Votre question

Virus qui ouvre des pages ie intempestives

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Janvier 2010 13:58:50

Bonjour à tous,
J'ai aujourd'hui lancé un fichier qui n'était pas ce que je pensais être mais plutôt un logiciel malveillant (bien qu'il n'ait pas été détecté par Nod32 au scanner), car lorsque je l'ai lancé il a simplement disparu puis plus rien, puis de temps en temps depuis, des pages Internet Explorer de publicité s'ouvrent toutes seules.
J'ai joins un HijackThis, merci d'avance de votre aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:55:02, on 27/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\nvsvc32.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
J:\WINDOWS\system32\spoolsv.exe
J:\WINDOWS\Explorer.EXE
D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
D:\Program Files\Brother\ControlCenter2\brctrcen.exe
J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
J:\WINDOWS\system32\RUNDLL32.EXE
J:\WINDOWS\RTHDCPL.EXE
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Java\jre6\bin\jusched.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
J:\Program Files\DNA\btdna.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
J:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
D:\Program Files\Java\jre6\bin\jqs.exe
J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
D:\Program Files\Eset\nod32krn.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
J:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
J:\WINDOWS\system32\wuauclt.exe
J:\WINDOWS\System32\svchost.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
J:\WINDOWS\system32\rundll32.exe
J:\WINDOWS\msa.exe
D:\Temp\Bch.exe
D:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] D:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE J:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE J:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "J:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BMIMZMHMFM] D:\Temp\Bch.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI" TRANSFORMS="J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - J:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9d1c1320c0874) (gupdate1c9d1c1320c0874) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Liuhid - Unknown owner - (no file)
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - J:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - J:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10031 bytes

Autres pages sur : virus ouvre pages intempestives

a c 296 8 Sécurité
a b 9 Windows
27 Janvier 2010 14:20:42

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\Rsit.
    27 Janvier 2010 14:26:27

    Re, merci de ton aide.

    Voici log.txt :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Benjamin at 2010-01-27 14:24:36
    Microsoft Windows XP Professionnel Service Pack 2
    System drive J: has 499 MB (4%) free of 12 GB
    Total RAM: 3070 MB (71% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:24:59, on 27/01/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    J:\WINDOWS\System32\smss.exe
    J:\WINDOWS\system32\winlogon.exe
    J:\WINDOWS\system32\services.exe
    J:\WINDOWS\system32\lsass.exe
    J:\WINDOWS\system32\nvsvc32.exe
    J:\WINDOWS\system32\svchost.exe
    J:\WINDOWS\System32\svchost.exe
    J:\WINDOWS\system32\svchost.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    J:\WINDOWS\system32\spoolsv.exe
    J:\WINDOWS\Explorer.EXE
    D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    D:\Program Files\Brother\ControlCenter2\brctrcen.exe
    J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    D:\Program Files\Eset\nod32kui.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    J:\WINDOWS\system32\RUNDLL32.EXE
    J:\WINDOWS\RTHDCPL.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    J:\WINDOWS\system32\ctfmon.exe
    J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    J:\Program Files\DNA\btdna.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\DAEMON Tools Lite\DTLite.exe
    D:\Program Files\Logitech\SetPoint\SetPoint.exe
    J:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    D:\Program Files\Eset\nod32krn.exe
    D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    J:\WINDOWS\system32\svchost.exe
    D:\Program Files\iPod\bin\iPodService.exe
    J:\WINDOWS\system32\wuauclt.exe
    J:\WINDOWS\System32\svchost.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    D:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
    J:\WINDOWS\system32\rundll32.exe
    J:\WINDOWS\msa.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\VideoLAN\VLC\vlc.exe
    D:\Temp\Bch.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    D:\RSIT.exe
    D:\Benjamin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SSBkgdUpdate] J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] D:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE J:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE J:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "J:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [BMIMZMHMFM] D:\Temp\Bch.exe
    O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI" TRANSFORMS="J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - J:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service Google Update (gupdate1c9d1c1320c0874) (gupdate1c9d1c1320c0874) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Liuhid - Unknown owner - (no file)
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - J:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - J:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    --
    End of file - 10234 bytes

    ======Scheduled tasks folder======

    J:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    J:\WINDOWS\tasks\AppleSoftwareUpdate.job
    J:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    J:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    J:\WINDOWS\tasks\User_Feed_Synchronization-{D8596180-D321-41B4-9308-E54E2DE916FA}.job
    J:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
    J:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    Locked

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SSBkgdUpdate"=J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
    "PaperPort PTD"=D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-03-10 57393]
    "IndexSearch"=D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-03-10 40960]
    "ControlCenter2.0"=D:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-01-07 864256]
    "Kernel and Hardware Abstraction Layer"=J:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
    "NWEReboot"= []
    "NeroFilterCheck"=J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "ISUSPM Startup"=J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup []
    "ISUSScheduler"=J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
    "nod32kui"=D:\Program Files\Eset\nod32kui.exe [2009-05-11 949376]
    "Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-09-21 520024]
    "QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
    "NvCplDaemon"=J:\WINDOWS\system32\NvCpl.dll [2009-04-30 13750272]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=J:\WINDOWS\system32\NvMcTray.dll [2009-04-30 86016]
    "RTHDCPL"=J:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
    "Alcmtr"=J:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
    "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=J:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
    "SpybotSD TeaTimer"=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
    "BitTorrent DNA"=J:\Program Files\DNA\btdna.exe [2009-11-13 323392]
    "AlcoholAutomount"=D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203416]
    "MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
    "BMIMZMHMFM"=D:\Temp\Bch.exe [2010-01-27 129024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI TRANSFORMS=J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST WISE_SETUP_EXE_PATH=d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe []

    J:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Logitech SetPoint.lnk - D:\Program Files\Logitech\SetPoint\SetPoint.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    j:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-18 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    J:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - J:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "D:\Program Files\ma-config.com\maconfservice.exe"="D:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.08"
    "D:\Program Files\BitTorrent\bittorrent.exe"="D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "D:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="D:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
    "J:\Program Files\DNA\btdna.exe"="J:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "J:\Program Files\ma-config.com\maconfservice.exe"="J:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "D:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe"="D:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher"
    "D:\Program Files\Electronic Arts\BattleForge\BattleForge.exe"="D:\Program Files\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed5ea0a7-3d8b-11de-84d1-806d6172696f}]
    shell\AutoRun\command - L:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2010-01-27 14:24:36 ----D---- J:\rsit
    2010-01-27 13:16:13 ----A---- J:\WINDOWS\msa.exe
    2010-01-27 13:15:59 ----A---- J:\WINDOWS\system32\sshnas21.dll
    2010-01-22 02:33:06 ----A---- J:\WINDOWS\system32\xfcodec.dll
    2010-01-19 18:10:23 ----D---- J:\Documents and Settings\Benjamin\Application Data\TS3Client
    2010-01-17 12:06:54 ----D---- J:\Documents and Settings\All Users\Application Data\Macrovision
    2010-01-17 12:06:51 ----D---- J:\Program Files\Fichiers communs\Adobe Systems Shared
    2010-01-16 20:39:01 ----D---- J:\Documents and Settings\Benjamin\Application Data\Xfire
    2010-01-14 17:33:30 ----HDC---- J:\WINDOWS\$NtUninstallKB955759$
    2010-01-14 17:33:20 ----HDC---- J:\WINDOWS\$NtUninstallKB972270$
    2010-01-09 18:21:25 ----D---- J:\Documents and Settings\Benjamin\Application Data\Black Sea Studios
    2010-01-09 01:46:33 ----D---- J:\Documents and Settings\Benjamin\Application Data\mIRC
    2010-01-08 21:15:08 ----A---- J:\WINDOWS\system32\CmdLineExt03.dll

    ======List of files/folders modified in the last 1 months======

    2010-01-27 14:24:40 ----D---- J:\WINDOWS\Prefetch
    2010-01-27 14:20:49 ----D---- J:\WINDOWS\Temp
    2010-01-27 14:19:36 ----D---- J:\Documents and Settings\Benjamin\Application Data\DNA
    2010-01-27 14:05:56 ----SD---- J:\WINDOWS\Tasks
    2010-01-27 13:54:20 ----D---- J:\Documents and Settings\Benjamin\Application Data\vlc
    2010-01-27 13:45:50 ----D---- J:\Documents and Settings\Benjamin\Application Data\dvdcss
    2010-01-27 13:16:13 ----AD---- J:\WINDOWS
    2010-01-27 13:15:59 ----D---- J:\WINDOWS\system32
    2010-01-27 12:03:16 ----A---- J:\WINDOWS\win.ini
    2010-01-27 10:39:49 ----A---- J:\WINDOWS\SchedLgU.Txt
    2010-01-27 06:20:55 ----A---- J:\WINDOWS\system32\PerfStringBackup.INI
    2010-01-27 06:18:48 ----D---- J:\Program Files\DNA
    2010-01-24 20:14:13 ----D---- J:\Documents and Settings\All Users\Application Data\Adobe
    2010-01-24 20:13:58 ----D---- J:\Documents and Settings\Benjamin\Application Data\Adobe
    2010-01-23 02:59:44 ----HD---- J:\WINDOWS\inf
    2010-01-23 02:59:33 ----RSHDC---- J:\WINDOWS\system32\dllcache
    2010-01-23 02:59:31 ----D---- J:\Program Files\Internet Explorer
    2010-01-23 02:58:56 ----HD---- J:\WINDOWS\$hf_mig$
    2010-01-23 02:58:54 ----D---- J:\WINDOWS\system32\CatRoot2
    2010-01-23 00:21:12 ----HD---- J:\Program Files\InstallShield Installation Information
    2010-01-18 10:15:18 ----D---- J:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2010-01-17 12:06:51 ----D---- J:\Program Files\Fichiers communs
    2010-01-17 12:06:35 ----D---- J:\Program Files\Fichiers communs\Adobe
    2010-01-17 12:04:20 ----RD---- J:\Program Files
    2010-01-14 17:35:18 ----D---- J:\WINDOWS\AppPatch
    2010-01-14 17:33:38 ----A---- J:\WINDOWS\imsins.BAK
    2010-01-13 19:01:05 ----A---- J:\WINDOWS\BRWMARK.INI
    2010-01-08 20:51:34 ----D---- J:\Documents and Settings\Benjamin\Application Data\BitTorrent
    2010-01-05 01:17:46 ----A---- J:\WINDOWS\system32\MRT.exe
    2010-01-01 15:39:30 ----SHD---- J:\WINDOWS\Installer
    2010-01-01 15:39:28 ----D---- J:\WINDOWS\WinSxS
    2010-01-01 15:39:28 ----D---- J:\Program Files\Fichiers communs\Microsoft Shared
    2010-01-01 15:35:35 ----SD---- J:\Documents and Settings\All Users\Application Data\Microsoft
    2010-01-01 15:35:20 ----D---- J:\WINDOWS\system32\DirectX
    2009-12-28 13:59:17 ----RSD---- J:\WINDOWS\assembly

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; J:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
    R1 kbdhid;Pilote HID de clavier; J:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
    R1 nod32drv;nod32drv; J:\WINDOWS\system32\drivers\nod32drv.sys [2009-05-11 15424]
    R1 vmm;Virtual Machine Monitor; \??\J:\WINDOWS\system32\Drivers\vmm.sys []
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; J:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 AMON;AMON; J:\WINDOWS\system32\drivers\amon.sys [2009-05-11 512096]
    R2 atksgt;atksgt; J:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-24 279712]
    R2 LBeepKE;LBeepKE; J:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-18 10384]
    R2 lirsgt;lirsgt; J:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-24 25888]
    R3 BrScnUsb;Brother USB Still Image driver; J:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; J:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 hamachi;Hamachi Network Interface; J:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; J:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 hidusb;Pilote de classe HID Microsoft; J:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); J:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; J:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; J:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    R3 MBAMSwissArmy;MBAMSwissArmy; \??\J:\WINDOWS\system32\drivers\mbamswissarmy.sys []
    R3 mouhid;Pilote HID de souris; J:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; J:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; J:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; J:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
    R3 usbccgp;Pilote parent générique USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; J:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Concentrateur USB2; J:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
    R3 usbprint;Classe d'imprimantes USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    R3 usbstor;Pilote de stockage de masse USB; J:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 VPCNetS2;Virtual Machine Network Services Driver; J:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
    R3 Wdf01000;Wdf01000; J:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S3 a2grtd6f;a2grtd6f; J:\WINDOWS\system32\drivers\a2grtd6f.sys []
    S3 alwiv63y;alwiv63y; J:\WINDOWS\system32\drivers\alwiv63y.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 Jukebox3;Jukebox3; J:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2005-01-27 16912]
    S3 VClone;VClone; J:\WINDOWS\system32\DRIVERS\VClone.sys []
    S3 WpdUsb;WpdUsb; J:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; J:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; J:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; J:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-21 1028432]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-09-24 61440]
    R2 NOD32krn;NOD32 Kernel Service; D:\Program Files\Eset\nod32krn.exe [2009-05-11 552064]
    R2 nvsvc;NVIDIA Display Driver Service; J:\WINDOWS\system32\nvsvc32.exe [2009-04-30 168004]
    R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; J:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R3 iPod Service;Service de l’iPod; D:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 gupdate1c9d1c1320c0874;Service Google Update (gupdate1c9d1c1320c0874); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-10 133104]
    S2 SSHNAS;SSHNAS; J:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    S3 Adobe LM Service;Adobe LM Service; J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-01-17 68096]
    S3 aspnet_state;ASP.NET State Service; J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; J:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 LBTServ;Logitech Bluetooth Service; J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2009-02-18 121360]
    S3 maconfservice;Ma-Config Service; J:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 odserv;Microsoft Office Diagnostics Service; J:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; J:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WLSetupSvc;Windows Live Setup Service; D:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; J:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------

