Votre question

[Résolu] Rapport hijackthis help...(é_è)

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Septembre 2009 12:48:20

Bonjour à tous,

je vous demande à nouveau votre aide. Avant hier je vous montrait mon scan hijackthis pour mon pc de travail, aujourd'hui je voulais vous demander votre avis sur mon autre pc.

Je vous remercie d'avance.

Seï








Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:59, on 19/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\ASUS\Drive Xpert\SteelVine.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS.0\RTHDCPL.EXE
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\documents and settings\administrator\local settings\application data\cgkuw.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS.0\system32\FsUsbExService.Exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS.0\system32\PSIService.exe
C:\WINDOWS.0\system32\Wacom_Tablet.exe
C:\WINDOWS.0\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS.0\system32\Wacom_Tablet.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS.0\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroDist.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Administrator\My Documents\Téléchargements\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program Files\ASUS\AI Direct Link\AsShare.exe"
O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program Files\ASUS\AI Direct Link\AsCmd.exe" -reg
O4 - HKLM\..\Run: [Drive Xpert] C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [segmmik] "c:\documents and settings\administrator\local settings\application data\segmmik.exe" segmmik
O4 - HKCU\..\Run: [wieuq] "c:\documents and settings\administrator\local settings\application data\wieuq.exe" wieuq
O4 - HKCU\..\Run: [cgkuw] "c:\documents and settings\administrator\local settings\application data\cgkuw.exe" cgkuw
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (User '?')
O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [segmmik] "c:\documents and settings\administrator\local settings\application data\segmmik.exe" segmmik (User '?')
O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [wieuq] "c:\documents and settings\administrator\local settings\application data\wieuq.exe" wieuq (User '?')
O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [cgkuw] "c:\documents and settings\administrator\local settings\application data\cgkuw.exe" cgkuw (User '?')
O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
O17 - HKLM\System\CS3\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
O20 - AppInit_DLLs: C:\WINDOWS.0\system32\cssdll32.dll
O23 - Service: 57xx SteelVine (57xx SteelVine Manager) - Unknown owner - C:\Program Files\ASUS\Drive Xpert\SteelVine.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.0\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.0\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS.0\system32\FsUsbExService.Exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS.0\system32\Wacom_Tablet.exe

--
End of file - 10961 bytes

Autres pages sur : resolu rapport hijackthis help

a c 327 8 Sécurité
a b 9 Windows
19 Septembre 2009 15:00:38

Bonjour,

Ce PC est infecté.

  • Désinstalle Favorit.

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Puis double-clique sur Navilog1 présent sur le Bureau.
    (Sous Vista, clique droit sur le raccourci de Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    19 Septembre 2009 18:47:50

    Bonjour Destrio5 et merci pour ta réponse rapide.

    J'ai désinstallé Favorit.

    je n'ai pas réussis à aller sur la page ou se trouve Navilog1.exe, impossible de m'y connecter, impossible de récupérer le .exe en faisant "enregistrer la cible du liens sous..."

    J'ai aussi fait une petite recherche sur google, tous les liens sont identiques à celui que tu m'as donné, aucuns ne marche.

    Y a t'il un autre moyen de récupérer Navilog1.exe?

    MErci d'avance.
    Contenus similaires
    19 Septembre 2009 19:06:08

    Merci pour le liens, et je suis désolé d'etre si insistant mais voilà le message d'erreur qui apparait:

    c:\Documents and Settings\Administrator\My Documents\Téléchargements\Navilog1.exe ne pourra être enregistré car le fichier source ne peut être lu.

    Est ce l'oeuvre d'un virus?

    a c 327 8 Sécurité
    a b 9 Windows
    19 Septembre 2009 19:19:37

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    19 Septembre 2009 19:29:52

    Merci pour ta patience,

    voici le résultat:

    log.txt:


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrator at 2009-09-19 19:26:42
    WIN_XP Service Pack 3
    System drive C: has 8 GB (8%) free of 100 GB
    Total RAM: 3327 MB (78% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:26:48, on 19/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS.0\System32\smss.exe
    C:\WINDOWS.0\system32\winlogon.exe
    C:\WINDOWS.0\system32\services.exe
    C:\WINDOWS.0\system32\lsass.exe
    C:\WINDOWS.0\system32\Ati2evxx.exe
    C:\WINDOWS.0\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS.0\system32\svchost.exe
    C:\WINDOWS.0\system32\Ati2evxx.exe
    C:\WINDOWS.0\system32\spoolsv.exe
    C:\WINDOWS.0\Explorer.EXE
    C:\Program Files\ASUS\Drive Xpert\SteelVine.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files\ASUS\AI Direct Link\AsShare.exe
    C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\COMODO\SafeSurf\cssurf.exe
    C:\Program Files\McAfee\Common Framework\UdaterUI.exe
    C:\WINDOWS.0\RTHDCPL.EXE
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS.0\system32\FsUsbExService.Exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS.0\system32\PSIService.exe
    C:\WINDOWS.0\system32\Wacom_Tablet.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS.0\system32\WTablet\Wacom_TabletUser.exe
    C:\WINDOWS.0\system32\Wacom_Tablet.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\WINDOWS.0\regedit.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Documents and Settings\Administrator\Desktop\RSIT.exe
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\Administrator.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program Files\ASUS\AI Direct Link\AsShare.exe"
    O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program Files\ASUS\AI Direct Link\AsCmd.exe" -reg
    O4 - HKLM\..\Run: [Drive Xpert] C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [segmmik] "c:\documents and settings\administrator\local settings\application data\segmmik.exe" segmmik
    O4 - HKCU\..\Run: [wieuq] "c:\documents and settings\administrator\local settings\application data\wieuq.exe" wieuq
    O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (User '?')
    O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [segmmik] "c:\documents and settings\administrator\local settings\application data\segmmik.exe" segmmik (User '?')
    O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [wieuq] "c:\documents and settings\administrator\local settings\application data\wieuq.exe" wieuq (User '?')
    O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
    O17 - HKLM\System\CS3\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
    O20 - AppInit_DLLs: C:\WINDOWS.0\system32\cssdll32.dll
    O23 - Service: 57xx SteelVine (57xx SteelVine Manager) - Unknown owner - C:\Program Files\ASUS\Drive Xpert\SteelVine.exe
    O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.0\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.0\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS.0\system32\FsUsbExService.Exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS.0\system32\Wacom_Tablet.exe

    --
    End of file - 10576 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
    ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll [2006-11-30 67136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
    Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-31 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-31 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
    {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]
    {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-21 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "Launch Direct Link"=C:\Program Files\ASUS\AI Direct Link\AsShare.exe [2007-11-16 1209856]
    "Launch As Cmd Runner"=C:\Program Files\ASUS\AI Direct Link\AsCmd.exe [2007-04-11 376832]
    "Drive Xpert"=C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe [2008-05-30 10235904]
    "Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-11 624248]
    ""= []
    "Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-31 148888]
    "COMODO SafeSurf"=C:\Program Files\COMODO\SafeSurf\cssurf.exe [2009-06-13 278264]
    "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-06-13 1794320]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2006-11-30 112216]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768]
    "RTHDCPL"=C:\WINDOWS.0\RTHDCPL.EXE [2008-07-03 16876032]
    "Alcmtr"=C:\WINDOWS.0\ALCMTR.EXE [2008-06-19 57344]
    "Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
    "NPSStartup"= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
    "segmmik"=c:\documents and settings\administrator\local settings\application data\segmmik.exe segmmik []
    "wieuq"=c:\documents and settings\administrator\local settings\application data\wieuq.exe wieuq []
    "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-16 102400]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Steam\Steam.exe [2009-06-11 1217784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
    C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-04-16 384000]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
    C:\PROGRA~1\WinZip\WZQKPICK.EXE [2008-02-12 394856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Apple Mobile Device"=2

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=" C:\WINDOWS.0\system32\cssdll32.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS.0\system32\Ati2evxx.dll [2009-02-04 155648]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "DisableCAD"=1
    "DisableStatusMessages"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMHelp"=1
    "ForceClassicControlPanel"=1
    "NoResolveTrack"=1
    "NoResolveSearch"=1
    "NoSMMyPictures"=1
    "NoSMConfigurePrograms"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    ======File associations======

    .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

    ======List of files/folders created in the last 1 months======

    2009-09-19 19:26:42 ----D---- C:\rsit
    2009-09-19 02:36:21 ----D---- C:\Program Files\CAPCOM
    2009-09-18 16:04:58 ----A---- C:\WINDOWS.0\wininit.ini
    2009-09-18 15:47:40 ----D---- C:\WINDOWS.0\system32\AGEIA
    2009-09-18 15:47:40 ----D---- C:\Program Files\AGEIA Technologies
    2009-09-18 01:42:13 ----SHD---- C:\Config.Msi
    2009-09-17 15:13:57 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\PC Suite
    2009-09-17 15:13:57 ----D---- C:\Documents and Settings\Administrator\Application Data\PC Suite
    2009-09-17 15:09:51 ----A---- C:\WINDOWS.0\system32\DIFxAPI.dll
    2009-09-17 15:09:48 ----A---- C:\WINDOWS.0\system32\nmwcdcls.dll
    2009-09-17 15:07:59 ----D---- C:\WINDOWS.0\system32\Samsung_USB_Drivers
    2009-09-17 15:07:58 ----D---- C:\Program Files\DIFX
    2009-09-17 15:07:44 ----A---- C:\WINDOWS.0\system32\FsUsbExService.Exe
    2009-09-17 15:07:44 ----A---- C:\WINDOWS.0\system32\FsUsbExDevice.Dll
    2009-09-17 15:06:10 ----D---- C:\Documents and Settings\Administrator\Application Data\Samsung
    2009-09-17 15:05:59 ----D---- C:\Program Files\MarkAny
    2009-09-17 15:05:57 ----D---- C:\Program Files\PC Connectivity Solution
    2009-09-17 15:05:36 ----D---- C:\Program Files\Samsung
    2009-09-01 23:42:36 ----D---- C:\Program Files\Dekart
    2009-08-25 21:22:07 ----D---- C:\Program Files\TuneUpMedia
    2009-08-25 21:22:00 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TuneUpMedia
    2009-08-25 21:22:00 ----D---- C:\Documents and Settings\Administrator\Application Data\TuneUpMedia
    2009-08-22 14:52:58 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Azureus
    2009-08-22 14:52:56 ----D---- C:\Documents and Settings\Administrator\Application Data\Azureus
    2009-08-22 14:52:07 ----D---- C:\Program Files\Vuze
    2009-08-22 14:51:55 ----D---- C:\Program Files\AskBarDis
    2009-08-22 02:03:37 ----D---- C:\WINDOWS.0\45235788142C44BE8A4DDDE9A84492E5.TMP

    ======List of files/folders modified in the last 1 months======

    2009-09-19 19:24:56 ----D---- C:\QUARANTINE
    2009-09-19 19:20:11 ----D---- C:\WINDOWS.0\Temp
    2009-09-19 19:14:22 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-19 18:23:04 ----D---- C:\WINDOWS.0\system32
    2009-09-19 18:22:55 ----D---- C:\Documents and Settings\Administrator\Application Data\WTablet
    2009-09-19 18:22:36 ----D---- C:\WINDOWS.0\system32\CatRoot2
    2009-09-19 14:28:28 ----A---- C:\WINDOWS.0\SchedLgU.Txt
    2009-09-19 12:38:18 ----SH---- C:\boot.ini
    2009-09-19 12:38:18 ----A---- C:\WINDOWS.0\win.ini
    2009-09-19 12:38:18 ----A---- C:\WINDOWS.0\system.ini
    2009-09-19 12:38:13 ----D---- C:\WINDOWS.0\pss
    2009-09-19 12:19:20 ----D---- C:\Program Files\Steam
    2009-09-19 11:11:43 ----D---- C:\WINDOWS.0
    2009-09-19 02:46:37 ----SHD---- C:\WINDOWS.0\Installer
    2009-09-19 02:38:47 ----D---- C:\WINDOWS.0\inf
    2009-09-19 02:37:35 ----RSD---- C:\WINDOWS.0\assembly
    2009-09-19 02:36:25 ----D---- C:\WINDOWS.0\system32\DirectX
    2009-09-19 02:36:21 ----RD---- C:\Program Files
    2009-09-18 11:30:42 ----D---- C:\Program Files\Electronic Arts
    2009-09-18 01:20:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-09-18 00:19:30 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-09-18 00:16:21 ----D---- C:\Program Files\EA GAMES
    2009-09-17 16:03:47 ----D---- C:\WINDOWS.0\system32\drivers
    2009-09-17 15:09:49 ----DC---- C:\WINDOWS.0\system32\DRVSTORE
    2009-09-17 15:06:03 ----D---- C:\WINDOWS.0\WinSxS
    2009-09-17 09:51:27 ----D---- C:\WINDOWS.0\system32\config
    2009-09-01 15:58:06 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
    2009-08-25 21:22:21 ----D---- C:\Program Files\iTunes
    2009-08-25 21:17:47 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
    2009-08-23 22:30:33 ----D---- C:\Program Files\adslTV
    2009-08-23 17:54:44 ----D---- C:\Documents and Settings\Administrator\Application Data\dvdcss
    2009-08-21 22:44:59 ----A---- C:\WINDOWS.0\MegaManager.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\WINDOWS.0\system32\drivers\AsIO.sys [2007-12-17 12400]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS.0\System32\DRIVERS\cmdguard.sys [2009-06-13 132640]
    R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS.0\System32\DRIVERS\cmdhlp.sys [2009-06-13 24096]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS.0\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
    R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
    R1 mfetdik;McAfee Inc.; C:\WINDOWS.0\system32\drivers\mfetdik.sys [2006-11-30 52136]
    R2 hardlock;hardlock; \??\C:\WINDOWS.0\system32\drivers\hardlock.sys []
    R2 Haspnt;Haspnt; \??\C:\WINDOWS.0\system32\drivers\Haspnt.sys []
    R2 Sentinel;Sentinel; C:\WINDOWS.0\System32\Drivers\SENTINEL.SYS [2001-06-21 73728]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS.0\system32\DRIVERS\arp1394.sys [2009-04-22 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS.0\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS.0\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
    R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS.0\system32\FsUsbExDisk.SYS []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS.0\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.0\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
    R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.0\system32\drivers\RtkHDAud.sys [2008-07-03 4745216]
    R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS.0\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
    R3 mfeapfk;McAfee Inc.; C:\WINDOWS.0\system32\drivers\mfeapfk.sys [2006-11-30 64360]
    R3 mfeavfk;McAfee Inc.; C:\WINDOWS.0\system32\drivers\mfeavfk.sys [2006-11-30 72264]
    R3 mfebopk;McAfee Inc.; C:\WINDOWS.0\system32\drivers\mfebopk.sys [2006-11-30 34152]
    R3 mfehidk;McAfee Inc.; C:\WINDOWS.0\system32\drivers\mfehidk.sys [2006-11-30 168776]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS.0\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS.0\system32\DRIVERS\nic1394.sys [2009-04-22 61824]
    R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS.0\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
    R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
    R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS.0\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
    R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS.0\system32\DRIVERS\wacomvhid.sys [2008-07-11 13352]
    R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS.0\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
    S2 DS1410D;DS1410D; \??\C:\WINDOWS.0\system32\drivers\ds1410d.sys []
    S3 az4a6t33;az4a6t33; C:\WINDOWS.0\system32\drivers\az4a6t33.sys []
    S3 cpuz130;cpuz130; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
    S3 ENTECH;ENTECH; \??\C:\WINDOWS.0\system32\DRIVERS\ENTECH.sys []
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS.0\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
    S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS.0\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS.0\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS.0\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS.0\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS.0\System32\Drivers\usbaapl.sys [2009-06-05 39424]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
    S3 wacmoumonitor;Wacom Mode Helper; C:\WINDOWS.0\system32\DRIVERS\wacmoumonitor.sys [2008-10-06 15656]
    S4 IntelIde;IntelIde; C:\WINDOWS.0\system32\drivers\IntelIde.sys []
    S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2001-08-23 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 57xx SteelVine Manager;57xx SteelVine; C:\Program Files\ASUS\Drive Xpert\SteelVine.exe [2008-05-29 1286144]
    R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS.0\system32\Ati2evxx.exe [2009-02-04 602112]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2009-06-13 692496]
    R2 FsUsbExService;FsUsbExService; C:\WINDOWS.0\system32\FsUsbExService.Exe [2009-04-07 233472]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-31 152984]
    R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000]
    R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2006-11-30 144960]
    R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2006-11-30 54872]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS.0\system32\PSIService.exe [2007-06-05 177704]
    R2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS.0\system32\Wacom_Tablet.exe [2009-03-26 2789672]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS.0\system32\wdfmgr.exe [2005-01-28 38912]
    R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-11 654848]
    S2 ATI Smart;ATI Smart; C:\WINDOWS.0\system32\ati2sgag.exe [2009-07-14 593920]
    S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
    S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    S4 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2009-04-02 464264]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------


    voici l'autre fichier txt: info.txt:


    info.txt logfile of random's system information tool 1.06 2009-09-19 19:26:51

    ======Uninstall list======

    -->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
    Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
    Adobe After Effects CS3 Third Party Content-->C:\Program Files\Common Files\Adobe\Installers\3675c95c239b992d5d0ee8fce969b9e\Setup.exe
    Adobe After Effects CS3 Third Party Content-->MsiExec.exe /I{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}
    Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
    Adobe Contribute CS3-->MsiExec.exe /I{F84ADE4E-9220-4324-994D-801EDD9DD251}
    Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{5D2398DF-3022-4820-93BA-F1175FBEA9CA}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}
    Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
    Adobe Encore CS3-->MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
    Adobe Fireworks CS3-->MsiExec.exe /I{21C4D775-368A-46C4-8DC3-4207165B7115}
    Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS.0\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS.0\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
    Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}
    Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
    Adobe InDesign CS3-->MsiExec.exe /I{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3-->MsiExec.exe /I{C1FA4B3B-1625-4922-9C9D-780E8FCE161A}
    Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
    Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
    Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
    Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
    Adobe Setup-->MsiExec.exe /I{004685F7-9FB6-4789-812F-59ABB34A55AF}
    Adobe Setup-->MsiExec.exe /I{1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}
    Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
    Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
    Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
    Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
    Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
    Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
    adsl TV-->C:\Program Files\adslTV\Uninstal.exe
    Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
    AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
    AI Direct Link-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C312984C-E386-4C2D-B33E-7B54355FB16E}\Setup.exe" -l0x9
    AI Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x9
    Ajouter ou supprimer Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b5d5789539ea1f004a4defceea74312\Setup.exe
    Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ASUSUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
    Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x0009 -removeonly
    Atheros Ethernet Utility-->"C:\Program Files\InstallShield Installation Information\{FB686487-C637-4EEF-BCB1-C92463F2CC05}\setup.exe" -runfromtemp -l0x0009 -removeonly
    ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
    ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c32
    ATI Display Driver-->rundll32 C:\WINDOWS.0\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
    ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
    ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
    Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
    Autodesk DirectConnect 2.0-->MsiExec.exe /I{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}
    Battlefield 2(TM) Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}\setup.exe" -l0x9 -removeonly
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    BSPlayer-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
    Camtasia Studio 6-->MsiExec.exe /I{4761EB82-E8BD-45A4-B19B-586FA9D1D7E6}
    Canon iP4200-->C:\WINDOWS.0\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Documents and Settings\All Users.WINDOWS.0\Application Data\CanonBJ\IJPrinter\CNMWINDOWS.0\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll"
    Catalyst Control Center - Branding-->MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}
    COMODO Internet Security-->C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u
    COMODO SafeSurf-->C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
    Dekart SIM Manager 2.4-->RunDll32 advpack.dll,LaunchINFSection C:\PROGRA~1\Dekart\SIMMAN~1\meditor.inf, DefaultUninstall
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Drive Xpert-->MsiExec.exe /I{BDD11F42-6F08-4BB6-B4CA-3258BB58CDD5}
    EPU-6 Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x40c
    Express Gate-->MsiExec.exe /I{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}
    Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
    GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    GetDataBack for NTFS-->C:\WINDOWS.0\uninst.exe -f"C:\Program Files\Runtime Software\GetDataBack for NTFS\DeIsL1.isu" -c"C:\Program Files\Runtime Software\GetDataBack for NTFS\_ISREG32.DLL"
    GLOBEtrotter FLEXid Drivers-->C:\WINDOWS.0\IsUninst.exe -f"C:\Program Files\GLOBEtrotter Software Inc.\GLOBEtrotter FLEXid Drivers\Uninst.isu"
    GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
    GRID-->"C:\Program Files\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x040c -removeonly
    HashCheck Shell Extension (x86-32)-->regsvr32.exe /u /i /n "C:\WINDOWS.0\system32\ShellExt\HashCheck.dll"
    HijackThis 2.0.2-->"C:\Documents and Settings\Administrator\My Documents\Téléchargements\HijackThis.exe" /uninstall
    iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly
    marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe
    Maya 2008 Documentation (en_US)-->MsiExec.exe /I{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}
    Maya 2008-->MsiExec.exe /I{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}
    McAfee VirusScan Enterprise-->MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65}
    Microsoft .NET Framework 2.0-->C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft .NET Framework 3.0-->C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
    Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}
    Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
    Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
    Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
    Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
    Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
    Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
    Open Command Prompt Shell Extension (x86-32)-->regsvr32.exe /u /i /n "C:\WINDOWS.0\system32\ShellExt\CmdOpen.dll"
    OpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /U
    OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
    PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
    PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x9
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    PunkBuster Services-->C:\WINDOWS.0\system32\pbsvc.exe -u
    Quick Menu Builder 1.2-->"C:\Program Files\Mattgo27 Apps\Quick Menu Builder\uninstall.exe"
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
    Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
    RESIDENT EVIL 5-->MsiExec.exe /X{AC08BBA0-96B9-431A-A7D0-D8598E493775}
    SAMSUNG Mobile Composite Device Software-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
    Samsung Mobile Modem Device Software-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
    SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung New PC Studio USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{AF7E85DC-317C-47F5-810E-B82EE093A612}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung New PC Studio USB Driver Installer-->MsiExec.exe /I{AF7E85DC-317C-47F5-810E-B82EE093A612}
    Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
    SAMSUNG SYMBIAN USB Download Driver-->C:\Program Files\SAMSUNG\SYMBIAN USB Download Driver\Uninstall.exe
    SAMSUNG USB Mobile Device Software-->C:\WINDOWS.0\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
    SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
    Sentinel System Driver-->C:\WINDOWS.0\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    Tinderbox1 2.1v1 for AE 7.0-->"C:\Program Files\Adobe\Adobe After Effects 7.0\Support Files\Plug-ins\Tinderbox1-2.1\unins000.exe"
    Tinderbox2 2.1v1 for AE 7.0-->"C:\Program Files\Adobe\Adobe After Effects 7.0\Support Files\Plug-ins\Tinderbox2-2.1\unins000.exe"
    Tinderbox3 2.1v1 for AE 7.0-->"C:\Program Files\Adobe\Adobe After Effects 7.0\Support Files\Plug-ins\Tinderbox3-2.1\unins000.exe"
    Tinderbox4 2.1v1 for AE 7.0-->"C:\Program Files\Adobe\Adobe After Effects 7.0\Support Files\Plug-ins\Tinderbox4-2.1\unins000.exe"
    TuneUp Companion 1.5.5-->C:\Program Files\TuneUpMedia\Uninstall.exe
    Ulead Burn.Now 4.5 SE-->C:\Program Files\InstallShield Installation Information\{A3BE3F1E-2472-4211-8735-E8239BE49D9F}\setup.exe -runfromtemp -l0x0409
    Update for Windows XP (KB955839)-->"C:\WINDOWS.0\$NtUninstallKB955839$\spuninst\spuninst.exe"
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VLC media player 0.9.9-->C:\Program Files\adslTV\uninstall.exe
    Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Wacom Tablet-->C:\Program Files\Tablet\Wacom\Remove.exe /u
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
    Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS.0\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
    Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS.0\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
    Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS.0\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
    Windows Imaging Component-->"C:\WINDOWS.0\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

    =====HijackThis Backups=====

    O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe [2009-09-19]

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    Securitycenter WMI appears to be broken

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\Program Files\PC Connectivity Solution\;C:\Program Files\Autodesk\Maya2008\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
    "PROCESSOR_REVISION"=0f0b
    "NUMBER_OF_PROCESSORS"=4
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "VSEDEFLOGDIR"=C:\Documents and Settings\All Users.WINDOWS.0\Application Data\McAfee\DesktopProtection
    "DEFLOGDIR"=C:\Documents and Settings\All Users.WINDOWS.0\Application Data\McAfee\DesktopProtection

    -----------------EOF-----------------



    merci beaucoup pour ton aide! :) 
    a c 327 8 Sécurité
    a b 9 Windows
    19 Septembre 2009 19:40:54

  • Désinstalle Vuze Toolbar.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    19 Septembre 2009 19:54:35

    Voici le rapport d'analyse de MBAM:

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2825
    Windows 5.1.2600 Service Pack 3

    19/09/2009 19:53:55
    mbam-log-2009-09-19 (19-53-55).txt

    Type de recherche: Examen rapide
    Eléments examinés: 118081
    Temps écoulé: 5 minute(s), 45 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\segmmik (Trojan.Agent.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wieuq (Trojan.Agent.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS.0\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\syceo_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\aqioqys_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\gkiyk_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\syceo_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Administrator\Local Settings\Application Data\yckiiom_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.

    merci pour ton aide.
    a c 327 8 Sécurité
    a b 9 Windows
    19 Septembre 2009 19:57:52

  • Relance MBAM, va dans Quarantaine et supprime tout.

    Toujours le même problème avec Navilog1 ?
    19 Septembre 2009 20:11:04

    Ok j'ai supprimé les malwares dans Quarantaine.
    J'ai essayé de télécharger Navilog1 à nouveau, voici le message d'erreur.

    G:\Navilog1.exe n'a pu être enregistré car vous ne pouvez changer le contenu de ce répertoire.

    Changez les propriétés du répertoire et essayez à nouveau, ou essayez d'enregistrer ailleurs.


    j'ai tenté de l'enregistrer sur d'autres disques, j'ai toujours ce message d'erreur.

    a c 327 8 Sécurité
    a b 9 Windows
    19 Septembre 2009 20:11:46

    C'est peut-être ton antivirus qui supprime Navilog1.
    19 Septembre 2009 20:31:53

    ok scan Navilog1 en cours depuis 6mn...
    19 Septembre 2009 20:38:44

    Cela ne donne rien, du coup j'ai relancé Navilog1, un message d'erreur apparait avant que le scan se mette en route:
    "windows Scipt Host access is disabled on this machine. Contact your administrator for details." ???

    19 Septembre 2009 21:26:41

    Voici le scan Navilog1 terminé. Merci pour ton aide et ta patience Destrio5.

    Fix Navipromo version 4.0.2 commencé le 19/09/2009 20:42:43,98

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    c:\docume~1\admini~1\locals~1\applic~1\aqioqys.exe supprimé !
    c:\docume~1\admini~1\locals~1\applic~1\aqioqys.dat supprimé !
    c:\docume~1\admini~1\locals~1\applic~1\gkiyk.exe supprimé !
    c:\docume~1\admini~1\locals~1\applic~1\gkiyk.dat supprimé !
    c:\docume~1\admini~1\locals~1\applic~1\yckiiom.exe supprimé !
    c:\docume~1\admini~1\locals~1\applic~1\yckiiom.dat supprimé !


    Nettoyage contenu C:\WINDOWS.0\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Administrator\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok





    *** Scan terminé 19/09/2009 21:21:47,40 ***

    Merci.

    Seï
    a c 327 8 Sécurité
    a b 9 Windows
    20 Septembre 2009 02:38:51

  • Refais un scan RSIT et poste le rapport log.
    20 Septembre 2009 18:35:52

    Désolée d'avoir tardé, voici le rapport.

    Merci Destrio5

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrator at 2009-09-20 12:01:53
    WIN_XP Service Pack 3
    System drive C: has 14 GB (14%) free of 100 GB
    Total RAM: 3327 MB (81% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 02:22:00, on 20/09/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS.0\System32\smss.exe
    C:\WINDOWS.0\system32\winlogon.exe
    C:\WINDOWS.0\system32\services.exe
    C:\WINDOWS.0\system32\lsass.exe
    C:\WINDOWS.0\system32\Ati2evxx.exe
    C:\WINDOWS.0\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS.0\system32\svchost.exe
    C:\WINDOWS.0\system32\Ati2evxx.exe
    C:\WINDOWS.0\system32\spoolsv.exe
    C:\WINDOWS.0\Explorer.EXE
    C:\Program Files\ASUS\Drive Xpert\SteelVine.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\Program Files\ASUS\AI Direct Link\AsShare.exe
    C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\COMODO\SafeSurf\cssurf.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\WINDOWS.0\RTHDCPL.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ASUS\Six Engine\SixEngine.exe
    C:\WINDOWS.0\system32\FsUsbExService.Exe
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS.0\system32\PSIService.exe
    C:\WINDOWS.0\system32\Wacom_Tablet.exe
    C:\WINDOWS.0\system32\Wacom_Tablet.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS.0\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe"
    O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
    O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program Files\ASUS\AI Direct Link\AsShare.exe"
    O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program Files\ASUS\AI Direct Link\AsCmd.exe" -reg
    O4 - HKLM\..\Run: [Drive Xpert] C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (User '?')
    O4 - HKUS\S-1-5-21-854245398-1580818891-1417001333-500\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
    O17 - HKLM\System\CS2\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
    O17 - HKLM\System\CS3\Services\Tcpip\..\{2AD6FA8C-2F9B-4985-AEDA-D9A380B0EA7C}: NameServer = 212.216.212.112,212.216.172.62
    O20 - AppInit_DLLs: C:\WINDOWS.0\system32\cssdll32.dll
    O23 - Service: 57xx SteelVine (57xx SteelVine Manager) - Unknown owner - C:\Program Files\ASUS\Drive Xpert\SteelVine.exe
    O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.0\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.0\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS.0\system32\FsUsbExService.Exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS.0\system32\PSIService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS.0\system32\Wacom_Tablet.exe

    --
    End of file - 8680 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS.0\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
    ContributeBHO Class - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
    Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-31 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-31 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]
    {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]
    {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304]
    "Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2008-05-21 1423360]
    "QFan Help"=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
    "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
    "Launch Direct Link"=C:\Program Files\ASUS\AI Direct Link\AsShare.exe [2007-11-16 1209856]
    "Launch As Cmd Runner"=C:\Program Files\ASUS\AI Direct Link\AsCmd.exe [2007-04-11 376832]
    "Drive Xpert"=C:\Program Files\ASUS\Drive Xpert\DriveXpert.exe [2008-05-30 10235904]
    "Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-11 624248]
    ""= []
    "Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-31 148888]
    "COMODO SafeSurf"=C:\Program Files\COMODO\SafeSurf\cssurf.exe [2009-06-13 278264]
    "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-06-13 1794320]
    "RTHDCPL"=C:\WINDOWS.0\RTHDCPL.EXE [2008-07-03 16876032]
    "Alcmtr"=C:\WINDOWS.0\ALCMTR.EXE [2008-06-19 57344]
    "Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-06-03 5964800]
    "NPSStartup"= []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
    "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-16 102400]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Steam\Steam.exe [2009-06-11 1217784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
    C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-04-16 384000]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.0^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
    C:\PROGRA~1\WinZip\WZQKPICK.EXE [2008-02-12 394856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Apple Mobile Device"=2

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=" C:\WINDOWS.0\system32\cssdll32.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS.0\system32\Ati2evxx.dll [2009-02-04 155648]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "DisableCAD"=1
    "DisableStatusMessages"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoResolveTrack"=1
    "NoResolveSearch"=1
    "NoSMMyPictures"=1
    "NoSMConfigurePrograms"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    ======File associations======

    .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

    ======List of files/folders created in the last 1 months======

    2009-09-19 20:24:10 ----A---- C:\cleannavi.txt
    2009-09-19 20:22:26 ----D---- C:\Program Files\Navilog1
    2009-09-19 19:46:48 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    2009-09-19 19:45:56 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Malwarebytes
    2009-09-19 19:45:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-09-19 19:26:42 ----D---- C:\rsit
    2009-09-19 02:36:21 ----D---- C:\Program Files\CAPCOM
    2009-09-18 16:04:58 ----A---- C:\WINDOWS.0\wininit.ini
    2009-09-18 15:47:40 ----D---- C:\WINDOWS.0\system32\AGEIA
    2009-09-18 15:47:40 ----D---- C:\Program Files\AGEIA Technologies
    2009-09-18 01:42:13 ----SHD---- C:\Config.Msi
    2009-09-17 15:13:57 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\PC Suite
    2009-09-17 15:13:57 ----D---- C:\Documents and Settings\Administrator\Application Data\PC Suite
    2009-09-17 15:09:51 ----A---- C:\WINDOWS.0\system32\DIFxAPI.dll
    2009-09-17 15:09:48 ----A---- C:\WINDOWS.0\system32\nmwcdcls.dll
    2009-09-17 15:07:59 ----D---- C:\WINDOWS.0\system32\Samsung_USB_Drivers
    2009-09-17 15:07:58 ----D---- C:\Program Files\DIFX
    2009-09-17 15:07:44 ----A---- C:\WINDOWS.0\system32\FsUsbExService.Exe
    2009-09-17 15:07:44 ----A---- C:\WINDOWS.0\system32\FsUsbExDevice.Dll
    2009-09-17 15:06:10 ----D---- C:\Documents and Settings\Administrator\Application Data\Samsung
    2009-09-17 15:05:59 ----D---- C:\Program Files\MarkAny
    2009-09-17 15:05:57 ----D---- C:\Program Files\PC Connectivity Solution
    2009-09-17 15:05:36 ----D---- C:\Program Files\Samsung
    2009-09-01 23:42:36 ----D---- C:\Program Files\Dekart
    2009-08-25 21:22:07 ----D---- C:\Program Files\TuneUpMedia
    2009-08-25 21:22:00 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TuneUpMedia
    2009-08-25 21:22:00 ----D---- C:\Documents and Settings\Administrator\Application Data\TuneUpMedia
    2009-08-22 14:52:58 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Azureus
    2009-08-22 14:52:56 ----D---- C:\Documents and Settings\Administrator\Application Data\Azureus
    2009-08-22 14:52:07 ----D---- C:\Program Files\Vuze
    2009-08-22 02:03:37 ----D---- C:\WINDOWS.0\45235788142C44BE8A4DDDE9A84492E5.TMP

    ======List of files/folders modified in the last 1 months======

    2009-09-20 11:49:14 ----D---- C:\Program Files\Mozilla Firefox
    2009-09-20 11:37:13 ----D---- C:\WINDOWS.0\system32
    2009-09-20 11:36:56 ----D---- C:\Documents and Settings\Administrator\Application Data\WTablet
    2009-09-20 11:36:54 ----D---- C:\WINDOWS.0\Temp
    2009-09-20 11:36:52 ----D---- C:\WINDOWS.0\system32\CatRoot2
    2009-09-20 06:14:40 ----A---- C:\WINDOWS.0\SchedLgU.Txt
    2009-09-20 00:01:17 ----D---- C:\WINDOWS.0
    2009-09-19 23:58:27 ----D---- C:\Program Files\Tablet
    2009-09-19 23:58:06 ----D---- C:\WINDOWS.0\system32\ReinstallBackups
    2009-09-19 23:58:03 ----D---- C:\WINDOWS.0\system32\drivers
    2009-09-19 23:57:40 ----D---- C:\WINDOWS.0\inf
    2009-09-19 23:57:35 ----D---- C:\WINDOWS.0\system32\WTablet
    2009-09-19 20:22:26 ----RD---- C:\Program Files
    2009-09-19 20:21:45 ----SHD---- C:\WINDOWS.0\Installer
    2009-09-19 20:21:40 ----D---- C:\Program Files\Common Files
    2009-09-19 20:14:53 ----D---- C:\QUARANTINE
    2009-09-19 12:38:18 ----SH---- C:\boot.ini
    2009-09-19 12:38:18 ----A---- C:\WINDOWS.0\win.ini
    2009-09-19 12:38:18 ----A---- C:\WINDOWS.0\system.ini
    2009-09-19 12:38:13 ----D---- C:\WINDOWS.0\pss
    2009-09-19 12:19:20 ----D---- C:\Program Files\Steam
    2009-09-19 02:38:48 ----D---- C:\WINDOWS.0\system32\DirectX
    2009-09-19 02:37:35 ----RSD---- C:\WINDOWS.0\assembly
    2009-09-18 11:30:42 ----D---- C:\Program Files\Electronic Arts
    2009-09-18 01:20:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-09-18 00:19:30 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-09-18 00:16:21 ----D---- C:\Program Files\EA GAMES
    2009-09-17 15:09:49 ----DC---- C:\WINDOWS.0\system32\DRVSTORE
    2009-09-17 15:06:03 ----D---- C:\WINDOWS.0\WinSxS
    2009-09-17 09:51:27 ----D---- C:\WINDOWS.0\system32\config
    2009-09-01 15:58:06 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
    2009-08-25 21:22:21 ----D---- C:\Program Files\iTunes
    2009-08-25 21:17:47 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
    2009-08-23 22:30:33 ----D---- C:\Program Files\adslTV
    2009-08-23 17:54:44 ----D---- C:\Documents and Settings\Administrator\Application Data\dvdcss
    2009-08-21 22:44:59 ----A---- C:\WINDOWS.0\MegaManager.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AsIO;AsIO; C:\WINDOWS.0\system32\drivers\AsIO.sys [2007-12-17 12400]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS.0\System32\DRIVERS\cmdguard.sys [2009-06-13 132640]
    R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS.0\System32\DRIVERS\cmdhlp.sys [2009-06-13 24096]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS.0\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS.0\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
    R2 hardlock;hardlock; \??\C:\WINDOWS.0\system32\drivers\hardlock.sys []
    R2 Haspnt;Haspnt; \??\C:\WINDOWS.0\system32\drivers\Haspnt.sys []
    R2 Sentinel;Sentinel; C:\WINDOWS.0\System32\Drivers\SENTINEL.SYS [2001-06-21 73728]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS.0\system32\DRIVERS\arp1394.sys [2009-04-22 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS.0\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS.0\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
    R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS.0\system32\FsUsbExDisk.SYS []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS.0\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS.0\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
    R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS.0\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.0\system32\drivers\RtkHDAud.sys [2008-07-03 4745216]
    R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS.0\system32\DRIVERS\l1e51x86.sys [2008-09-23 38400]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS.0\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS.0\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS.0\system32\DRIVERS\nic1394.sys [2009-04-22 61824]
    R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS.0\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
    R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS.0\System32\Drivers\usbaapl.sys [2009-06-05 39424]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
    R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
    R3 wacmoumonitor;Wacom Mode Helper; C:\WINDOWS.0\system32\DRIVERS\wacmoumonitor.sys [2008-10-06 15656]
    R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS.0\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
    R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS.0\system32\DRIVERS\wacomvhid.sys [2008-07-11 13352]
    R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS.0\system32\DRIVERS\WacomVKHid.sys [2007-02-16 11440]
    S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
    S2 DS1410D;DS1410D; \??\C:\WINDOWS.0\system32\drivers\ds1410d.sys []
    S3 az0psyhx;az0psyhx; C:\WINDOWS.0\system32\drivers\az0psyhx.sys []
    S3 cpuz130;cpuz130; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
    S3 ENTECH;ENTECH; \??\C:\WINDOWS.0\system32\DRIVERS\ENTECH.sys []
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS.0\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
    S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS.0\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS.0\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS.0\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS.0\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS.0\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
    S4 IntelIde;IntelIde; C:\WINDOWS.0\system32\drivers\IntelIde.sys []
    S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS.0\System32\drivers\ws2ifsl.sys [2001-08-23 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 57xx SteelVine Manager;57xx SteelVine; C:\Program Files\ASUS\Drive Xpert\SteelVine.exe [2008-05-29 1286144]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS.0\system32\Ati2evxx.exe [2009-02-04 602112]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2009-06-13 692496]
    R2 FsUsbExService;FsUsbExService; C:\WINDOWS.0\system32\FsUsbExService.Exe [2009-04-07 233472]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-31 152984]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS.0\system32\PSIService.exe [2007-06-05 177704]
    R2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS.0\system32\Wacom_Tablet.exe [2008-10-30 2749224]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS.0\system32\wdfmgr.exe [2005-01-28 38912]
    R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-11 654848]
    S2 ATI Smart;ATI Smart; C:\WINDOWS.0\system32\ati2sgag.exe [2009-07-14 593920]
    S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.0\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
    S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS.0\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------
    a c 327 8 Sécurité
    a b 9 Windows
    20 Septembre 2009 18:59:37

  • Désinstalle DAEMON Tools Toolbar et Java 6 Update 13.

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Mets à jour Internet Explorer.

    Le PC va mieux ?
    20 Septembre 2009 20:29:35

    Le PC fonctionne à merveille!! merci pour tes précieux conseils et pour m'avoir dicté la marche à suivre et fourni les logiciels afin de nettoyer mon ordinateur.
    Il tourne super bien, rapide, parfait.

    merci Destrio5!!
    a c 327 8 Sécurité
    a b 9 Windows
    20 Septembre 2009 21:00:39

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    20 Septembre 2009 21:36:20

    1/


    rapport Toolscleaner2:


    [ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\cleannavi.txt: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\hijackthis.log: trouvé !
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\Antivirus_malware_etc\HijackThis.exe: trouvé !
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\Antivirus_malware_etc\Rsit.exe: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Navilog1\Navilog1.bat: trouvé !
    C:\Program Files\Navilog1\catchme.exe: trouvé !


    Corbeille vidée!
    Fichiers temporaires nettoyés !
    ---------------------------------
    --> Suppression:
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\Antivirus_malware_etc\HijackThis.exe: supprimé !
    C:\Program Files\Navilog1\Navilog1.bat: supprimé !
    C:\Program Files\Navilog1\catchme.exe: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\hijackthis.log: supprimé !
    C:\Documents and Settings\Administrator\My Documents\Téléchargements\Antivirus_malware_etc\Rsit.exe: supprimé !
    C:\Rsit: supprimé !
    C:\Program Files\Navilog1: supprimé !
    a c 327 8 Sécurité
    a b 9 Windows
    20 Septembre 2009 22:03:24

    Tu peux supprimer ToolsCleaner.
    20 Septembre 2009 22:08:47

    Merci pour ces conseils et ta patience! Mon problème est résolu, je garde en liens cette page, afin d'y revenir si besoin est.

    Merci encore pour ton aide.


    Seï :) 
    2 Février 2010 22:48:59

    Bonjour,
    alors là, bravo. Destrio5, merci. J'ai lu un roman digne du Derniers des Mohicans ou du Capitaine Fracasse. De la détresse, du suspens, de la chevalerie, de la maitrise indiscutable et sereine, un dénouement heureux ! J'ai retenu mon souffle durant toute la lecture, (dont les lignes de codes), et d'un coup, vlam! je me retrouve scotché, pris par le rythme, stoppé net par la dernière réponse, sans appel. Efficace. Magnifique.
    Belle leçon d'entraide.
    Merci. moi, le littéraire, je viens de me faire un roman passionnant.
    Quelqu'un te le rendra - forcément,
    bonne continuation.
    matt.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS