-09-20 18:48:17 ----D---- C:\rsit
2009-09-20 18:48:17 ----D---- C:\Program Files\trend micro
2009-09-20 18:21:44 ----D---- C:\Program Files\VS Revo Group
2009-09-18 20:35:24 ----SHD---- C:\WINDOWS\System32\LocalService
2009-09-18 14:30:46 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\Avira
2009-09-18 14:17:53 ----D---- C:\Program Files\Avira
2009-09-18 14:17:53 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-09-17 19:25:00 ----ASH---- C:\WINDOWS\System32\4E.tmp
2009-09-17 19:24:59 ----A---- C:\WINDOWS\System32\FM2032.dll
2009-09-17 16:28:32 ----A---- C:\WINDOWS\MegaManager.INI
2009-09-16 19:53:07 ----D---- C:\WINDOWS\l2schemas
2009-09-16 19:53:06 ----D---- C:\WINDOWS\System32\fr
2009-09-16 19:53:06 ----D---- C:\WINDOWS\System32\bits
2009-09-16 19:48:19 ----D---- C:\WINDOWS\network diagnostic
2009-09-16 15:35:41 ----D---- C:\Program Files\Guitar Pro 5
2009-09-11 11:46:46 ----N---- C:\WINDOWS\System32\spmsg.dll
2009-09-06 10:21:38 ----N---- C:\WINDOWS\System32\wlanapi.dll
2009-09-06 10:21:36 ----N---- C:\WINDOWS\System32\verclsid.exe
2009-09-06 10:21:35 ----N---- C:\WINDOWS\System32\tspkg.dll
2009-09-06 10:21:35 ----N---- C:\WINDOWS\System32\tsgqec.dll
2009-09-06 10:21:31 ----N---- C:\WINDOWS\System32\setupn.exe
2009-09-06 10:21:30 ----N---- C:\WINDOWS\System32\rhttpaa.dll
2009-09-06 10:21:30 ----N---- C:\WINDOWS\System32\rasqec.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\System32\qutil.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\System32\qcliprov.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\System32\qagentrt.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\System32\qagent.dll
2009-09-06 10:21:28 ----N---- C:\WINDOWS\System32\onex.dll
2009-09-06 10:21:25 ----N---- C:\WINDOWS\System32\napstat.exe
2009-09-06 10:21:25 ----N---- C:\WINDOWS\System32\napmontr.dll
2009-09-06 10:21:25 ----N---- C:\WINDOWS\System32\napipsec.dll
2009-09-06 10:21:24 ----N---- C:\WINDOWS\System32\msshavmsg.dll
2009-09-06 10:21:24 ----N---- C:\WINDOWS\System32\mssha.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\System32\mmcperf.exe
2009-09-06 10:21:19 ----N---- C:\WINDOWS\System32\mmcfxcommon.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\System32\mmcex.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\System32\microsoft.managementconsole.dll
2009-09-06 10:21:15 ----N---- C:\WINDOWS\System32\l2gpstore.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\System32\kmsvc.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\System32\kbdpash.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\System32\kbdnepr.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\System32\kbdiultn.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\System32\kbdbhc.dll
2009-09-06 10:21:12 ----A---- C:\WINDOWS\System32\smtpapi.dll
2009-09-06 10:21:12 ----A---- C:\WINDOWS\System32\rwnh.dll
2009-09-06 10:21:09 ----A---- C:\WINDOWS\003300_.tmp
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eapsvc.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eapqec.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eappprxy.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eapphost.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eappgnui.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eappcfg.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eapp3hst.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\System32\eapolqec.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3ui.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3svc.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3msm.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3gpclnt.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3dlg.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3cfg.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dot3api.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dimsroam.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\System32\dimsntfy.dll
2009-09-06 10:21:06 ----N---- C:\WINDOWS\System32\dhcpqec.dll
2009-09-06 10:21:06 ----N---- C:\WINDOWS\System32\credssp.dll
2009-09-06 10:21:04 ----N---- C:\WINDOWS\System32\bitsprx4.dll
2009-09-06 10:21:04 ----N---- C:\WINDOWS\System32\azroles.dll
2009-09-06 10:21:01 ----N---- C:\WINDOWS\System32\aaclient.dll
2009-09-03 17:34:24 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-02 20:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-08-29 21:23:22 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\AVS4YOU
2009-08-29 21:23:20 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-08-29 21:22:27 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-08-29 21:22:16 ----A---- C:\WINDOWS\System32\msxml3a.dll
2009-08-29 21:22:16 ----A---- C:\WINDOWS\System32\mfc70.dll
2009-08-29 21:22:15 ----D---- C:\Program Files\AVS4YOU
2009-08-29 20:51:02 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\VistaCodecs
2009-08-29 20:50:54 ----D---- C:\Program Files\VistaCodecPack
2009-08-29 20:49:57 ----D---- C:\Documents and Settings\All Users\Application Data\VistaCodecs
2009-08-29 18:42:14 ----D---- C:\Program Files\WinAVI Video Converter
2009-08-29 18:10:41 ----D---- C:\WINDOWS\Minidump
2009-08-27 10:05:29 ----D---- C:\WINDOWS\System32\XPSViewer
2009-08-27 10:05:23 ----D---- C:\WINDOWS\System32\en-US
2009-08-27 10:05:16 ----D---- C:\Program Files\Reference Assemblies
2009-08-27 10:04:45 ----N---- C:\WINDOWS\System32\xpssvcs.dll
2009-08-27 10:04:45 ----N---- C:\WINDOWS\System32\xpsshhdr.dll
2009-08-27 10:04:45 ----N---- C:\WINDOWS\System32\prntvpt.dll
2009-08-27 10:02:08 ----D---- C:\Program Files\MSXML 6.0
2009-08-26 22:09:13 ----A---- C:\WINDOWS\Recode.INI
2009-08-26 22:06:13 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-08-25 11:47:01 ----N---- C:\WINDOWS\System32\RALMain.dll
2009-08-25 11:47:01 ----N---- C:\WINDOWS\System32\Ltrio13n.dll
2009-08-25 11:47:01 ----N---- C:\WINDOWS\System32\Ltr13n.dll
2009-08-25 11:47:01 ----N---- C:\WINDOWS\System32\DiskIO.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\vdrmux.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\vdrcodec.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\pclepim1.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\PCLEGetGuid.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\MMAviAx.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\MLPagAx.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\miroDV2Bmp.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\ltkrn13n.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\LTCLR13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\LTCLR13n.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lfwmf13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lftif13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lftga13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lfpct13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\LFJ2K13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lffax13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lffax13n.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\LFCMP13s.DLL
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\lfbmp13s.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\langserv.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\Cachex.dll
2009-08-25 11:47:00 ----N---- C:\WINDOWS\System32\Aviprax.dll
2009-08-25 11:45:17 ----A---- C:\WINDOWS\unvise32.exe
2009-08-25 11:43:17 ----D---- C:\Program Files\Pinnacle

======List of files/folders modified in the last 1 months======

2009-09-21 21:46:13 ----D---- C:\Program Files\Mozilla Firefox
2009-09-21 21:44:47 ----D---- C:\WINDOWS\Debug
2009-09-21 18:16:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-21 17:25:40 ----D---- C:\WINDOWS
2009-09-21 17:18:15 ----D---- C:\WINDOWS\system32
2009-09-21 12:23:45 ----D---- C:\WINDOWS\System32\usmt
2009-09-21 12:23:45 ----D---- C:\WINDOWS\System32\Setup
2009-09-21 12:23:40 ----D---- C:\WINDOWS\ime
2009-09-21 12:23:25 ----D---- C:\WINDOWS\System32\npp
2009-09-21 12:23:06 ----RSD---- C:\WINDOWS\Fonts
2009-09-21 12:21:55 ----D---- C:\WINDOWS\System32\1036
2009-09-21 12:21:51 ----D---- C:\WINDOWS\Media
2009-09-21 12:21:48 ----D---- C:\WINDOWS\twain_32
2009-09-21 12:21:31 ----D---- C:\WINDOWS\System32\icsxml
2009-09-21 12:21:10 ----D---- C:\WINDOWS\msagent
2009-09-21 12:20:54 ----D---- C:\WINDOWS\System32\ias
2009-09-21 12:20:44 ----D---- C:\WINDOWS\System32\1033
2009-09-21 12:19:28 ----D---- C:\WINDOWS\WinSxS
2009-09-21 12:19:28 ----D---- C:\WINDOWS\Driver Cache
2009-09-21 11:54:47 ----D---- C:\WINDOWS\System32\CatRoot2
2009-09-21 11:50:45 ----A---- C:\WINDOWS\system.ini
2009-09-21 11:48:11 ----D---- C:\WINDOWS\System32\drivers
2009-09-21 11:45:26 ----RSHDC---- C:\WINDOWS\System32\dllcache
2009-09-21 11:45:21 ----SHD---- C:\WINDOWS\Installer
2009-09-21 11:43:38 ----D---- C:\WINDOWS\AppPatch
2009-09-21 11:43:34 ----D---- C:\Program Files\Fichiers communs
2009-09-21 11:39:50 ----RASH---- C:\boot.ini
2009-09-21 11:08:38 ----D---- C:\Config.Msi
2009-09-21 11:08:24 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\HPAppData
2009-09-21 11:05:52 ----HD---- C:\WINDOWS\inf
2009-09-21 11:05:52 ----HD---- C:\Program Files\WindowsUpdate
2009-09-21 11:05:50 ----D---- C:\WINDOWS\Help
2009-09-21 11:01:52 ----D---- C:\WINDOWS\Registration
2009-09-21 10:59:57 ----A---- C:\WINDOWS\System32\PerfStringBackup.INI
2009-09-21 10:58:53 ----SHD---- C:\System Volume Information
2009-09-21 10:58:53 ----D---- C:\WINDOWS\System32\Restore
2009-09-21 10:56:42 ----D---- C:\WINDOWS\System32\inetsrv
2009-09-21 10:56:42 ----D---- C:\WINDOWS\System32\config
2009-09-21 10:56:42 ----D---- C:\WINDOWS\nview
2009-09-21 10:51:37 ----D---- C:\Program Files\Windows Media Player
2009-09-21 10:51:18 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-21 10:50:18 ----RD---- C:\WINDOWS\Web
2009-09-21 10:50:18 ----RD---- C:\Program Files
2009-09-21 10:50:09 ----RAH---- C:\WINDOWS\System32\cdplayer.exe.manifest
2009-09-21 10:49:58 ----A---- C:\WINDOWS\win.ini
2009-09-21 10:49:54 ----D---- C:\WINDOWS\srchasst
2009-09-21 10:49:48 ----D---- C:\WINDOWS\System32\oobe
2009-09-21 10:49:45 ----D---- C:\Program Files\NetMeeting
2009-09-21 10:49:44 ----D---- C:\Program Files\Outlook Express
2009-09-21 10:49:44 ----D---- C:\Program Files\Fichiers communs\System
2009-09-21 10:49:35 ----D---- C:\Program Files\Movie Maker
2009-09-21 10:49:17 ----D---- C:\Program Files\Internet Explorer
2009-09-21 10:48:29 ----D---- C:\WINDOWS\System32\Com
2009-09-21 10:47:53 ----D---- C:\Program Files\Windows NT
2009-09-21 10:47:49 ----D---- C:\WINDOWS\System32\wbem
2009-09-21 10:41:37 ----D---- C:\WINDOWS\security
2009-09-21 10:41:08 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-21 10:41:06 ----D---- C:\WINDOWS\System32\CatRoot
2009-09-21 10:28:40 ----D---- C:\WINDOWS\system
2009-09-20 18:15:14 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-18 14:14:20 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-17 20:35:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-17 20:16:51 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-17 20:15:37 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\FrostWire
2009-09-17 19:11:27 ----D---- C:\Program Files\eMule
2009-09-16 20:48:51 ----D---- C:\Program Files\Messenger
2009-09-16 19:53:22 ----D---- C:\WINDOWS\EHome
2009-09-16 19:53:08 ----D---- C:\WINDOWS\System32\fr-FR
2009-09-16 19:53:06 ----D---- C:\WINDOWS\peernet
2009-09-16 19:47:06 ----D---- C:\WINDOWS\System32\ReinstallBackups
2009-09-11 11:47:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-08-31 19:06:07 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-30 18:52:34 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\dvdcss
2009-08-29 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-08-29 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-08-29 20:58:47 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-08-27 12:03:13 ----RSD---- C:\WINDOWS\assembly
2009-08-27 11:19:36 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\vlc
2009-08-27 10:05:25 ----D---- C:\Program Files\MSBuild
2009-08-27 10:05:00 ----D---- C:\WINDOWS\System32\spool
2009-08-27 10:03:15 ----D---- C:\WINDOWS\System32\mui
2009-08-26 22:17:31 ----D---- C:\Program Files\Windows Desktop Search
2009-08-26 22:16:23 ----D---- C:\WINDOWS\ServicePackFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-10-29 28560]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\System32\drivers\incdrm.sys [2003-08-21 25520]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-18 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2003-04-24 57344]
R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINDOWS\System32\DRIVERS\EL2K_XP.sys [2003-07-17 147328]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2003-04-24 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-24 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2003-04-24 57984]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2003-04-24 19328]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2003-04-24 51968]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2003-04-24 15744]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2003-04-24 19328]
R4 InCDfs;InCD File System; C:\WINDOWS\System32\drivers\InCDfs.sys [2003-10-29 88400]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-26 55656]
S3 catchme;catchme; \??\C:\DOCUME~1\BEAETP~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2002-08-29 16384]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-11-01 21568]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-08-29 4992]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2001-08-17 83712]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2003-04-24 8064]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2003-04-24 10752]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2003-04-24 14592]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2002-08-29 56832]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2003-04-24 28160]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2002-08-29 24960]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2002-08-29 14208]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2003-04-24 21760]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2001-08-17 18560]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-09-18 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-18 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-18 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-09-18 434945]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2003-04-24 12800]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-10-29 790580]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2003-04-24 12800]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2003-04-24 12800]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-01-30 603904]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2003-04-24 12800]
S2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2003-04-24 12800]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-02-15 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-30 360192]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Bon courage

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2838
Windows 5.1.2600 Service Pack 1

22/09/2009 10:19:15
mbam-log-2009-09-22 (10-19-15).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 192007
Temps écoulé: 33 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 26

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\FM2032.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\1.tmp (Worm.P2P) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f09cf21e669 (Trojan.Tracur) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\FM2032.dll (Trojan.Tracur) -> Delete on reboot.
C:\WINDOWS\system32\1.tmp (Worm.P2P) -> Delete on reboot.
C:\Qoobox\Quarantine\C\DOCUME~1\BEAETP~1\LOCALS~1\Temp\35.tmp.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\8.tmp.vir (Worm.P2P) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\D.tmp.vir (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.tmp (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4E.tmp (Worm.P2P) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\2.tmp (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\293.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\293.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\294.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\294.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\295.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\295.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\296.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\296.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\301.music.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\301.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\302.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\302.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\303.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\303.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\304.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\304.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.

############################## | UsbFix V6.036 |

User : BEA ET PATRICK (Administrateurs) # BIBLOCQU-GRMNFP
Update on 21/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 10:45:22 | 23/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 39,07 Go (9,56 Go free) # NTFS
D:\ -> Disque fixe local # 75,42 Go (70,88 Go free) [D] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 1,88 Go (765,95 Mo free) # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\SoftwareDistribution\Download\fb7e4e3914021d8e9d80ac8f418fa4bb\update\update.exe

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |


################## | ! Fin du rapport # UsbFix V6.036 ! |


Le routeur ne clignote plus.J'ai l'impression de retrouver mon pc d'avant.

Merci

############################## | UsbFix V6.036 |

User : BEA ET PATRICK (Administrateurs) # BIBLOCQU-GRMNFP
Update on 21/09/2009 by Chiquitine29, C_XX & Chimay8
Start at: 11:11:40 | 24/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 39,07 Go (9,33 Go free) # NTFS
D:\ -> Disque fixe local # 75,42 Go (70,88 Go free) [D] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 1,88 Go (765,95 Mo free) # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[16/01/2009 12:07|--a------|0] C:\AUTOEXEC.BAT
[21/09/2009 10:46|--a------|212] C:\Boot.bak
[22/09/2009 10:36|-rahs----|282] C:\boot.ini
[24/04/2003 14:00|-rahs----|4952] C:\Bootfont.bin
[29/08/2002 01:06|--a------|249136] C:\cmldr
[16/01/2009 12:07|--a------|0] C:\CONFIG.SYS
[16/01/2009 12:07|-rahs----|0] C:\IO.SYS
[16/01/2009 12:07|-rahs----|0] C:\MSDOS.SYS
[22/09/2009 10:31|-rahs----|47564] C:\NTDETECT.COM
[22/09/2009 10:31|-rahs----|251712] C:\ntldr
[29/02/2004 17:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[17/04/2009 20:43|--ah-----|268] C:\sqmdata00.sqm
[18/04/2009 09:53|--ah-----|268] C:\sqmdata01.sqm
[18/04/2009 11:52|--ah-----|268] C:\sqmdata02.sqm
[18/04/2009 21:01|--ah-----|268] C:\sqmdata03.sqm
[19/04/2009 16:39|--ah-----|268] C:\sqmdata04.sqm
[19/04/2009 19:34|--ah-----|268] C:\sqmdata05.sqm
[19/04/2009 21:35|--ah-----|268] C:\sqmdata06.sqm
[20/04/2009 13:08|--ah-----|268] C:\sqmdata07.sqm
[23/04/2009 22:36|--ah-----|268] C:\sqmdata08.sqm
[24/04/2009 21:02|--ah-----|268] C:\sqmdata09.sqm
[08/06/2009 17:22|--ah-----|268] C:\sqmdata10.sqm
[05/07/2009 13:29|--ah-----|268] C:\sqmdata11.sqm
[25/03/2009 14:31|--ah-----|268] C:\sqmdata12.sqm
[25/03/2009 21:13|--ah-----|268] C:\sqmdata13.sqm
[26/03/2009 12:22|--ah-----|268] C:\sqmdata14.sqm
[27/03/2009 09:17|--ah-----|268] C:\sqmdata15.sqm
[27/03/2009 12:17|--ah-----|268] C:\sqmdata16.sqm
[30/03/2009 18:46|--ah-----|268] C:\sqmdata17.sqm
[16/04/2009 21:28|--ah-----|268] C:\sqmdata18.sqm
[17/04/2009 16:06|--ah-----|268] C:\sqmdata19.sqm
[17/04/2009 20:43|--ah-----|244] C:\sqmnoopt00.sqm
[18/04/2009 09:53|--ah-----|244] C:\sqmnoopt01.sqm
[18/04/2009 11:52|--ah-----|244] C:\sqmnoopt02.sqm
[18/04/2009 21:01|--ah-----|244] C:\sqmnoopt03.sqm
[19/04/2009 16:39|--ah-----|244] C:\sqmnoopt04.sqm
[19/04/2009 19:34|--ah-----|244] C:\sqmnoopt05.sqm
[19/04/2009 21:35|--ah-----|244] C:\sqmnoopt06.sqm
[20/04/2009 13:08|--ah-----|244] C:\sqmnoopt07.sqm
[23/04/2009 22:36|--ah-----|244] C:\sqmnoopt08.sqm
[24/04/2009 21:02|--ah-----|244] C:\sqmnoopt09.sqm
[08/06/2009 17:22|--ah-----|244] C:\sqmnoopt10.sqm
[05/07/2009 13:29|--ah-----|244] C:\sqmnoopt11.sqm
[25/03/2009 14:31|--ah-----|244] C:\sqmnoopt12.sqm
[25/03/2009 21:13|--ah-----|244] C:\sqmnoopt13.sqm
[26/03/2009 12:22|--ah-----|244] C:\sqmnoopt14.sqm
[27/03/2009 09:17|--ah-----|244] C:\sqmnoopt15.sqm
[27/03/2009 12:17|--ah-----|244] C:\sqmnoopt16.sqm
[30/03/2009 18:46|--ah-----|244] C:\sqmnoopt17.sqm
[16/04/2009 21:28|--ah-----|244] C:\sqmnoopt18.sqm
[17/04/2009 16:06|--ah-----|244] C:\sqmnoopt19.sqm
[21/09/2009 09:30|--a------|2709] C:\TB.txt
[18/01/2009 18:44|--a------|594] C:\updatedatfix.log
[24/09/2009 11:14|--a------|5246] C:\UsbFix.txt
[15/01/2009 12:29|--a------|2715] D:\adresse email.txt
[17/02/2009 10:36|--a------|7995676] D:\HONDAFX25.pdf
[30/01/2007 11:01|--a------|25600] D:\modele lettre tourneur.doc
[31/10/2005 17:56|--a------|700416] D:\StubInstaller.exe
[13/06/2009 11:39|--a------|0] G:\rw1.tmp
[19/09/2009 10:26|--a------|847938] G:\Money Sauvegarder d1.mbf
[05/07/2009 11:47|--a------|0] G:\rw2.tmp
[10/07/2009 11:59|--a------|0] G:\rw3.tmp
[01/08/2009 12:27|--a------|0] G:\rw4.tmp
[01/08/2009 19:03|--a------|0] G:\rw5.tmp
[29/08/2009 09:05|--a------|0] G:\rw6.tmp
[06/09/2009 11:11|--a------|0] G:\rw7.tmp
[19/09/2009 10:26|--a------|0] G:\rw8.tmp

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# G:\autorun.inf -> Folder created by UsbFix.

################## | ! Fin du rapport # UsbFix V6.036 ! |

Logfile of random's system information tool 1.06 (written by random/random)
Run by BEA ET PATRICK at 2009-09-25 15:57:22
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 9 GB (21%) free of 40 GB
Total RAM: 2047 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:57:33, on 25/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\BEA ET PATRICK\Bureau\RSIT.exe
C:\Program Files\trend micro\BEA ET PATRICK.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
End of file - 7360 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-12-18 1878872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Accélérateur de démarrage AutoCAD.lnk]
C:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE [2006-03-05 11000]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\StubInstaller.exe"="D:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-09-25 15:51:51 ----D---- C:\WINDOWS\temp
2009-09-25 15:51:48 ----A---- C:\ComboFix.txt
2009-09-25 15:42:40 ----D---- C:\ComboFix
2009-09-25 15:17:37 ----D---- C:\WINDOWS\LastGood
2009-09-25 15:14:44 ----D---- C:\WINDOWS\Prefetch
2009-09-25 15:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-25 14:36:39 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-09-24 11:14:40 ----RAD---- C:\autorun.inf
2009-09-24 11:11:33 ----A---- C:\UsbFix.txt
2009-09-23 12:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-23 12:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-23 12:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-23 12:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-23 11:59:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-23 11:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-23 10:58:13 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-09-23 10:58:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-09-23 10:58:08 ----A---- C:\WINDOWS\006331_.tmp
2009-09-23 10:44:28 ----D---- C:\UsbFix
2009-09-22 11:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2009-09-22 11:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-09-22 11:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2009-09-22 11:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-09-22 11:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-09-22 11:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2009-09-22 11:09:50 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2009-09-22 11:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2009-09-22 11:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-09-22 11:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-09-22 11:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-09-22 11:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2009-09-22 11:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-09-22 11:04:29 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2009-09-22 11:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2009-09-22 11:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-09-22 11:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-09-22 11:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-09-22 11:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2009-09-22 10:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-09-22 10:58:36 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-09-22 10:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-09-22 10:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-09-22 10:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-09-22 10:55:29 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-09-22 10:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-09-22 10:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-09-22 10:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2009-09-22 10:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-09-22 10:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-09-22 10:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-09-22 10:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-09-22 10:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-09-22 10:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-09-22 10:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-09-22 10:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2009-09-22 10:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-09-22 10:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-09-22 10:43:36 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-09-22 10:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-09-22 10:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-09-22 10:40:59 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-09-22 10:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-09-22 10:39:26 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-09-22 10:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-09-22 10:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-09-22 10:27:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-09-22 08:35:45 ----HDC---- C:\WINDOWS\$NtUninstallKB899587_0$
2009-09-22 08:34:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924191_0$
2009-09-22 08:33:46 ----HDC---- C:\WINDOWS\$NtUninstallKB922819_0$
2009-09-22 08:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB885835_0$
2009-09-22 08:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB885836_0$
2009-09-22 08:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB923414_0$
2009-09-22 08:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB921883_0$
2009-09-22 08:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB911927_0$
2009-09-22 08:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB922616_0$
2009-09-22 08:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB901017_0$
2009-09-22 08:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB899591_0$
2009-09-22 08:27:25 ----HDC---- C:\WINDOWS\$NtUninstallKB920685_0$
2009-09-22 08:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB896424_0$
2009-09-22 08:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB893756_0$
2009-09-22 08:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911280_0$
2009-09-22 08:24:17 ----HDC---- C:\WINDOWS\$NtUninstallKB833407$
2009-09-22 08:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB911562_0$
2009-09-22 08:23:13 ----HDC---- C:\WINDOWS\$NtUninstallKB896423_0$
2009-09-22 08:20:55 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-22 08:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB873339_0$
2009-09-22 08:19:19 ----HDC---- C:\WINDOWS\$NtUninstallKB924496_0$
2009-09-22 08:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$
2009-09-22 08:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$
2009-09-22 08:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB896358_0$
2009-09-22 08:17:22 ----HDC---- C:\WINDOWS\$NtUninstallKB910437_0$
2009-09-22 08:16:42 ----HDC---- C:\WINDOWS\$NtUninstallKB905495$
2009-09-22 08:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-09-21 22:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB902400_0$
2009-09-21 22:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB920670_0$
2009-09-21 22:45:52 ----HDC---- C:\WINDOWS\$NtUninstallKB891781_0$
2009-09-21 22:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB890046_0$
2009-09-21 22:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB919007_0$
2009-09-21 22:44:14 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\Malwarebytes
2009-09-21 22:44:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-21 22:44:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-21 22:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB914388_0$
2009-09-21 22:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB917344_0$
2009-09-21 22:42:10 ----HDC---- C:\WINDOWS\$NtUninstallKB905414_0$
2009-09-21 22:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB917953_0$
2009-09-21 22:33:46 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP8$
2009-09-21 22:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB901214_0$
2009-09-21 22:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923191_0$
2009-09-21 22:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB917422_0$
2009-09-21 22:31:22 ----HDC---- C:\WINDOWS\$NtUninstallKB892944$
2009-09-21 22:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB888302_0$
2009-09-21 22:30:04 ----HDC---- C:\WINDOWS\$NtUninstallKB900725_0$
2009-09-21 22:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB912919_0$
2009-09-21 22:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$
2009-09-21 22:28:24 ----HDC---- C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$
2009-09-21 22:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB904706_0$
2009-09-21 22:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB908531_0$
2009-09-21 22:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB905749_0$
2009-09-21 22:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB913580_0$
2009-09-21 22:25:51 ----HDC---- C:\WINDOWS\$NtUninstallKB896428_0$
2009-09-21 22:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB835409$
2009-09-21 22:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB908519_0$
2009-09-21 22:24:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920683_0$
2009-09-21 22:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB914389_0$
2009-09-21 22:23:13 ----HDC---- C:\WINDOWS\$NtUninstallKB890859_0$
2009-09-21 22:06:05 ----A---- C:\WINDOWS\system32\esent.dll
2009-09-21 21:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2009-09-21 21:54:19 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-21 21:54:19 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-21 11:39:50 ----A---- C:\Boot.bak
2009-09-21 11:39:45 ----RASHD---- C:\cmdcons
2009-09-21 11:38:03 ----A---- C:\WINDOWS\zip.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWSC.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWREG.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\sed.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\PEV.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\NIRCMD.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\grep.exe
2009-09-21 11:16:33 ----D---- C:\WINDOWS\ERDNT
2009-09-21 11:09:55 ----D---- C:\Qoobox
2009-09-21 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-21 10:50:15 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-09-21 10:49:45 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-09-21 10:49:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-09-21 10:49:43 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\system32\isign32.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-09-21 10:49:35 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-09-21 10:49:30 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-09-21 10:49:29 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-09-21 10:49:29 ----A---- C:\WINDOWS\system32\srclient.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-21 10:49:25 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-21 10:49:23 ----N---- C:\WINDOWS\system32\schedsvc.dll
2009-09-21 10:49:23 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-09-21 10:49:23 ----A---- C:\WINDOWS\system32\mstask.dll
2009-09-21 10:47:54 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-09-21 10:47:52 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-09-21 10:47:52 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\stclient.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\system32\comuid.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-09-21 10:47:43 ----A---- C:\WINDOWS\system32\spider.exe
2009-09-21 10:47:43 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-09-21 10:47:43 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-09-21 10:47:42 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-09-21 10:47:41 ----N---- C:\WINDOWS\system32\termsrv.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-09-21 10:47:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-09-21 10:47:35 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-09-21 10:41:05 ----RA---- C:\WINDOWS\SET3E.tmp
2009-09-21 10:31:47 ----D---- C:\WINDOWS\NV908920.TMP
2009-09-21 10:30:36 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-21 10:28:41 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-21 10:28:40 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-21 10:28:40 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-21 10:28:22 ----RA---- C:\WINDOWS\SET7C.tmp
2009-09-21 10:26:20 ----A---- C:\WINDOWS\setuplog.txt
2009-09-20 19:19:51 ----A---- C:\TB.txt
2009-09-20 19:18:57 ----D---- C:\ToolBar SD
2009-09-20 18:48:17 ----D---- C:\rsit
2009-09-20 18:48:17 ----D---- C:\Program Files\trend micro
2009-09-20 18:21:44 ----D---- C:\Program Files\VS Revo Group
2009-09-18 14:30:46 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\Avira
2009-09-18 14:17:53 ----D---- C:\Program Files\Avira
2009-09-18 14:17:53 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-09-17 16:28:32 ----A---- C:\WINDOWS\MegaManager.INI
2009-09-16 19:53:07 ----D---- C:\WINDOWS\l2schemas
2009-09-16 19:53:06 ----D---- C:\WINDOWS\system32\fr
2009-09-16 19:53:06 ----D---- C:\WINDOWS\system32\bits
2009-09-16 19:48:19 ----D---- C:\WINDOWS\network diagnostic
2009-09-16 15:35:41 ----D---- C:\Program Files\Guitar Pro 5
2009-09-11 11:46:46 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-06 10:21:38 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-09-06 10:21:36 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-09-06 10:21:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-09-06 10:21:35 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-09-06 10:21:31 ----N---- C:\WINDOWS\system32\setupn.exe
2009-09-06 10:21:30 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-09-06 10:21:30 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qutil.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qagent.dll
2009-09-06 10:21:28 ----N---- C:\WINDOWS\system32\onex.dll
2009-09-06 10:21:25 ----N---- C:\WINDOWS\system32\napstat.exe
2009-09-06 10:21:25 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-09-06 10:21:25 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-09-06 10:21:24 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-09-06 10:21:24 ----N---- C:\WINDOWS\system32\mssha.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-09-06 10:21:15 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-09-06 10:21:09 ----A---- C:\WINDOWS\003300_.tmp
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-09-06 10:21:06 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-09-06 10:21:06 ----N---- C:\WINDOWS\system32\credssp.dll
2009-09-06 10:21:04 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-09-06 10:21:04 ----N---- C:\WINDOWS\system32\azroles.dll
2009-09-06 10:21:01 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-09-03 17:34:24 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-02 20:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-08-29 21:23:22 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\AVS4YOU
2009-08-29 21:23:20 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-08-29 21:22:27 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-08-29 21:22:16 ----A---- C:\WINDOWS\system32\msxml3a.dll
2009-08-29 21:22:16 ----A---- C:\WINDOWS\system32\mfc70.dll
2009-08-29 21:22:15 ----D---- C:\Program Files\AVS4YOU
2009-08-29 20:51:02 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\VistaCodecs
2009-08-29 20:50:54 ----D---- C:\Program Files\VistaCodecPack
2009-08-29 20:49:57 ----D---- C:\Documents and Settings\All Users\Application Data\VistaCodecs
2009-08-29 18:42:14 ----D---- C:\Program Files\WinAVI Video Converter
2009-08-29 18:10:41 ----D---- C:\WINDOWS\Minidump
2009-08-27 10:05:29 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-27 10:05:23 ----D---- C:\WINDOWS\system32\en-US
2009-08-27 10:05:16 ----D---- C:\Program Files\Reference Assemblies
2009-08-27 10:04:45 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-27 10:04:45 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-27 10:04:45 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-27 10:02:08 ----D---- C:\Program Files\MSXML 6.0
2009-08-26 22:09:13 ----A---- C:\WINDOWS\Recode.INI
2009-08-26 22:06:13 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead

======List of files/folders modified in the last 1 months======

2009-09-25 15:52:26 ----D---- C:\Program Files\Mozilla Firefox
2009-09-25 15:51:52 ----D---- C:\WINDOWS\system32
2009-09-25 15:51:51 ----D---- C:\WINDOWS
2009-09-25 15:49:38 ----A---- C:\WINDOWS\system.ini
2009-09-25 15:47:25 ----D---- C:\WINDOWS\system32\drivers
2009-09-25 15:47:25 ----D---- C:\WINDOWS\AppPatch
2009-09-25 15:47:23 ----D---- C:\Program Files\Fichiers communs
2009-09-25 15:43:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-25 15:42:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-25 15:39:14 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\HPAppData
2009-09-25 15:19:36 ----HD---- C:\WINDOWS\inf
2009-09-25 15:19:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-25 15:14:15 ----D---- C:\WINDOWS\system32\wbem
2009-09-25 15:14:15 ----D---- C:\WINDOWS\system32\Setup
2009-09-25 15:14:14 ----RSD---- C:\WINDOWS\Fonts
2009-09-25 15:13:41 ----D---- C:\WINDOWS\security
2009-09-25 15:00:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-25 15:00:08 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-25 14:57:41 ----D---- C:\Program Files\Messenger
2009-09-25 14:57:38 ----D---- C:\Program Files\Windows Media Player
2009-09-25 14:57:37 ----D---- C:\WINDOWS\Help
2009-09-25 14:57:28 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-25 14:57:28 ----D---- C:\WINDOWS\ime
2009-09-25 14:57:19 ----D---- C:\WINDOWS\peernet
2009-09-25 14:57:18 ----D---- C:\Program Files\Movie Maker
2009-09-25 14:54:08 ----D---- C:\WINDOWS\system32\Restore
2009-09-25 14:54:08 ----D---- C:\Program Files\Internet Explorer
2009-09-25 14:54:07 ----D---- C:\WINDOWS\system32\npp
2009-09-25 14:54:06 ----D---- C:\WINDOWS\msagent
2009-09-25 14:54:05 ----D---- C:\WINDOWS\srchasst
2009-09-25 14:54:04 ----D---- C:\Program Files\NetMeeting
2009-09-25 14:54:03 ----D---- C:\WINDOWS\system32\Com
2009-09-25 14:54:01 ----D---- C:\Program Files\Windows NT
2009-09-25 14:54:00 ----D---- C:\Program Files\Outlook Express
2009-09-25 14:53:57 ----D---- C:\Program Files\Fichiers communs\System
2009-09-25 14:53:38 ----D---- C:\WINDOWS\system32\usmt
2009-09-25 14:53:38 ----D---- C:\WINDOWS\system32\oobe
2009-09-25 14:53:36 ----D---- C:\WINDOWS\system
2009-09-25 14:50:20 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-25 14:46:02 ----D---- C:\WINDOWS\EHome
2009-09-25 14:35:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-22 11:20:21 ----D---- C:\WINDOWS\Debug
2009-09-22 10:36:15 ----RASH---- C:\boot.ini
2009-09-22 10:31:47 ----RD---- C:\WINDOWS\Web
2009-09-22 10:31:36 ----RASH---- C:\NTDETECT.COM
2009-09-21 22:44:02 ----RD---- C:\Program Files
2009-09-21 22:32:44 ----D---- C:\WINDOWS\WinSxS
2009-09-21 21:55:50 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-09-21 21:52:20 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-21 12:21:55 ----D---- C:\WINDOWS\system32\1036
2009-09-21 12:21:51 ----D---- C:\WINDOWS\Media
2009-09-21 12:21:48 ----D---- C:\WINDOWS\twain_32
2009-09-21 12:21:31 ----D---- C:\WINDOWS\system32\icsxml
2009-09-21 12:20:54 ----D---- C:\WINDOWS\system32\ias
2009-09-21 12:20:44 ----D---- C:\WINDOWS\system32\1033
2009-09-21 12:19:28 ----D---- C:\WINDOWS\Driver Cache
2009-09-21 11:45:21 ----SHD---- C:\WINDOWS\Installer
2009-09-21 11:08:38 ----D---- C:\Config.Msi
2009-09-21 11:05:52 ----HD---- C:\Program Files\WindowsUpdate
2009-09-21 11:01:52 ----D---- C:\WINDOWS\Registration
2009-09-21 10:58:53 ----SHD---- C:\System Volume Information
2009-09-21 10:56:42 ----D---- C:\WINDOWS\system32\config
2009-09-21 10:56:42 ----D---- C:\WINDOWS\nview
2009-09-21 10:51:18 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-21 10:50:09 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-09-21 10:49:58 ----A---- C:\WINDOWS\win.ini
2009-09-21 10:41:08 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-20 18:15:14 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-18 14:14:20 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-17 20:35:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-17 20:15:37 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\FrostWire
2009-09-17 19:11:27 ----D---- C:\Program Files\eMule
2009-09-16 19:53:08 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-11 11:47:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-08-31 19:06:07 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-30 18:52:34 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\dvdcss
2009-08-29 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-08-29 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-08-29 20:58:47 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-08-27 12:03:13 ----RSD---- C:\WINDOWS\assembly
2009-08-27 11:19:36 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\vlc
2009-08-27 10:05:25 ----D---- C:\Program Files\MSBuild
2009-08-27 10:05:00 ----D---- C:\WINDOWS\system32\spool
2009-08-27 10:03:15 ----D---- C:\WINDOWS\system32\mui
2009-08-26 22:17:31 ----D---- C:\Program Files\Windows Desktop Search
2009-08-26 22:16:23 ----D---- C:\WINDOWS\ServicePackFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-10-29 28560]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-18 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-26 55656]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 catchme;catchme; \??\C:\DOCUME~1\BEAETP~1\LOCALS~1\Temp\catchme.sys []
R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINDOWS\System32\DRIVERS\EL2K_XP.sys [2003-07-17 147328]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-24 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-10-29 88400]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-11-01 21568]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-09-18 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-18 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-18 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-09-18 434945]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-10-29 790580]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-01-30 603904]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
S2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-02-15 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-30 360192]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

ComboFix 09-09-24.01 - BEA ET PATRICK 25/09/2009 16:04.3.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1584 [GMT 2:00]
Lancé depuis: c:\documents and settings\BEA ET PATRICK\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\BEA ET PATRICK\Bureau\CFScript.txt..txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}

FILE ::
"c:\windows\NV908920.TMP"
"c:\windows\SET32.tmp"
"c:\windows\SET70.tmp"
"c:\windows\System32\1.tmp"
"c:\windows\System32\2.tmp"
"c:\windows\System32\4E.tmp"
"c:\windows\System32\CF7883.exe"
"c:\windows\System32\FM2032.dll"
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-08-25 au 2009-09-25 ))))))))))))))))))))))))))))))))))))
.

2009-09-25 13:17 . 2009-09-25 13:17 -------- d-----w- c:\windows\LastGood
2009-09-23 08:45 . 2009-06-05 07:46 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2009-09-23 08:44 . 2008-10-03 10:17 247326 -c----w- c:\windows\system32\dllcache\strmdll.dll
2009-09-23 08:44 . 2009-09-24 09:14 -------- d-----w- C:\UsbFix
2009-09-23 08:44 . 2008-05-01 14:31 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-09-23 08:43 . 2009-06-21 22:06 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-22 15:38 . 2009-09-22 15:38 -------- d-----w- c:\documents and settings\ROMANE\Application Data\Malwarebytes
2009-09-22 13:24 . 2009-09-22 13:24 -------- d-----w- c:\documents and settings\CLEMENT\Application Data\Malwarebytes
2009-09-22 08:35 . 2009-09-22 09:16 -------- d-----w- c:\windows\system32\wbem\Repository.001
2009-09-22 05:33 . 2004-08-02 12:20 4569 ------w- c:\windows\system32\secupd.dat
2009-09-21 20:44 . 2009-09-21 20:44 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\Malwarebytes
2009-09-21 20:44 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-21 20:44 . 2009-09-21 20:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-21 20:44 . 2009-09-21 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-21 20:44 . 2009-09-10 12:53 18520 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-21 20:06 . 2008-04-14 02:33 1097728 ----a-w- c:\windows\system32\esent.dll
2009-09-21 19:54 . 2008-04-14 02:33 354304 ----a-w- c:\windows\system32\winhttp.dll
2009-09-21 19:54 . 2008-04-14 02:33 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2009-09-21 08:52 . 2003-04-24 12:00 70656 -c--a-w- c:\windows\system32\dllcache\korwbrkr.dll
2009-09-21 08:51 . 2003-04-24 12:00 7680 -c--a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-09-21 08:51 . 2003-04-24 12:00 19968 -c--a-w- c:\windows\system32\dllcache\inetsloc.dll
2009-09-21 08:51 . 2003-04-24 12:00 5632 -c--a-w- c:\windows\system32\dllcache\iisrstap.dll
2009-09-21 08:51 . 2003-04-24 12:00 173056 -c--a-w- c:\windows\system32\dllcache\iisui.dll
2009-09-21 08:51 . 2003-04-24 12:00 14848 -c--a-w- c:\windows\system32\dllcache\iisreset.exe
2009-09-21 08:51 . 2003-04-24 12:00 6144 -c--a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2009-09-21 08:51 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys
2009-09-21 08:51 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys
2009-09-21 08:51 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys
2009-09-21 08:51 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys
2009-09-21 08:47 . 2008-04-14 02:33 190464 ----a-w- c:\windows\system32\accwiz.exe
2009-09-21 08:45 . 2008-04-13 18:45 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2009-09-21 08:45 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2009-09-21 08:32 . 2008-04-14 01:57 58752 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-21 08:31 . 2009-09-21 08:31 -------- d-----w- c:\windows\NV908920.TMP
2009-09-21 08:30 . 2008-04-14 02:33 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-09-21 08:30 . 2008-04-14 02:34 40840 ----a-w- c:\windows\system32\drivers\termdd.sys
2009-09-21 08:30 . 2008-04-13 18:32 196224 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2009-09-21 08:28 . 2003-04-24 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2009-09-21 08:28 . 2003-04-24 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2009-09-21 08:28 . 2008-04-14 02:34 146944 ----a-w- c:\windows\system\winspool.drv
2009-09-21 08:28 . 2008-04-14 02:33 76800 ----a-w- c:\windows\system32\storprop.dll
2009-09-21 08:28 . 2008-04-13 18:54 11264 ----a-w- c:\windows\system32\drivers\irenum.sys
2009-09-21 08:28 . 2003-04-24 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2009-09-21 08:28 . 2003-04-24 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2009-09-20 17:18 . 2009-09-21 07:30 -------- d-----w- C:\ToolBar SD
2009-09-20 16:48 . 2009-09-25 13:57 -------- d-----w- c:\program files\trend micro
2009-09-20 16:48 . 2009-09-20 16:48 -------- d-----w- C:\rsit
2009-09-20 16:21 . 2009-09-20 16:21 -------- d-----w- c:\program files\VS Revo Group
2009-09-18 19:01 . 2009-09-18 19:01 -------- d-----w- c:\documents and settings\CLEMENT\Local Settings\Application Data\HP
2009-09-18 12:30 . 2009-09-18 12:30 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\Avira
2009-09-18 12:17 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-09-18 12:17 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-09-18 12:17 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-09-18 12:17 . 2009-09-18 12:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-09-18 12:17 . 2009-09-18 12:17 -------- d-----w- c:\program files\Avira
2009-09-16 17:53 . 2009-09-16 17:53 -------- d-----w- c:\windows\l2schemas
2009-09-16 17:53 . 2009-09-16 17:53 -------- d-----w- c:\windows\system32\fr
2009-09-16 17:53 . 2009-09-16 17:53 -------- d-----w- c:\windows\system32\bits
2009-09-16 13:35 . 2009-09-16 13:35 -------- d-----w- c:\program files\Guitar Pro 5
2009-09-05 17:45 . 2009-09-05 17:45 -------- d-----w- c:\documents and settings\LAURA\Local Settings\Application Data\Microsoft Help
2009-09-05 15:32 . 2009-09-18 17:27 -------- d-----w- c:\documents and settings\LAURA\Tracing
2009-09-03 15:34 . 2009-09-03 15:34 -------- d-----w- c:\windows\system32\drivers\umdf
2009-08-29 19:23 . 2009-08-29 19:23 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\AVS4YOU
2009-08-29 19:23 . 2009-08-29 19:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-08-29 19:22 . 2009-09-03 15:35 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2009-08-29 19:22 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-08-29 19:22 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-08-29 19:22 . 2009-09-03 15:35 -------- d-----w- c:\program files\AVS4YOU
2009-08-29 18:51 . 2009-08-29 18:51 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\VistaCodecs
2009-08-29 18:50 . 2009-08-29 18:51 -------- d-----w- c:\program files\VistaCodecPack
2009-08-29 18:49 . 2009-08-29 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\VistaCodecs
2009-08-29 16:42 . 2009-08-29 16:42 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Local Settings\Application Data\WinAVI
2009-08-29 16:42 . 2009-08-29 17:10 -------- d-----w- c:\program files\WinAVI Video Converter
2009-08-29 16:09 . 2009-08-29 16:09 70144 ----a-w- c:\windows\system32\drivers\qrppcqbwqwkutoic.sys
2009-08-27 09:16 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\usbaudio.sys
2009-08-27 08:05 . 2009-08-27 08:05 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-27 08:05 . 2009-08-27 08:05 -------- d-----w- c:\program files\Reference Assemblies
2009-08-27 08:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-27 08:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-27 08:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-27 08:02 . 2009-08-27 08:02 -------- d-----w- c:\program files\MSXML 6.0
2009-08-26 20:06 . 2009-08-26 20:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-25 14:02 . 2009-01-17 15:08 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\HPAppData
2009-09-25 13:19 . 2003-04-24 12:00 90268 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-25 13:19 . 2003-04-24 12:00 525742 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-23 13:50 . 2009-01-27 16:32 -------- d-----w- c:\documents and settings\CLEMENT\Application Data\HPAppData
2009-09-22 15:38 . 2009-01-27 16:54 115184 ----a-w- c:\documents and settings\ROMANE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-21 15:18 . 2009-01-27 16:27 115184 ----a-w- c:\documents and settings\CLEMENT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-21 09:02 . 2009-01-16 10:46 115184 ----a-w- c:\documents and settings\BEA ET PATRICK\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-21 08:48 . 2009-01-16 10:04 23032 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-20 16:15 . 2009-01-17 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-18 17:27 . 2009-02-24 16:22 115184 ----a-w- c:\documents and settings\LAURA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-18 12:14 . 2009-01-17 14:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-17 18:35 . 2009-01-16 10:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-17 18:15 . 2009-03-17 17:18 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\FrostWire
2009-09-17 17:11 . 2009-01-18 17:25 -------- d-----w- c:\program files\eMule
2009-09-11 09:47 . 2009-01-16 20:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-05 17:45 . 2009-02-24 16:26 -------- d-----w- c:\documents and settings\LAURA\Application Data\HPAppData
2009-08-31 15:15 . 2009-01-27 16:59 -------- d-----w- c:\documents and settings\ROMANE\Application Data\HPAppData
2009-08-30 16:52 . 2009-03-21 09:57 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\dvdcss
2009-08-27 09:19 . 2009-05-02 11:49 -------- d-----w- c:\documents and settings\BEA ET PATRICK\Application Data\vlc
2009-08-27 08:05 . 2009-01-16 20:53 -------- d-----w- c:\program files\MSBuild
2009-08-26 20:17 . 2009-02-13 14:01 -------- d-----w- c:\program files\Windows Desktop Search
2009-08-26 08:17 . 2009-04-29 15:04 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-25 09:44 . 2009-08-25 09:43 -------- d-----w- c:\program files\Pinnacle
2009-08-19 16:35 . 2009-06-05 16:54 -------- d-----w- c:\program files\Windows Live
2009-08-19 16:34 . 2009-08-19 16:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-08-19 16:33 . 2009-01-28 09:17 -------- d-----w- c:\program files\MSN Messenger
2009-08-19 16:33 . 2009-08-19 16:33 -------- d-----w- c:\program files\Microsoft
2009-08-19 16:32 . 2009-08-19 16:32 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-19 07:57 . 2009-06-05 16:54 -------- d-----w- c:\program files\Messenger Plus! Live
2009-08-07 18:17 . 2009-08-07 18:17 -------- d-----w- c:\program files\Fichiers communs\DVDVIDEOSOFT
2009-08-05 17:26 . 2009-08-05 17:26 -------- d-----w- c:\program files\TechCity Solutions
2009-08-05 17:26 . 2009-08-05 17:22 -------- d-----w- c:\program files\Alice
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 18:56 . 2003-04-24 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-12 10:21 . 2009-01-16 10:40 233472 ------w- c:\windows\system32\wmpdxm.dll
2009-07-10 11:01 . 2009-07-10 11:01 307560 ----a-w- c:\windows\WLXPGSS.SCR
2009-06-29 01:32 . 2009-06-29 01:32 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-03-19 18:26 . 2009-03-19 18:26 56 --sh--r- c:\windows\system32\7B17252C37.sys
2009-03-19 18:26 . 2009-03-19 18:26 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

------- Sigcheck -------

[7] 2008-04-14 02:33 . AA370F0D5B900E13D40E9CB834B5DA10 . 52736 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\mspmsnsv.dll
[7] 2008-04-14 02:33 . AA370F0D5B900E13D40E9CB834B5DA10 . 52736 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\51f93922a72f4cba24d116598e161b49\mspmsnsv.dll
[7] 2008-04-14 02:33 . AA370F0D5B900E13D40E9CB834B5DA10 . 52736 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2006-08-24 20:30 . 482069CDA24AA0E94B1351E30EB3D01F . 27648 . . [11.0.5705.5043] . . c:\windows\system32\mspmsnsv.dll
[7] 2004-08-19 15:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2004-08-19 15:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
[7] 2004-08-19 15:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mspmsnsv.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-03 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Accélérateur de démarrage AutoCAD.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Accélérateur de démarrage AutoCAD.lnk
backup=c:\windows\pss\Accélérateur de démarrage AutoCAD.lnkCommon Startup

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Rainlendar2"=c:\program files\Rainlendar2\Rainlendar2.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
"SoundMAX"="c:\program files\Analog Devices\SoundMAX\Smax4.exe" /tray
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"InCD"=c:\program files\Ahead\InCD\InCD.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AliceSAV"=c:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"d:\\StubInstaller.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:emule entrant
"4672:UDP"= 4672:UDP:emule sortant

R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [18/09/2009 14:17 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [18/09/2009 14:17 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [18/09/2009 14:17 434945]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [30/01/2009 12:23 603904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'

2009-09-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-09-25 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\documents and settings\BEA ET PATRICK\Application Data\Mozilla\Firefox\Profiles\h0pfpcdl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2088315&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ecouter-la-radio Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.aliceadsl.fr/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2088315&SearchSource=2&q=
FF - component: c:\documents and settings\BEA ET PATRICK\Application Data\Mozilla\Firefox\Profiles\h0pfpcdl.default\extensions\{6e454792-2f36-46d3-bb20-4be949b6fb8a}\components\FFExternalAlert.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-25 16:08
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(964)
c:\program files\Avira\AntiVir Desktop\avsda.dll

- - - - - - - > 'explorer.exe'(2384)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\fr-fr\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-09-25 16:10
ComboFix-quarantined-files.txt 2009-09-25 14:10
ComboFix2.txt 2009-09-25 13:51

Avant-CF: 8 984 248 320 octets libres
Après-CF: 8 969 519 104 octets libres

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,5
281 --- E O F --- 2009-09-25 13:00

========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
Folder move failed. c:\windows\NV908920.TMP scheduled to be moved on reboot.
File/Folder c:\windows\SET32.tmp" not found.
File/Folder c:\windows\SET70.tmp" not found.
File/Folder c:\windows\System32\1.tmp" not found.
File/Folder c:\windows\System32\2.tmp" not found.
File/Folder c:\windows\System32\4E.tmp" not found.
File/Folder c:\windows\System32\CF7883.e not found.

OTM by OldTimer - Version 3.0.0.6 log created on 09262009_085853

Logfile of random's system information tool 1.06 (written by random/random)
Run by BEA ET PATRICK at 2009-09-26 13:42:26
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 8 GB (20%) free of 40 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:42:37, on 26/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\BEA ET PATRICK\Bureau\RSIT.exe
C:\Program Files\trend micro\BEA ET PATRICK.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.windows.fr/ie8/msn/bienvenue
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O20 - Winlogon Notify: f09cf21e669 - C:\WINDOWS\
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
End of file - 8065 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-12-18 1878872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Accélérateur de démarrage AutoCAD.lnk]
C:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE [2006-03-05 11000]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\f09cf21e669]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\StubInstaller.exe"="D:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-09-26 11:34:46 ----D---- C:\WINDOWS\LastGood
2009-09-25 21:53:08 ----D---- C:\_OTM
2009-09-25 18:22:02 ----D---- C:\Program Files\Guitar Pro 5
2009-09-25 18:18:41 ----SHD---- C:\RECYCLER
2009-09-25 16:27:53 ----HD---- C:\WINDOWS\msdownld.tmp
2009-09-25 16:27:26 ----D---- C:\WINDOWS\ie8updates
2009-09-25 16:26:16 ----D---- C:\WINDOWS\WBEM
2009-09-25 16:24:54 ----HDC---- C:\WINDOWS\ie8
2009-09-25 16:11:02 ----D---- C:\WINDOWS\temp
2009-09-25 16:11:00 ----A---- C:\ComboFix.txt
2009-09-25 15:14:44 ----D---- C:\WINDOWS\Prefetch
2009-09-25 15:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-25 14:36:39 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-09-24 11:14:40 ----RAD---- C:\autorun.inf
2009-09-24 11:11:33 ----A---- C:\UsbFix.txt
2009-09-23 12:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-23 12:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-23 12:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-23 12:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-23 11:59:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-23 11:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-23 10:58:13 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-09-23 10:58:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-09-23 10:58:08 ----A---- C:\WINDOWS\006331_.tmp
2009-09-23 10:44:28 ----D---- C:\UsbFix
2009-09-22 11:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2009-09-22 11:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-09-22 11:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2009-09-22 11:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-09-22 11:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-09-22 11:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2009-09-22 11:09:50 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2009-09-22 11:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2009-09-22 11:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-09-22 11:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-09-22 11:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-09-22 11:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2009-09-22 11:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-09-22 11:04:29 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2009-09-22 11:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2009-09-22 11:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-09-22 11:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-09-22 11:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-09-22 11:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2009-09-22 10:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-09-22 10:58:36 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-09-22 10:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-09-22 10:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-09-22 10:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-09-22 10:55:29 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-09-22 10:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-09-22 10:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-09-22 10:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2009-09-22 10:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-09-22 10:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-09-22 10:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-09-22 10:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-09-22 10:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-09-22 10:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-09-22 10:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-09-22 10:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2009-09-22 10:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-09-22 10:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-09-22 10:43:36 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-09-22 10:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-09-22 10:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-09-22 10:40:59 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-09-22 10:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-09-22 10:39:26 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-09-22 10:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-09-22 10:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-09-22 10:27:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-09-22 08:35:45 ----HDC---- C:\WINDOWS\$NtUninstallKB899587_0$
2009-09-22 08:34:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924191_0$
2009-09-22 08:33:46 ----HDC---- C:\WINDOWS\$NtUninstallKB922819_0$
2009-09-22 08:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB885835_0$
2009-09-22 08:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB885836_0$
2009-09-22 08:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB923414_0$
2009-09-22 08:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB921883_0$
2009-09-22 08:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB911927_0$
2009-09-22 08:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB922616_0$
2009-09-22 08:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB901017_0$
2009-09-22 08:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB899591_0$
2009-09-22 08:27:25 ----HDC---- C:\WINDOWS\$NtUninstallKB920685_0$
2009-09-22 08:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB896424_0$
2009-09-22 08:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB893756_0$
2009-09-22 08:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB911280_0$
2009-09-22 08:24:17 ----HDC---- C:\WINDOWS\$NtUninstallKB833407$
2009-09-22 08:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB911562_0$
2009-09-22 08:23:13 ----HDC---- C:\WINDOWS\$NtUninstallKB896423_0$
2009-09-22 08:20:55 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-22 08:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB873339_0$
2009-09-22 08:19:19 ----HDC---- C:\WINDOWS\$NtUninstallKB924496_0$
2009-09-22 08:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$
2009-09-22 08:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$
2009-09-22 08:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB896358_0$
2009-09-22 08:17:22 ----HDC---- C:\WINDOWS\$NtUninstallKB910437_0$
2009-09-22 08:16:42 ----HDC---- C:\WINDOWS\$NtUninstallKB905495$
2009-09-22 08:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-09-21 22:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB902400_0$
2009-09-21 22:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB920670_0$
2009-09-21 22:45:52 ----HDC---- C:\WINDOWS\$NtUninstallKB891781_0$
2009-09-21 22:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB890046_0$
2009-09-21 22:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB919007_0$
2009-09-21 22:44:14 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\Malwarebytes
2009-09-21 22:44:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-21 22:44:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-21 22:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB914388_0$
2009-09-21 22:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB917344_0$
2009-09-21 22:42:10 ----HDC---- C:\WINDOWS\$NtUninstallKB905414_0$
2009-09-21 22:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB917953_0$
2009-09-21 22:33:46 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP8$
2009-09-21 22:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB901214_0$
2009-09-21 22:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923191_0$
2009-09-21 22:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB917422_0$
2009-09-21 22:31:22 ----HDC---- C:\WINDOWS\$NtUninstallKB892944$
2009-09-21 22:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB888302_0$
2009-09-21 22:30:04 ----HDC---- C:\WINDOWS\$NtUninstallKB900725_0$
2009-09-21 22:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB912919_0$
2009-09-21 22:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$
2009-09-21 22:28:24 ----HDC---- C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$
2009-09-21 22:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB904706_0$
2009-09-21 22:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB908531_0$
2009-09-21 22:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB905749_0$
2009-09-21 22:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB913580_0$
2009-09-21 22:25:51 ----HDC---- C:\WINDOWS\$NtUninstallKB896428_0$
2009-09-21 22:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB835409$
2009-09-21 22:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB908519_0$
2009-09-21 22:24:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920683_0$
2009-09-21 22:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB914389_0$
2009-09-21 22:23:13 ----HDC---- C:\WINDOWS\$NtUninstallKB890859_0$
2009-09-21 22:06:05 ----A---- C:\WINDOWS\system32\esent.dll
2009-09-21 21:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2009-09-21 21:54:19 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-21 21:54:19 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-21 11:39:50 ----A---- C:\Boot.bak
2009-09-21 11:39:45 ----RASHD---- C:\cmdcons
2009-09-21 11:38:03 ----A---- C:\WINDOWS\zip.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWSC.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\SWREG.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\sed.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\PEV.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\NIRCMD.exe
2009-09-21 11:38:03 ----A---- C:\WINDOWS\grep.exe
2009-09-21 11:16:33 ----D---- C:\WINDOWS\ERDNT
2009-09-21 11:09:55 ----D---- C:\Qoobox
2009-09-21 10:51:26 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-21 10:50:15 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-09-21 10:49:46 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-09-21 10:49:45 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-09-21 10:49:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-09-21 10:49:43 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\system32\isign32.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-09-21 10:49:42 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-09-21 10:49:35 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-09-21 10:49:30 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-09-21 10:49:29 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-09-21 10:49:29 ----A---- C:\WINDOWS\system32\srclient.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-21 10:49:28 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-21 10:49:25 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-21 10:49:23 ----N---- C:\WINDOWS\system32\schedsvc.dll
2009-09-21 10:49:23 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-09-21 10:49:23 ----A---- C:\WINDOWS\system32\mstask.dll
2009-09-21 10:47:54 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-09-21 10:47:53 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-09-21 10:47:52 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-09-21 10:47:52 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-09-21 10:47:51 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\stclient.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-09-21 10:47:50 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\system32\comuid.dll
2009-09-21 10:47:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-09-21 10:47:44 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-09-21 10:47:43 ----A---- C:\WINDOWS\system32\spider.exe
2009-09-21 10:47:43 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-09-21 10:47:43 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-09-21 10:47:42 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-09-21 10:47:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-09-21 10:47:41 ----N---- C:\WINDOWS\system32\termsrv.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-09-21 10:47:41 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-09-21 10:47:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-09-21 10:47:35 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-09-21 10:41:05 ----RA---- C:\WINDOWS\SET3E.tmp
2009-09-21 10:31:47 ----D---- C:\WINDOWS\NV908920.TMP
2009-09-21 10:30:36 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-21 10:28:55 ----A---- C:\WINDOWS\imsins.BAK
2009-09-21 10:28:41 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-21 10:28:40 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-21 10:28:40 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-21 10:28:22 ----RA---- C:\WINDOWS\SET7C.tmp
2009-09-21 10:26:20 ----A---- C:\WINDOWS\setuplog.txt
2009-09-20 19:19:51 ----A---- C:\TB.txt
2009-09-20 19:18:57 ----D---- C:\ToolBar SD
2009-09-20 18:48:17 ----D---- C:\rsit
2009-09-20 18:48:17 ----D---- C:\Program Files\trend micro
2009-09-20 18:21:44 ----D---- C:\Program Files\VS Revo Group
2009-09-18 14:30:46 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\Avira
2009-09-18 14:17:53 ----D---- C:\Program Files\Avira
2009-09-18 14:17:53 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-09-17 16:28:32 ----A---- C:\WINDOWS\MegaManager.INI
2009-09-16 19:53:07 ----D---- C:\WINDOWS\l2schemas
2009-09-16 19:53:06 ----D---- C:\WINDOWS\system32\fr
2009-09-16 19:53:06 ----D---- C:\WINDOWS\system32\bits
2009-09-16 19:48:19 ----D---- C:\WINDOWS\network diagnostic
2009-09-11 11:46:46 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-06 10:21:38 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-09-06 10:21:36 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-09-06 10:21:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-09-06 10:21:35 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-09-06 10:21:31 ----N---- C:\WINDOWS\system32\setupn.exe
2009-09-06 10:21:30 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-09-06 10:21:30 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qutil.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-09-06 10:21:29 ----N---- C:\WINDOWS\system32\qagent.dll
2009-09-06 10:21:28 ----N---- C:\WINDOWS\system32\onex.dll
2009-09-06 10:21:25 ----N---- C:\WINDOWS\system32\napstat.exe
2009-09-06 10:21:25 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-09-06 10:21:25 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-09-06 10:21:24 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-09-06 10:21:24 ----N---- C:\WINDOWS\system32\mssha.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-09-06 10:21:19 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-09-06 10:21:15 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-09-06 10:21:14 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-09-06 10:21:09 ----A---- C:\WINDOWS\003300_.tmp
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-09-06 10:21:08 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-09-06 10:21:07 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-09-06 10:21:06 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-09-06 10:21:06 ----N---- C:\WINDOWS\system32\credssp.dll
2009-09-06 10:21:04 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-09-06 10:21:04 ----N---- C:\WINDOWS\system32\azroles.dll
2009-09-06 10:21:01 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-09-03 17:34:24 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-02 20:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-08-29 21:23:22 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\AVS4YOU
2009-08-29 21:23:20 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-08-29 21:22:27 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-08-29 21:22:16 ----A---- C:\WINDOWS\system32\msxml3a.dll
2009-08-29 21:22:16 ----A---- C:\WINDOWS\system32\mfc70.dll
2009-08-29 21:22:15 ----D---- C:\Program Files\AVS4YOU
2009-08-29 20:51:02 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\VistaCodecs
2009-08-29 20:50:54 ----D---- C:\Program Files\VistaCodecPack
2009-08-29 20:49:57 ----D---- C:\Documents and Settings\All Users\Application Data\VistaCodecs
2009-08-29 18:42:14 ----D---- C:\Program Files\WinAVI Video Converter
2009-08-29 18:10:41 ----D---- C:\WINDOWS\Minidump
2009-08-27 10:05:29 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-27 10:05:23 ----D---- C:\WINDOWS\system32\en-US
2009-08-27 10:05:16 ----D---- C:\Program Files\Reference Assemblies
2009-08-27 10:04:45 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-27 10:04:45 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-27 10:04:45 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-27 10:02:08 ----D---- C:\Program Files\MSXML 6.0

======List of files/folders modified in the last 1 months======

2009-09-26 13:41:44 ----D---- C:\Program Files\Mozilla Firefox
2009-09-26 12:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-26 11:35:01 ----HD---- C:\WINDOWS\inf
2009-09-26 11:34:59 ----D---- C:\WINDOWS
2009-09-26 08:59:41 ----D---- C:\WINDOWS\system32
2009-09-26 08:59:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-26 08:57:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-26 08:55:11 ----D---- C:\WINDOWS\system32\wbem
2009-09-26 08:55:10 ----D---- C:\WINDOWS\AppPatch
2009-09-25 22:38:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-25 22:38:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-25 22:38:12 ----D---- C:\Program Files\Messenger
2009-09-25 22:38:06 ----D---- C:\WINDOWS\system32\drivers
2009-09-25 22:36:17 ----D---- C:\Program Files\Outlook Express
2009-09-25 18:22:04 ----RSD---- C:\WINDOWS\Fonts
2009-09-25 18:22:02 ----RD---- C:\Program Files
2009-09-25 18:21:32 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\HPAppData
2009-09-25 17:04:26 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-25 17:04:25 ----D---- C:\WINDOWS\Help
2009-09-25 17:04:25 ----D---- C:\Program Files\Internet Explorer
2009-09-25 16:27:45 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-25 16:26:23 ----D---- C:\WINDOWS\system32\config
2009-09-25 16:26:02 ----D---- C:\WINDOWS\Media
2009-09-25 16:08:56 ----A---- C:\WINDOWS\system.ini
2009-09-25 16:07:14 ----D---- C:\Program Files\Fichiers communs
2009-09-25 15:14:15 ----D---- C:\WINDOWS\system32\Setup
2009-09-25 15:13:41 ----D---- C:\WINDOWS\security
2009-09-25 14:57:38 ----D---- C:\Program Files\Windows Media Player
2009-09-25 14:57:28 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-25 14:57:28 ----D---- C:\WINDOWS\ime
2009-09-25 14:57:19 ----D---- C:\WINDOWS\peernet
2009-09-25 14:57:18 ----D---- C:\Program Files\Movie Maker
2009-09-25 14:54:08 ----D---- C:\WINDOWS\system32\Restore
2009-09-25 14:54:07 ----D---- C:\WINDOWS\system32\npp
2009-09-25 14:54:06 ----D---- C:\WINDOWS\msagent
2009-09-25 14:54:05 ----D---- C:\WINDOWS\srchasst
2009-09-25 14:54:04 ----D---- C:\Program Files\NetMeeting
2009-09-25 14:54:03 ----D---- C:\WINDOWS\system32\Com
2009-09-25 14:54:01 ----D---- C:\Program Files\Windows NT
2009-09-25 14:53:57 ----D---- C:\Program Files\Fichiers communs\System
2009-09-25 14:53:38 ----D---- C:\WINDOWS\system32\usmt
2009-09-25 14:53:38 ----D---- C:\WINDOWS\system32\oobe
2009-09-25 14:53:36 ----D---- C:\WINDOWS\system
2009-09-25 14:50:20 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-25 14:46:02 ----D---- C:\WINDOWS\EHome
2009-09-22 11:20:21 ----D---- C:\WINDOWS\Debug
2009-09-22 10:36:15 ----RASH---- C:\boot.ini
2009-09-22 10:31:47 ----RD---- C:\WINDOWS\Web
2009-09-22 10:31:36 ----RASH---- C:\NTDETECT.COM
2009-09-21 22:32:44 ----D---- C:\WINDOWS\WinSxS
2009-09-21 21:55:50 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-09-21 21:52:20 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-21 12:21:55 ----D---- C:\WINDOWS\system32\1036
2009-09-21 12:21:48 ----D---- C:\WINDOWS\twain_32
2009-09-21 12:21:31 ----D---- C:\WINDOWS\system32\icsxml
2009-09-21 12:20:54 ----D---- C:\WINDOWS\system32\ias
2009-09-21 12:20:44 ----D---- C:\WINDOWS\system32\1033
2009-09-21 12:19:28 ----D---- C:\WINDOWS\Driver Cache
2009-09-21 11:45:21 ----SHD---- C:\WINDOWS\Installer
2009-09-21 11:08:38 ----D---- C:\Config.Msi
2009-09-21 11:05:52 ----HD---- C:\Program Files\WindowsUpdate
2009-09-21 11:01:52 ----D---- C:\WINDOWS\Registration
2009-09-21 10:58:53 ----SHD---- C:\System Volume Information
2009-09-21 10:56:42 ----D---- C:\WINDOWS\nview
2009-09-21 10:51:18 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-21 10:50:09 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-09-21 10:49:58 ----A---- C:\WINDOWS\win.ini
2009-09-21 10:41:08 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-20 18:15:14 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-18 14:14:20 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-17 20:35:36 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-17 20:15:37 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\FrostWire
2009-09-17 19:11:27 ----D---- C:\Program Files\eMule
2009-09-11 11:47:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-08-31 19:06:07 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-30 18:52:34 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\dvdcss
2009-08-29 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-08-29 20:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-08-29 20:58:47 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-08-27 12:03:13 ----RSD---- C:\WINDOWS\assembly
2009-08-27 11:19:36 ----D---- C:\Documents and Settings\BEA ET PATRICK\Application Data\vlc
2009-08-27 10:05:25 ----D---- C:\Program Files\MSBuild
2009-08-27 10:05:00 ----D---- C:\WINDOWS\system32\spool
2009-08-27 10:03:15 ----D---- C:\WINDOWS\system32\mui

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-10-29 28560]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-18 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-26 55656]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINDOWS\System32\DRIVERS\EL2K_XP.sys [2003-07-17 147328]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-24 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-10-29 88400]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
S3 catchme;catchme; \??\C:\DOCUME~1\BEAETP~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-11-01 21568]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-09-18 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-18 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-18 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-09-18 434945]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-10-29 790580]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-01-30 603904]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-02-15 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-30 360192]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Documents and Settings\BEA ET PATRICK\Bureau\ComboFix.exe: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\BEA ET PATRICK\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!

C'est le resultat apres une deuxieme suppession car j"ai oublie de faire un copier coller au premeir rapport
il m'indiquait tous les autres fixes supprimes.

Excuses moi pour ce premier rapport

NETTOYAGE COMPLET - (3.662 secs)
------------------------------------------------------------­------------------------------
0 bytes supprimés.
------------------------------------------------------------­------------------------------

HouseCall - Scan et nettoyage terminés

HouseCall a détecté et supprimé des menaces potentielles de votre ordinateur. Veillez à exécuter HouseCall une fois par semaine pour protéger votre PC contre les virus et programmes malveillants.

Je l'ai passé 2 fois car il avait trouvé quelque chose.
A+

Encore mille fois merci et bonne continuation