    et info.txt :

    info.txt logfile of random's system information tool 1.06 2010-01-27 14:25:03

    ======Uninstall list======

    -->D:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    -->J:\WINDOWS\IsUn040c.exe -f"D:\Program Files\Battlezone II\BZII.isu"
    -->J:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->J:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->J:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->J:\WINDOWS\UNRecode.exe /UNINSTALL
    -->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
    -->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
    -->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9744AE38-1CC6-414F-96CE-0643AEE30A9B}\setup.exe" -l0x40c
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9744AE38-1CC6-414F-96CE-0643AEE30A9B}\setup.exe" -l0x40c /remove
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x40c
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x40c /remove
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9BAA790E-561E-4A13-8F77-7582C77462D0}\setup.exe" -l0x40c
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9BAA790E-561E-4A13-8F77-7582C77462D0}\setup.exe" -l0x40c /remove
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9E54F486-CD4A-44A5-B041-16D4E1E56A53}\setup.exe" -l0x40c
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{9E54F486-CD4A-44A5-B041-16D4E1E56A53}\setup.exe" -l0x40c /remove
    -->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 J:\WINDOWS\INF\PCHealth.inf
    Ad-Aware-->"J:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->J:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
    Adobe Flash Player 10 ActiveX-->J:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->J:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop CS-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Adobe Shockwave Player 11.5-->"J:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
    ANNO 1602 Version Gold-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{077A7810-A937-4465-AD08-ACED9807995F}\SETUP.exe"
    Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
    Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    ATI - Utilitaire de désinstallation du logiciel-->J:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    BattleForge™-->MsiExec.exe /X{C580908C-B3BA-4C19-BD60-16F02F272201}
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Brother MFL-Pro Suite-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x40c Brunin03.dllBrunin03.dll
    CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
    Civilization II Multiplayer-->J:\WINDOWS\IsUn040c.exe -fd:\MPS\Civ2\Uninst.isu
    Coeur-->"D:\Program Files\Coeur\unins000.exe"
    Correctif pour Windows XP (KB935448)-->"J:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"J:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"J:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"J:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB976098-v2)-->"J:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339-->J:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->J:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->J:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->J:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->J:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"J:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Creative Jukebox Driver-->D:\Program Files\Creative\Jukebox 3 Drivers\DrvUnins.exe /s
    Creative System Information-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
    Creative Zen Sleek-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{49BE70E3-EF27-411D-B3F3-C00E46111E1D}\SETUP.EXE" -l0x40c /remove
    DMW Client SE -->D:\Program Files\DMW Client 3\uninst.exe
    DMW Pro Client -->D:\Program Files\DMW Pro Client\uninst.exe
    Dofus 1.27.0-->D:\Program Files\Dofus\uninstall.exe
    DofusBeta 1.27.0-->D:\Program Files\DofusBeta\uninstall.exe
    DofusCalc 1.5.1052-->"D:\Program Files\DofusCalc\unins000.exe"
    Doomsday-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{69464949-AD9C-4C98-933F-C32FFC86F3C8}\Setup.exe" -l0x9
    DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
    EAX Unified-->J:\WINDOWS\IsUninst.exe -f"D:\Program Files\Creative\EAX Unified\Uninst.isu"
    eMule-->"D:\Program Files\eMule\Uninstall.exe"
    Europa Universalis III-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{59C80C5E-8C92-40FF-B910-2BB5C7281F61}\setup.exe" -l0x9
    Free Video Dub version 1.5-->"D:\Program Files\DVDVideoSoft\Free Video Dub\unins000.exe"
    GameSpy Arcade-->D:\PROGRA~1\GAMESP~1\UNWISE.EXE D:\PROGRA~1\GAMESP~1\INSTALL.LOG
    Gestionnaire de disques amovible Creative-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c /remove
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
    Guitar Pro 4 Demo-->MsiExec.exe /X{22C1B575-C746-46F2-80A3-EE9612AF5FAA}
    Hearts of Iron III-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}\setup.exe" -l0x9
    Hexplore-->D:\PROGRA~1\Hexplore\UNWISE.EXE D:\PROGRA~1\Hexplore\INSTALL.LOG
    HijackThis 2.0.2-->"D:\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->J:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Windows XP (KB926239)-->"J:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    ImgBurn 2.3.2.0 Fr-->"D:\Program Files\ImgBurn\unins000.exe"
    iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
    KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
    Knights Of Honor-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{7911C404-9AFA-4BB2-B9B7-E47423D87528}\setup.exe" -l0x40c
    Lame ACM MP3 Codec-->J:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 J:\WINDOWS\INF\LameACM.inf
    Lecteur Windows Media 11-->"J:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Les Boucliers d-->d:\Program Files\Les Boucliers de Quetzalcoatl\uninstal.exe
    Les Sims Deluxe-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l040c
    Logitech SetPoint-->"D:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
    LogMeIn Hamachi-->J:\WINDOWS\system32\\msiexec.exe /i {067EC517-9731-43FD-B4D5-296EE0027BBB} REMOVE=ALL
    LogMeIn Hamachi-->MsiExec.exe /I{067EC517-9731-43FD-B4D5-296EE0027BBB}
    Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
    Macromedia Flash Player 8-->J:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
    Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Medal of Honor débarquement allié-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x40c
    Messenger Plus! Live-->"D:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->J:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"J:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"J:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"J:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    mIRC-->D:\Program Files\mIRC\uninstall.exe _?=D:\Program Files\mIRC
    Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"J:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"J:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"J:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"J:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"J:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"J:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"J:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"J:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"J:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"J:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"J:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"J:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"J:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"J:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"J:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"J:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"J:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"J:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562)-->"J:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"J:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"J:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"J:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"J:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118)-->"J:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"J:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213)-->"J:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"J:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"J:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"J:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"J:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"J:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980)-->"J:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270)-->"J:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667)-->"J:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902)-->"J:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255)-->"J:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436)-->"J:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779)-->"J:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802)-->"J:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255)-->"J:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843)-->"J:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123)-->"J:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178)-->"J:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261)-->"J:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168)-->"J:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"J:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"J:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055)-->"J:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"J:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"J:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553)-->"J:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026)-->"J:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749)-->"J:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"J:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"J:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"J:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"J:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"J:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"J:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"J:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"J:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"J:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"J:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"J:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"J:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"J:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"J:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"J:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"J:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"J:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958869)-->"J:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"J:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"J:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"J:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"J:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"J:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"J:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"J:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969059)-->"J:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969947)-->"J:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"J:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970430)-->"J:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971032)-->"J:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971486)-->"J:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"J:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"J:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"J:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972270)-->"J:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"J:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"J:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973525)-->"J:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"J:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973904)-->"J:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974112)-->"J:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974318)-->"J:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974392)-->"J:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974571)-->"J:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975025)-->"J:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975467)-->"J:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"J:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"J:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"J:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB904942)-->"J:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB908531)-->"J:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"J:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"J:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"J:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"J:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"J:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925720)-->"J:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925876)-->"J:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891)-->"J:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916)-->"J:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB932823-v3)-->"J:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828)-->"J:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955759)-->"J:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"J:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"J:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB971737)-->"J:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973687)-->"J:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"J:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->J:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.7)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
    Mumble and Murmur-->D:\Program Files\Mumble\Uninstall.exe
    Nero 7 Essentials-->MsiExec.exe /I{8867CEBD-E6C0-4C7A-83B3-9E45669A1036}
    NOD32 Antivirus System-->D:\Program Files\Eset\Setup\setup.exe /UNINSTALL
    NOD32 FiX-->"D:\Program Files\Eset\unins000.exe"
    No-IP.com DUC (remove only)-->"D:\Program Files\No-IP\DUC20.exe" -uninstall
    NVIDIA Drivers-->J:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
    Obscure-->D:\Program Files\Obscure\uninst.exe
    Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->J:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u J:\WINDOWS\system32\DRVSTORE\amdk8_C7A451815AD6A55564D6F47B5A12C61D8B4DCFD1\amdk8.inf
    PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
    Qtracker-->D:\PROGRA~1\Qtracker\UNWISE.EXE D:\PROGRA~1\Qtracker\INSTALL.LOG
    QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
    REALTEK GbE & FE Ethernet PCI-E NIC Driver-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe" -l0x40c -removeonly
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Revo Uninstaller 1.83-->D:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
    RUNAWAY - A road adventure-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{B6C3139E-053A-4052-9BE1-E0BBEC2F0B88}\setup.exe"
    ScummVM 0.13.0-->"D:\Program Files\ScummVM\unins000.exe"
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
    Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
    Sid Meier's Civilization 4-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x40c -removeonly
    Singles-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5628829F-3318-4DDA-988D-D301832F1611}\setup.exe"
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
    Spybot - Search & Destroy-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Stronghold Crusader-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe"
    Stronghold-->RunDll32 J:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}\setup.exe"
    StuffPlug 3-->D:\Program Files\StuffPlug3\Uninstall.exe
    TeamSpeak 2 RC2-->"D:\Program Files\Teamspeak2_RC2\unins000.exe"
    TeamSpeak 2 Server RC2-->"D:\Program Files\Teamspeak2_RC2\unins001.exe"
    TeamSpeak 3 Client-->"D:\Program Files\TeamSpeak 3 Client\uninstall.exe"
    Theme Hospital-->J:\WINDOWS\unin040c.exe -f"D:\Program Files\Bullfrog\Hospital\DeIs
    Contenus similaires
    a c 296 8 Sécurité
    a b 9 Windows
    27 Janvier 2010 14:51:56

    1/

  • Démarre Spybot, clique sur Mode, coche Mode avancé.
  • A gauche, clique sur Outils, puis sur Résident.
  • Décoche la case devant Résident "TeaTimer" :

  • Quitte Spybot.


    2

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    27 Janvier 2010 15:17:18

    Re, voici le rapport :

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3510
    Windows 5.1.2600 Service Pack 2
    Internet Explorer 8.0.6001.18702

    27/01/2010 15:16:18
    mbam-log-2010-01-27 (15-16-18).txt

    Type de recherche: Examen rapide
    Eléments examinés: 114299
    Temps écoulé: 11 minute(s), 6 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    J:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    J:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    J:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    a c 296 8 Sécurité
    a b 9 Windows
    27 Janvier 2010 15:52:28

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    27 Janvier 2010 18:25:34

    Voici le log :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Benjamin at 2010-01-27 18:23:52
    Microsoft Windows XP Professionnel Service Pack 2
    System drive J: has 535 MB (4%) free of 12 GB
    Total RAM: 3070 MB (73% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:23:58, on 27/01/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    J:\WINDOWS\System32\smss.exe
    J:\WINDOWS\system32\winlogon.exe
    J:\WINDOWS\system32\services.exe
    J:\WINDOWS\system32\lsass.exe
    J:\WINDOWS\system32\nvsvc32.exe
    J:\WINDOWS\system32\svchost.exe
    J:\WINDOWS\System32\svchost.exe
    J:\WINDOWS\system32\svchost.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    J:\WINDOWS\system32\spoolsv.exe
    J:\WINDOWS\Explorer.EXE
    D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    D:\Program Files\Brother\ControlCenter2\brctrcen.exe
    J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    D:\Program Files\Eset\nod32kui.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    J:\WINDOWS\system32\RUNDLL32.EXE
    J:\WINDOWS\RTHDCPL.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    J:\WINDOWS\system32\ctfmon.exe
    J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    J:\Program Files\DNA\btdna.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\DAEMON Tools Lite\DTLite.exe
    D:\Program Files\Logitech\SetPoint\SetPoint.exe
    J:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    D:\Program Files\Eset\nod32krn.exe
    D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    J:\WINDOWS\system32\svchost.exe
    D:\Program Files\iPod\bin\iPodService.exe
    J:\WINDOWS\system32\wbem\wmiapsrv.exe
    D:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
    J:\WINDOWS\System32\svchost.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    J:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Xfire\Xfire.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Temp\Bch.exe
    D:\RSIT.exe
    D:\Benjamin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SSBkgdUpdate] J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] D:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE J:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE J:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "J:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [BMIMZMHMFM] D:\Temp\Bch.exe
    O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI" TRANSFORMS="J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - J:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service Google Update (gupdate1c9d1c1320c0874) (gupdate1c9d1c1320c0874) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Liuhid - Unknown owner - (no file)
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - J:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - J:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    --
    End of file - 10008 bytes

    ======Scheduled tasks folder======

    J:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    J:\WINDOWS\tasks\AppleSoftwareUpdate.job
    J:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    J:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    J:\WINDOWS\tasks\User_Feed_Synchronization-{D8596180-D321-41B4-9308-E54E2DE916FA}.job
    J:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    Locked

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SSBkgdUpdate"=J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
    "PaperPort PTD"=D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-03-10 57393]
    "IndexSearch"=D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-03-10 40960]
    "ControlCenter2.0"=D:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-01-07 864256]
    "Kernel and Hardware Abstraction Layer"=J:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
    "NWEReboot"= []
    "NeroFilterCheck"=J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "ISUSPM Startup"=J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup []
    "ISUSScheduler"=J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
    "nod32kui"=D:\Program Files\Eset\nod32kui.exe [2009-05-11 949376]
    "Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-09-21 520024]
    "QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
    "NvCplDaemon"=J:\WINDOWS\system32\NvCpl.dll [2009-04-30 13750272]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=J:\WINDOWS\system32\NvMcTray.dll [2009-04-30 86016]
    "RTHDCPL"=J:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
    "Alcmtr"=J:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
    "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
    "Adobe ARM"=J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=J:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
    "BitTorrent DNA"=J:\Program Files\DNA\btdna.exe [2009-11-13 323392]
    "AlcoholAutomount"=D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203416]
    "MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
    "BMIMZMHMFM"=D:\Temp\Bch.exe [2010-01-27 129024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI TRANSFORMS=J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST WISE_SETUP_EXE_PATH=d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe []

    J:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Logitech SetPoint.lnk - D:\Program Files\Logitech\SetPoint\SetPoint.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    j:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-18 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    J:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - J:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "D:\Program Files\ma-config.com\maconfservice.exe"="D:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.08"
    "D:\Program Files\BitTorrent\bittorrent.exe"="D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "D:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="D:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
    "J:\Program Files\DNA\btdna.exe"="J:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "J:\Program Files\ma-config.com\maconfservice.exe"="J:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "D:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe"="D:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher"
    "D:\Program Files\Electronic Arts\BattleForge\BattleForge.exe"="D:\Program Files\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed5ea0a7-3d8b-11de-84d1-806d6172696f}]
    shell\AutoRun\command - L:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2010-01-27 14:24:36 ----D---- J:\rsit
    2010-01-27 13:15:59 ----A---- J:\WINDOWS\system32\sshnas21.dll
    2010-01-22 02:33:06 ----A---- J:\WINDOWS\system32\xfcodec.dll
    2010-01-19 18:10:23 ----D---- J:\Documents and Settings\Benjamin\Application Data\TS3Client
    2010-01-17 12:06:54 ----D---- J:\Documents and Settings\All Users\Application Data\Macrovision
    2010-01-17 12:06:51 ----D---- J:\Program Files\Fichiers communs\Adobe Systems Shared
    2010-01-16 20:39:01 ----D---- J:\Documents and Settings\Benjamin\Application Data\Xfire
    2010-01-14 17:33:30 ----HDC---- J:\WINDOWS\$NtUninstallKB955759$
    2010-01-14 17:33:20 ----HDC---- J:\WINDOWS\$NtUninstallKB972270$
    2010-01-09 18:21:25 ----D---- J:\Documents and Settings\Benjamin\Application Data\Black Sea Studios
    2010-01-09 01:46:33 ----D---- J:\Documents and Settings\Benjamin\Application Data\mIRC
    2010-01-08 21:15:08 ----A---- J:\WINDOWS\system32\CmdLineExt03.dll

    ======List of files/folders modified in the last 1 months======

    2010-01-27 18:23:31 ----D---- J:\WINDOWS\Prefetch
    2010-01-27 18:22:12 ----SD---- J:\WINDOWS\Tasks
    2010-01-27 18:21:29 ----D---- J:\WINDOWS\Temp
    2010-01-27 18:18:57 ----D---- J:\Documents and Settings\Benjamin\Application Data\DNA
    2010-01-27 15:55:50 ----D---- J:\Documents and Settings\Benjamin\Application Data\vlc
    2010-01-27 15:18:37 ----D---- J:\Program Files\DNA
    2010-01-27 15:18:22 ----AD---- J:\WINDOWS
    2010-01-27 15:18:04 ----D---- J:\WINDOWS\system32\drivers
    2010-01-27 15:17:35 ----A---- J:\WINDOWS\SchedLgU.Txt
    2010-01-27 13:45:50 ----D---- J:\Documents and Settings\Benjamin\Application Data\dvdcss
    2010-01-27 13:15:59 ----D---- J:\WINDOWS\system32
    2010-01-27 12:03:16 ----A---- J:\WINDOWS\win.ini
    2010-01-27 06:20:55 ----A---- J:\WINDOWS\system32\PerfStringBackup.INI
    2010-01-24 20:14:13 ----D---- J:\Documents and Settings\All Users\Application Data\Adobe
    2010-01-24 20:13:58 ----D---- J:\Documents and Settings\Benjamin\Application Data\Adobe
    2010-01-23 02:59:44 ----HD---- J:\WINDOWS\inf
    2010-01-23 02:59:33 ----RSHDC---- J:\WINDOWS\system32\dllcache
    2010-01-23 02:59:31 ----D---- J:\Program Files\Internet Explorer
    2010-01-23 02:58:56 ----HD---- J:\WINDOWS\$hf_mig$
    2010-01-23 02:58:54 ----D---- J:\WINDOWS\system32\CatRoot2
    2010-01-23 00:21:12 ----HD---- J:\Program Files\InstallShield Installation Information
    2010-01-18 10:15:18 ----D---- J:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2010-01-17 12:06:51 ----D---- J:\Program Files\Fichiers communs
    2010-01-17 12:06:35 ----D---- J:\Program Files\Fichiers communs\Adobe
    2010-01-17 12:04:20 ----RD---- J:\Program Files
    2010-01-14 17:35:18 ----D---- J:\WINDOWS\AppPatch
    2010-01-14 17:33:38 ----A---- J:\WINDOWS\imsins.BAK
    2010-01-13 19:01:05 ----A---- J:\WINDOWS\BRWMARK.INI
    2010-01-08 20:51:34 ----D---- J:\Documents and Settings\Benjamin\Application Data\BitTorrent
    2010-01-05 01:17:46 ----A---- J:\WINDOWS\system32\MRT.exe
    2010-01-01 15:39:30 ----SHD---- J:\WINDOWS\Installer
    2010-01-01 15:39:28 ----D---- J:\WINDOWS\WinSxS
    2010-01-01 15:39:28 ----D---- J:\Program Files\Fichiers communs\Microsoft Shared
    2010-01-01 15:35:35 ----SD---- J:\Documents and Settings\All Users\Application Data\Microsoft
    2010-01-01 15:35:20 ----D---- J:\WINDOWS\system32\DirectX
    2009-12-28 13:59:17 ----RSD---- J:\WINDOWS\assembly

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; J:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
    R1 kbdhid;Pilote HID de clavier; J:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
    R1 nod32drv;nod32drv; J:\WINDOWS\system32\drivers\nod32drv.sys [2009-05-11 15424]
    R1 vmm;Virtual Machine Monitor; \??\J:\WINDOWS\system32\Drivers\vmm.sys []
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; J:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 AMON;AMON; J:\WINDOWS\system32\drivers\amon.sys [2009-05-11 512096]
    R2 atksgt;atksgt; J:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-24 279712]
    R2 LBeepKE;LBeepKE; J:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-18 10384]
    R2 lirsgt;lirsgt; J:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-24 25888]
    R3 BrScnUsb;Brother USB Still Image driver; J:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; J:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 hamachi;Hamachi Network Interface; J:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; J:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 hidusb;Pilote de classe HID Microsoft; J:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); J:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; J:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; J:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    R3 mouhid;Pilote HID de souris; J:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; J:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; J:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; J:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
    R3 usbccgp;Pilote parent générique USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; J:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Concentrateur USB2; J:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
    R3 usbprint;Classe d'imprimantes USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    R3 usbstor;Pilote de stockage de masse USB; J:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 VPCNetS2;Virtual Machine Network Services Driver; J:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
    R3 Wdf01000;Wdf01000; J:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S3 asu83mln;asu83mln; J:\WINDOWS\system32\drivers\asu83mln.sys []
    S3 azuq6274;azuq6274; J:\WINDOWS\system32\drivers\azuq6274.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 Jukebox3;Jukebox3; J:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2005-01-27 16912]
    S3 VClone;VClone; J:\WINDOWS\system32\DRIVERS\VClone.sys []
    S3 WpdUsb;WpdUsb; J:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; J:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; J:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; J:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-21 1028432]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-09-24 61440]
    R2 NOD32krn;NOD32 Kernel Service; D:\Program Files\Eset\nod32krn.exe [2009-05-11 552064]
    R2 nvsvc;NVIDIA Display Driver Service; J:\WINDOWS\system32\nvsvc32.exe [2009-04-30 168004]
    R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; J:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R3 iPod Service;Service de l’iPod; D:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 gupdate1c9d1c1320c0874;Service Google Update (gupdate1c9d1c1320c0874); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-10 133104]
    S3 Adobe LM Service;Adobe LM Service; J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-01-17 68096]
    S3 aspnet_state;ASP.NET State Service; J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; J:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 LBTServ;Logitech Bluetooth Service; J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2009-02-18 121360]
    S3 maconfservice;Ma-Config Service; J:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 odserv;Microsoft Office Diagnostics Service; J:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; J:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WLSetupSvc;Windows Live Setup Service; D:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; J:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------


    Je tenais à te remercier d'ores et déjà car le problème de fenêtre intempestive a disparu :) 
    a c 296 8 Sécurité
    a b 9 Windows
    28 Janvier 2010 00:53:42

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "BMIMZMHMFM"=-

    :files
    J:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
    D:\Temp\Bch.exe
    J:\WINDOWS\system32\sshnas21.dll

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    28 Janvier 2010 11:31:47

    Voici le rapport :

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BMIMZMHMFM deleted successfully.
    ========== FILES ==========
    J:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.
    File/Folder D:\Temp\Bch.exe not found.
    LoadLibrary failed for J:\WINDOWS\system32\sshnas21.dll
    J:\WINDOWS\system32\sshnas21.dll moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: All Users

    User: Benjamin
    ->Temp folder emptied: 227718745 bytes
    ->Temporary Internet Files folder emptied: 62772015 bytes
    ->Java cache emptied: 51654339 bytes
    ->FireFox cache emptied: 95437157 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 634358 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 4229874 bytes
    %systemroot%\System32 .tmp files removed: 3072 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 175405178 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 8496730 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 598,00 mb


    OTM by OldTimer - Version 3.1.7.0 log created on 01282010_112545

    Files moved on Reboot...

    Registry entries deleted on Reboot...



    Si OTM n'a pas trouvé bch.exe c'est parce que Nod32 l'a trouvé et supprimé avant que je lance OTM.
    a c 296 8 Sécurité
    a b 9 Windows
    28 Janvier 2010 21:31:26

  • Désinstalle Java(TM) 6 Update 17.

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Refais un scan RSIT et poste le rapport log.
    29 Janvier 2010 01:33:27

    Voici le rapport :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Benjamin at 2010-01-29 01:32:46
    Microsoft Windows XP Professionnel Service Pack 2
    System drive J: has 538 MB (4%) free of 12 GB
    Total RAM: 3070 MB (75% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:32:53, on 29/01/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    J:\WINDOWS\System32\smss.exe
    J:\WINDOWS\system32\winlogon.exe
    J:\WINDOWS\system32\services.exe
    J:\WINDOWS\system32\lsass.exe
    J:\WINDOWS\system32\nvsvc32.exe
    J:\WINDOWS\system32\svchost.exe
    J:\WINDOWS\System32\svchost.exe
    J:\WINDOWS\system32\svchost.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    J:\WINDOWS\system32\spoolsv.exe
    J:\WINDOWS\Explorer.EXE
    J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    D:\Program Files\Eset\nod32krn.exe
    D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    J:\WINDOWS\system32\svchost.exe
    D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    D:\Program Files\Brother\ControlCenter2\brctrcen.exe
    J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    D:\Program Files\Eset\nod32kui.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    J:\WINDOWS\system32\RUNDLL32.EXE
    J:\WINDOWS\RTHDCPL.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    J:\WINDOWS\System32\svchost.exe
    J:\WINDOWS\system32\ctfmon.exe
    J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    J:\Program Files\DNA\btdna.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\DAEMON Tools Lite\DTLite.exe
    D:\Program Files\Logitech\SetPoint\SetPoint.exe
    D:\Program Files\iPod\bin\iPodService.exe
    J:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    J:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    J:\WINDOWS\system32\msiexec.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    J:\WINDOWS\system32\wbem\wmiapsrv.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    J:\Program Files\NOS\bin\getPlusPlus_Adobe.exe
    J:\WINDOWS\system32\DllHost.exe
    J:\WINDOWS\System32\svchost.exe
    D:\RSIT.exe
    D:\Benjamin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SSBkgdUpdate] J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] D:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE J:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE J:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "J:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "J:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI" TRANSFORMS="J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - J:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service Google Update (gupdate1c9d1c1320c0874) (gupdate1c9d1c1320c0874) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Liuhid - Unknown owner - (no file)
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - J:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - J:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

    --
    End of file - 9975 bytes

    ======Scheduled tasks folder======

    J:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    J:\WINDOWS\tasks\AppleSoftwareUpdate.job
    J:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    J:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    J:\WINDOWS\tasks\User_Feed_Synchronization-{D8596180-D321-41B4-9308-E54E2DE916FA}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - J:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - D:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - J:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-29 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-29 79648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    Locked

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SSBkgdUpdate"=J:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
    "PaperPort PTD"=D:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-03-10 57393]
    "IndexSearch"=D:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-03-10 40960]
    "ControlCenter2.0"=D:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-01-07 864256]
    "Kernel and Hardware Abstraction Layer"=J:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
    "NWEReboot"= []
    "NeroFilterCheck"=J:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "ISUSPM Startup"=J:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup []
    "ISUSScheduler"=J:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
    "nod32kui"=D:\Program Files\Eset\nod32kui.exe [2009-05-11 949376]
    "Ad-Watch"=D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-09-21 520024]
    "QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
    "NvCplDaemon"=J:\WINDOWS\system32\NvCpl.dll [2009-04-30 13750272]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=J:\WINDOWS\system32\NvMcTray.dll [2009-04-30 86016]
    "RTHDCPL"=J:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
    "Alcmtr"=J:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
    "SunJavaUpdateSched"=J:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-01-11 246504]
    "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
    "Adobe ARM"=J:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=J:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=J:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
    "BitTorrent DNA"=J:\Program Files\DNA\btdna.exe [2009-11-13 323392]
    "AlcoholAutomount"=D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203416]
    "MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
    "DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI TRANSFORMS=J:\Program Files\Fichiers communs\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST WISE_SETUP_EXE_PATH=d:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe []

    J:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - J:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Logitech SetPoint.lnk - D:\Program Files\Logitech\SetPoint\SetPoint.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    j:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-18 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    J:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - J:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "D:\Program Files\ma-config.com\maconfservice.exe"="D:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.08"
    "D:\Program Files\BitTorrent\bittorrent.exe"="D:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "D:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="D:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
    "J:\Program Files\DNA\btdna.exe"="J:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "J:\Program Files\ma-config.com\maconfservice.exe"="J:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "D:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe"="D:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher"
    "D:\Program Files\Electronic Arts\BattleForge\BattleForge.exe"="D:\Program Files\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed5ea0a7-3d8b-11de-84d1-806d6172696f}]
    shell\AutoRun\command - L:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2010-01-29 01:30:57 ----SHD---- J:\Config.Msi
    2010-01-29 01:29:07 ----D---- J:\Program Files\NOS
    2010-01-29 01:28:38 ----D---- J:\Documents and Settings\All Users\Application Data\Sun
    2010-01-29 01:28:36 ----D---- J:\Program Files\Fichiers communs\Java
    2010-01-29 01:28:21 ----A---- J:\WINDOWS\system32\javaws.exe
    2010-01-29 01:28:21 ----A---- J:\WINDOWS\system32\javaw.exe
    2010-01-29 01:28:20 ----A---- J:\WINDOWS\system32\java.exe
    2010-01-28 11:25:45 ----D---- J:\_OTM
    2010-01-27 14:24:36 ----D---- J:\rsit
    2010-01-22 02:33:06 ----A---- J:\WINDOWS\system32\xfcodec.dll
    2010-01-19 18:10:23 ----D---- J:\Documents and Settings\Benjamin\Application Data\TS3Client
    2010-01-17 12:06:54 ----D---- J:\Documents and Settings\All Users\Application Data\Macrovision
    2010-01-17 12:06:51 ----D---- J:\Program Files\Fichiers communs\Adobe Systems Shared
    2010-01-16 20:39:01 ----D---- J:\Documents and Settings\Benjamin\Application Data\Xfire
    2010-01-14 17:33:30 ----HDC---- J:\WINDOWS\$NtUninstallKB955759$
    2010-01-14 17:33:20 ----HDC---- J:\WINDOWS\$NtUninstallKB972270$
    2010-01-09 18:21:25 ----D---- J:\Documents and Settings\Benjamin\Application Data\Black Sea Studios
    2010-01-09 01:46:33 ----D---- J:\Documents and Settings\Benjamin\Application Data\mIRC
    2010-01-08 21:15:08 ----A---- J:\WINDOWS\system32\CmdLineExt03.dll

    ======List of files/folders modified in the last 1 months======

    2010-01-29 01:32:18 ----SHD---- J:\WINDOWS\Installer
    2010-01-29 01:31:50 ----D---- J:\Program Files\Fichiers communs\Adobe
    2010-01-29 01:31:49 ----D---- J:\Documents and Settings\All Users\Application Data\Adobe
    2010-01-29 01:31:33 ----D---- J:\WINDOWS\Temp
    2010-01-29 01:31:01 ----D---- J:\WINDOWS\Prefetch
    2010-01-29 01:30:39 ----D---- J:\WINDOWS\system32
    2010-01-29 01:29:14 ----D---- J:\Documents and Settings\All Users\Application Data\NOS
    2010-01-29 01:29:07 ----RD---- J:\Program Files
    2010-01-29 01:28:36 ----D---- J:\Program Files\Fichiers communs
    2010-01-29 01:28:08 ----A---- J:\WINDOWS\system32\deploytk.dll
    2010-01-29 01:26:44 ----D---- J:\Documents and Settings\Benjamin\Application Data\DNA
    2010-01-29 01:09:08 ----D---- J:\Documents and Settings\Benjamin\Application Data\vlc
    2010-01-28 20:53:00 ----A---- J:\WINDOWS\SchedLgU.Txt
    2010-01-28 11:35:21 ----D---- J:\Program Files\DNA
    2010-01-28 11:26:16 ----AD---- J:\WINDOWS
    2010-01-28 11:25:45 ----SD---- J:\WINDOWS\Tasks
    2010-01-27 23:15:52 ----D---- J:\Documents and Settings\Benjamin\Application Data\dvdcss
    2010-01-27 15:18:04 ----HDC---- J:\WINDOWS\$NtUninstallKB943460$
    2010-01-27 15:18:04 ----D---- J:\WINDOWS\system32\drivers
    2010-01-27 12:03:16 ----A---- J:\WINDOWS\win.ini
    2010-01-27 06:20:55 ----A---- J:\WINDOWS\system32\PerfStringBackup.INI
    2010-01-24 20:13:58 ----D---- J:\Documents and Settings\Benjamin\Application Data\Adobe
    2010-01-23 02:59:44 ----HD---- J:\WINDOWS\inf
    2010-01-23 02:59:33 ----RSHDC---- J:\WINDOWS\system32\dllcache
    2010-01-23 02:59:31 ----D---- J:\Program Files\Internet Explorer
    2010-01-23 02:58:56 ----HD---- J:\WINDOWS\$hf_mig$
    2010-01-23 02:58:54 ----D---- J:\WINDOWS\system32\CatRoot2
    2010-01-23 00:21:12 ----HD---- J:\Program Files\InstallShield Installation Information
    2010-01-18 10:15:18 ----D---- J:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2010-01-14 17:35:18 ----D---- J:\WINDOWS\AppPatch
    2010-01-14 17:33:38 ----A---- J:\WINDOWS\imsins.BAK
    2010-01-13 19:01:05 ----A---- J:\WINDOWS\BRWMARK.INI
    2010-01-08 20:51:34 ----D---- J:\Documents and Settings\Benjamin\Application Data\BitTorrent
    2010-01-05 01:17:46 ----A---- J:\WINDOWS\system32\MRT.exe
    2010-01-01 15:39:28 ----D---- J:\WINDOWS\WinSxS
    2010-01-01 15:39:28 ----D---- J:\Program Files\Fichiers communs\Microsoft Shared
    2010-01-01 15:35:35 ----SD---- J:\Documents and Settings\All Users\Application Data\Microsoft
    2010-01-01 15:35:20 ----D---- J:\WINDOWS\system32\DirectX

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; J:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
    R1 kbdhid;Pilote HID de clavier; J:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
    R1 nod32drv;nod32drv; J:\WINDOWS\system32\drivers\nod32drv.sys [2009-05-11 15424]
    R1 vmm;Virtual Machine Monitor; \??\J:\WINDOWS\system32\Drivers\vmm.sys []
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; J:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 AMON;AMON; J:\WINDOWS\system32\drivers\amon.sys [2009-05-11 512096]
    R2 atksgt;atksgt; J:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-24 279712]
    R2 LBeepKE;LBeepKE; J:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-18 10384]
    R2 lirsgt;lirsgt; J:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-24 25888]
    R3 BrScnUsb;Brother USB Still Image driver; J:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; J:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 hamachi;Hamachi Network Interface; J:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; J:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 hidusb;Pilote de classe HID Microsoft; J:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); J:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; J:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; J:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    R3 mouhid;Pilote HID de souris; J:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; J:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; J:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; J:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
    R3 usbccgp;Pilote parent générique USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; J:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Concentrateur USB2; J:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
    R3 usbprint;Classe d'imprimantes USB Microsoft; J:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    R3 usbstor;Pilote de stockage de masse USB; J:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 VPCNetS2;Virtual Machine Network Services Driver; J:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
    R3 Wdf01000;Wdf01000; J:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S3 an64t311;an64t311; J:\WINDOWS\system32\drivers\an64t311.sys []
    S3 aore5tjl;aore5tjl; J:\WINDOWS\system32\drivers\aore5tjl.sys []
    S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 Jukebox3;Jukebox3; J:\WINDOWS\system32\DRIVERS\ctpdusb.sys [2005-01-27 16912]
    S3 VClone;VClone; J:\WINDOWS\system32\DRIVERS\VClone.sys []
    S3 WpdUsb;WpdUsb; J:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; J:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; J:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; J:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
    R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; J:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
    R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-01-29 153376]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-21 1028432]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; J:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-09-24 61440]
    R2 NOD32krn;NOD32 Kernel Service; D:\Program Files\Eset\nod32krn.exe [2009-05-11 552064]
    R2 nvsvc;NVIDIA Display Driver Service; J:\WINDOWS\system32\nvsvc32.exe [2009-04-30 168004]
    R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; J:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
    R3 getPlusHelper;getPlus(R) Helper; J:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
    R3 iPod Service;Service de l’iPod; D:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 gupdate1c9d1c1320c0874;Service Google Update (gupdate1c9d1c1320c0874); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-10 133104]
    S3 Adobe LM Service;Adobe LM Service; J:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-01-17 68096]
    S3 aspnet_state;ASP.NET State Service; J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; J:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; J:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 idsvc;Windows CardSpace; J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 LBTServ;Logitech Bluetooth Service; J:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2009-02-18 121360]
    S3 maconfservice;Ma-Config Service; J:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 odserv;Microsoft Office Diagnostics Service; J:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; J:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WLSetupSvc;Windows Live Setup Service; D:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; J:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    a b 9 Windows
    29 Janvier 2010 02:06:26

    Plus de souci ?
    29 Janvier 2010 12:55:21

    Non plus aucun problème, merci beaucoup :) 
    a c 296 8 Sécurité
    a b 9 Windows
    29 Janvier 2010 23:40:31

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS