Se connecter / S'enregistrer
Votre question

Virus HELP...

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Janvier 2010 08:16:29

Bonjour a tous,

Voici mon problème, j'ai été infecté par un virus suite au fait que je devais renouveler mon abonnement pour l'antivirus mais je ne suis pas assez bon pour reparer cela.
Suite à ce virus, mon pc demarre me demande mon mon de passe à l'invit utilisateur puis ensuite j'ai un ecran noir plus de fond, plus de bureau uniquement la souris et pas d'actions si ce n'est le gestionnaire de tache.
voici un rapport hijackthis et merci pour votre aide.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Jeje at 2010-01-06 08:06:09
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 2 GB (10%) free of 19 GB
Total RAM: 3071 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:06:23, on 06/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jeje\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\Jeje.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
F2 - REG:system.ini: Shell=
O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O1 - Hosts: 65.75.216.6 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
O1 - Hosts: 205.238.40.54 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
O1 - Hosts: 65.75.216.6 test0.winmxgroup.net test5.winmxgroup.net
O1 - Hosts: 65.75.216.7 test1.winmxgroup.net test6.winmxgroup.net
O1 - Hosts: 82.43.229.238 test2.winmxgroup.net
O1 - Hosts: 205.238.40.1 test3.winmxgroup.net
O1 - Hosts: 205.238.40.2 test4.winmxgroup.net
O1 - Hosts: 65.75.216.6 cache0.winmxgroup.com cache5.winmxgroup.com cache0.winmxgroup.net cache5.winmxgroup.net cache10.winmxgroup.net cache15.winmxgroup.net
O1 - Hosts: 65.75.216.7 cache1.winmxgroup.com cache6.winmxgroup.com cache1.winmxgroup.net cache6.winmxgroup.net cache11.winmxgroup.net cache16.winmxgroup.net
O1 - Hosts: 82.43.229.238 cache2.winmxgroup.com cache7.winmxgroup.com cache2.winmxgroup.net cache7.winmxgroup.net cache12.winmxgroup.net cache17.winmxgroup.net
O1 - Hosts: 205.238.40.1 cache3.winmxgroup.com cache8.winmxgroup.com cache3.winmxgroup.net cache8.winmxgroup.net cache13.winmxgroup.net cache18.winmxgroup.net
O1 - Hosts: 205.238.40.2 cache4.winmxgroup.com cache9.winmxgroup.com cache4.winmxgroup.net cache9.winmxgroup.net cache14.winmxgroup.net cache19.winmxgroup.net
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\progra~1\fichie~1\instal~1\update~1\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\RunOnce: [tmp257614312] cmd /Q /C "C:\WINDOWS\tmp257614312.bat"
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [LREC75DND7] C:\DOCUME~1\Jeje\LOCALS~1\Temp\d.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: QuickMonth Calendar.lnk = C:\WINDOWS\qmc.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {01232355-5C70-455B-B33E-A62433F3B77F} (WebCamX Control) - http://82.122.236.219:48841/WebCamX.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://81.252.25.161/Remote/msrdp.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/fr/Prg/ESTPTe...
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B13B9FB-C951-4C88-B95A-DA6A5DB918CE}: NameServer = 212.27.53.252,212.27.54.252
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: BvrpKrnl - Unknown owner - (no file)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 17529 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Norton Internet Security - Analyse système complète - Jeje.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\Recherche de problèmes automatique.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-04-23 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL [2009-10-01 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-16 13680640]
"nwiz"=nwiz.exe /install []
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-11-21 813912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-03-18 282624]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-16 86016]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"ISUSScheduler"=C:\progra~1\fichie~1\instal~1\update~1\issch.exe [2004-08-09 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-23 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-10-11 31232]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tmp257614312"=cmd /Q /C C:\WINDOWS\tmp257614312.bat []
"*Restore"=C:\WINDOWS\system32\restore\rstrui.exe [2008-04-14 384512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-09 323392]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
"LREC75DND7"=C:\DOCUME~1\Jeje\LOCALS~1\Temp\d.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe [2009-10-13 41864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

C:\Documents and Settings\Jeje\Menu Démarrer\Programmes\Démarrage
QuickMonth Calendar.lnk - C:\WINDOWS\qmc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2010-01-06 08:06:12 ----D---- C:\Program Files\trend micro
2010-01-06 08:06:09 ----D---- C:\rsit
2010-01-05 19:09:17 ----D---- C:\Program Files\Panda Security
2010-01-05 12:36:30 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-05 12:17:43 ----A---- C:\WINDOWS\system32\sshnas.dll
2010-01-05 12:11:02 ----A---- C:\WINDOWS\tmp257614312.bat
2009-12-19 18:34:15 ----D---- C:\Program Files\Symantec
2009-12-19 18:34:15 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-12-19 18:32:48 ----D---- C:\Program Files\Windows Sidebar
2009-12-19 18:32:42 ----D---- C:\Program Files\Norton Internet Security
2009-12-19 18:27:25 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2009-12-19 18:27:06 ----D---- C:\Program Files\NortonInstaller
2009-12-19 18:27:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-12-19 18:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-12-18 11:42:17 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-12-15 11:07:21 ----D---- C:\Program Files\OpenXML-ODF Translator
2009-12-15 11:06:25 ----D---- C:\Program Files\MSECache
2009-12-10 11:59:57 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2009-12-10 11:59:47 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-12-10 11:59:11 ----D---- C:\Program Files\TuneUp Utilities 2010
2009-12-10 11:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-12-10 11:58:50 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-09 09:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-06 08:06:15 ----D---- C:\WINDOWS\Prefetch
2010-01-06 08:06:12 ----D---- C:\Program Files
2010-01-06 08:06:11 ----D---- C:\WINDOWS\Temp
2010-01-06 07:57:54 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 07:44:35 ----D---- C:\WINDOWS
2010-01-05 23:51:05 ----SHD---- C:\System Volume Information
2010-01-05 23:49:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-05 23:49:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-05 23:28:01 ----SD---- C:\WINDOWS\Tasks
2010-01-05 21:06:39 ----D---- C:\WINDOWS\system32\drivers
2010-01-05 19:09:49 ----HD---- C:\WINDOWS\inf
2010-01-05 13:15:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-05 12:29:49 ----D---- C:\WINDOWS\system32
2010-01-05 12:28:28 ----D---- C:\Documents and Settings\Jeje\Application Data\DNA
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\svchost.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\services.exe
2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\lsass.exe
2010-01-02 12:38:55 ----D---- C:\Program Files\DNA
2009-12-26 13:56:36 ----D---- C:\Documents and Settings\Jeje\Application Data\Skype
2009-12-26 13:32:19 ----D---- C:\Program Files\Tomtomax Maxi-Box
2009-12-24 11:49:43 ----A---- C:\WINDOWS\win.ini
2009-12-22 12:01:39 ----SHD---- C:\WINDOWS\Installer
2009-12-22 11:09:21 ----D---- C:\Documents and Settings\Jeje\Application Data\DMCache
2009-12-21 19:53:34 ----SHD---- C:\WINDOWS\CSC
2009-12-19 18:31:14 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-12-19 17:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-12-19 17:03:26 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-12-19 17:03:24 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-12-19 17:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-12-19 17:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-12-19 17:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-12-19 17:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-12-19 17:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-12-19 17:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-12-19 17:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
2009-12-19 17:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-12-19 17:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-19 17:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-12-19 17:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-19 17:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-12-19 17:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-12-19 17:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-19 17:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-19 17:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-19 17:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-12-19 17:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-19 17:02:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-12-18 12:01:05 ----D---- C:\Program Files\Fichiers communs
2009-12-18 11:31:40 ----D---- C:\WINDOWS\Debug
2009-12-18 10:59:45 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-17 10:36:39 ----D---- C:\Documents and Settings\Jeje\Application Data\UseNeXT
2009-12-17 10:23:43 ----D---- C:\Program Files\eMule
2009-12-15 15:27:45 ----A---- C:\WINDOWS\ModemLog_Olitec SmartMemory 56000 V90 & K56 PnP.txt
2009-12-15 12:05:40 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-15 11:08:34 ----RSD---- C:\WINDOWS\assembly
2009-12-15 11:08:15 ----SD---- C:\Documents and Settings\Jeje\Application Data\Microsoft
2009-12-15 11:06:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-12-15 11:06:43 ----RSD---- C:\WINDOWS\Fonts
2009-12-15 11:06:35 ----D---- C:\Program Files\Microsoft Office
2009-12-15 10:32:10 ----A---- C:\WINDOWS\ModemLog_Olitec Smart Memory 56000 V90 & K56.txt
2009-12-15 10:23:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-15 10:09:22 ----A---- C:\WINDOWS\wgedit.ini
2009-12-10 11:58:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-12-09 09:32:50 ----D---- C:\Program Files\Internet Explorer
2009-12-09 09:32:28 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-08 19:32:47 ----D---- C:\Program Files\WinPhone eXPert

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1101000.013\ccHPx86.sys [2009-10-20 501888]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSP.SYS [2009-10-09 325168]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSPX.SYS [2009-10-09 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\Ironx86.SYS [2009-10-09 114736]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMTDI.SYS [2009-10-15 361520]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-02-08 278984]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-02-08 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-06 4755968]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-07-13 171008]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVEX15.SYS []
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-16 6305120]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-07 21760]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-12-09 296448]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 avtzvuko;avtzvuko; C:\WINDOWS\system32\drivers\avtzvuko.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\drivers\BT.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hcdriver;Intel EHCI Compliance Test Tool Device Driver; C:\WINDOWS\system32\DRIVERS\hcdriver.sys [2006-11-20 50432]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nocashio;nocashio; C:\WINDOWS\system32\drivers\nocashio.sys [2009-06-30 4096]
S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SPC500NC;Philips SPC500NC Webcam; C:\WINDOWS\system32\DRIVERS\SPC500NC.SYS [2007-06-21 409600]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Driver Programmateur USB COGELEC; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\drivers\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\system32\drivers\VcommMgr.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2007-10-11 51712]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2010-01-05 16896]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-12-18 9158656]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [2009-10-20 126392]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-16 163908]
R2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2010-01-05 16896]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-13 1021256]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-10 435016]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Autres pages sur : virus help

a c 295 8 Sécurité
6 Janvier 2010 08:34:42

Bonjour,

Dans le gestionnaire des tâches, va dans Fichier > Nouvelle tâche > Tape explorer et valide.
6 Janvier 2010 08:38:20

message d'erreur, Il ne trouve pas le fichier
Contenus similaires
a c 295 8 Sécurité
6 Janvier 2010 08:49:25

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    6 Janvier 2010 10:08:00

    Voila le rapport de combofix ca à été laborieux par contre a la fin une fois le log fait windows m'indique ne pas trouver explorer dans c:/......etc
    <Merci a vous


    ComboFix 10-01-04.01 - Jeje 06/01/2010 9:57.2.2 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2517 [GMT 1:00]
    Lancé depuis: c:\documents and settings\Jeje\Mes documents\Téléchargements\ComboFix.exe
    AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    .
    /wow section - STAGE 32A


    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Exécution préalable -------
    .
    c:\docume~1\Jeje\LOCALS~1\Temp\sshnas.dll
    c:\program files\pdfforge Toolbar\SearchSettings.dll
    C:\Thumbs.db
    c:\windows\Fonts\mskntbb.sys
    c:\windows\system32\kr_done1
    c:\windows\system32\sshnas.dll
    c:\windows\system32\winspool.dll
    c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
    c:\windows\unins000.dat
    c:\windows\unins000.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_SSHNAS
    -------\Service_SSHNAS


    ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-06 au 2010-01-06 ))))))))))))))))))))))))))))))))))))
    .

    2010-01-06 07:06 . 2010-01-06 07:06 -------- d-----w- c:\program files\trend micro
    2010-01-06 07:06 . 2010-01-06 07:06 -------- d-----w- C:\rsit
    2010-01-06 06:03 . 2009-12-19 17:52 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVENG.SYS
    2010-01-06 06:03 . 2009-12-19 17:52 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\EECTRL.SYS
    2010-01-06 06:03 . 2009-12-19 17:52 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\CCERASER.DLL
    2010-01-06 06:03 . 2009-12-19 17:52 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\ECMSVR32.DLL
    2010-01-06 06:03 . 2009-12-19 17:52 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVENG32.DLL
    2010-01-06 06:03 . 2009-12-19 17:52 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVEX32A.DLL
    2010-01-06 06:03 . 2009-12-19 17:52 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\NAVEX15.SYS
    2010-01-06 06:03 . 2009-12-19 17:52 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.036\ERASER.SYS
    2010-01-05 23:02 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSvix86.sys
    2010-01-05 23:02 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSXpx86.sys
    2010-01-05 23:02 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\Scxpx86.dll
    2010-01-05 23:02 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.dll
    2010-01-05 23:02 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSviA64.sys
    2010-01-05 18:10 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
    2010-01-05 18:09 . 2010-01-05 18:09 -------- d-----w- c:\program files\Panda Security
    2010-01-05 12:35 . 2010-01-05 12:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\QuickScan
    2010-01-05 12:35 . 2010-01-02 23:26 789320 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\oelxv6bg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    2010-01-05 12:35 . 2010-01-02 23:26 697672 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\oelxv6bg.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
    2010-01-05 12:27 . 2010-01-05 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Search Settings
    2010-01-05 12:27 . 2010-01-05 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\pdfforge
    2010-01-05 12:24 . 2010-01-05 12:24 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
    2009-12-19 18:35 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSvix86.sys
    2009-12-19 18:35 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSXpx86.sys
    2009-12-19 18:35 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\Scxpx86.dll
    2009-12-19 18:35 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSxpx86.dll
    2009-12-19 18:35 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091217.002\IDSviA64.sys
    2009-12-19 17:35 . 2009-10-29 02:31 784752 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\components\coFFPlgn.dll
    2009-12-19 17:34 . 2009-10-01 09:19 164216 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\components\IPSFFPl.dll
    2009-12-19 17:34 . 2009-12-19 17:34 -------- d-----w- c:\program files\Symantec
    2009-12-19 17:34 . 2009-12-19 17:34 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2009-12-19 17:34 . 2009-12-19 17:34 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2009-12-19 17:33 . 2009-10-05 17:34 929648 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\OCS\hsplayer.dll
    2009-12-19 17:33 . 2009-11-07 01:10 893808 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\CLT\cltLMSx.dll
    2009-12-19 17:32 . 2009-12-19 17:32 -------- d-----w- c:\windows\system32\drivers\NIS
    2009-12-19 17:32 . 2009-12-19 17:32 -------- d-----w- c:\program files\Windows Sidebar
    2009-12-19 17:32 . 2009-12-19 17:32 -------- d-----w- c:\program files\Norton Internet Security
    2009-12-19 17:27 . 2009-12-19 17:27 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings
    2009-12-19 17:27 . 2009-12-19 17:27 -------- d-----w- c:\program files\NortonInstaller
    2009-12-19 17:27 . 2009-12-19 17:27 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
    2009-12-19 17:13 . 2009-12-19 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
    2009-12-18 10:42 . 2009-12-19 17:46 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
    2009-12-15 10:07 . 2009-12-15 10:07 -------- d-----w- c:\program files\OpenXML-ODF Translator
    2009-12-15 10:06 . 2009-12-15 10:06 -------- d-----w- c:\program files\MSECache
    2009-12-12 10:00 . 2009-12-12 10:00 -------- d-----w- c:\documents and settings\LocalService\Bureau
    2009-12-10 12:00 . 2009-12-10 12:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
    2009-12-10 10:59 . 2009-11-13 11:00 29512 ----a-w- c:\windows\system32\TURegOpt.exe
    2009-12-10 10:59 . 2009-11-13 10:53 30024 ----a-w- c:\windows\system32\uxtuneup.dll
    2009-12-10 10:59 . 2009-12-10 10:59 -------- d-----w- c:\program files\TuneUp Utilities 2010
    2009-12-10 10:58 . 2009-12-10 10:59 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
    2009-12-10 10:58 . 2009-12-10 10:58 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-01-06 08:44 . 2009-12-02 15:40 -------- d-----w- c:\program files\pdfforge Toolbar
    2010-01-05 11:28 . 2009-08-11 20:45 -------- d-----w- c:\documents and settings\Jeje\Application Data\DNA
    2010-01-05 11:22 . 2004-08-05 12:00 58368 ----a-w- c:\windows\system32\spoolsv.exe
    2010-01-05 11:22 . 2004-08-05 12:00 16896 ----a-w- c:\windows\system32\svchost.exe
    2010-01-05 11:22 . 2004-08-05 12:00 14336 ----a-w- c:\windows\system32\lsass.exe
    2010-01-05 11:22 . 2004-08-05 12:00 112640 ----a-w- c:\windows\system32\services.exe
    2010-01-02 11:38 . 2009-08-11 20:45 -------- d-----w- c:\program files\DNA
    2009-12-26 12:56 . 2007-09-18 13:04 -------- d-----w- c:\documents and settings\Jeje\Application Data\Skype
    2009-12-26 12:32 . 2008-12-17 09:46 -------- d-----w- c:\program files\Tomtomax Maxi-Box
    2009-12-22 10:09 . 2008-01-31 07:30 -------- d-----w- c:\documents and settings\Jeje\Application Data\DMCache
    2009-12-19 17:34 . 2009-12-19 17:34 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
    2009-12-19 17:34 . 2009-12-19 17:34 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
    2009-12-19 17:31 . 2007-09-16 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
    2009-12-18 09:59 . 2007-09-17 10:36 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-12-17 09:36 . 2008-03-04 10:10 -------- d-----w- c:\documents and settings\Jeje\Application Data\UseNeXT
    2009-12-17 09:23 . 2007-09-20 15:40 -------- d-----w- c:\program files\eMule
    2009-12-15 14:26 . 2009-11-04 23:40 1024 ----a-w- c:\documents and settings\All Users\Application Data\BVRP Software\WinPhone eXPert\faxres.cmd
    2009-12-15 10:07 . 2007-09-24 13:46 67008 ----a-w- c:\documents and settings\Jeje\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-12-15 09:23 . 2004-08-05 12:00 92572 ----a-w- c:\windows\system32\perfc00C.dat
    2009-12-15 09:23 . 2004-08-05 12:00 527702 ----a-w- c:\windows\system32\perfh00C.dat
    2009-12-10 10:58 . 2007-10-30 17:46 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
    2009-12-08 18:32 . 2009-11-04 23:37 -------- d-----w- c:\program files\WinPhone eXPert
    2009-12-05 04:54 . 2009-12-05 04:54 529456 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys
    2009-12-05 04:54 . 2009-12-05 04:54 201616 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHRules.dll
    2009-12-05 04:54 . 2009-12-05 04:54 1405840 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHEngine.dll
    2009-12-05 04:54 . 2009-12-05 04:54 668720 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx64.sys
    2009-12-05 04:54 . 2009-12-05 04:54 610704 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\bbRGen.dll
    2009-12-04 13:51 . 2009-12-04 13:51 -------- d-----w- c:\program files\UseNeXT
    2009-12-03 21:41 . 2009-07-25 09:07 -------- d-----w- c:\program files\HomePlayer
    2009-12-02 15:55 . 2009-12-02 15:55 -------- d-----w- c:\documents and settings\Jeje\Application Data\Search Settings
    2009-12-02 15:55 . 2009-12-02 15:55 -------- d-----w- c:\documents and settings\Jeje\Application Data\pdfforge
    2009-12-02 15:41 . 2009-12-02 15:40 -------- d-----w- c:\program files\PDFCreator
    2009-11-27 13:56 . 2009-11-27 13:55 -------- d-----w- c:\documents and settings\Jeje\Application Data\Panasonic
    2009-11-27 13:48 . 2009-11-27 13:48 -------- d-----w- c:\program files\Panasonic
    2009-11-27 13:47 . 2008-09-03 14:26 -------- d-----w- c:\documents and settings\Jeje\Application Data\ArcSoft
    2009-11-27 13:44 . 2008-09-03 14:24 -------- d-----w- c:\program files\Fichiers communs\ArcSoft
    2009-11-27 13:43 . 2009-11-27 13:43 -------- d-----w- c:\program files\ArcSoft
    2009-11-27 13:42 . 2009-11-27 13:42 -------- d-----w- c:\documents and settings\Jeje\Application Data\InstallShield
    2009-11-24 14:19 . 2008-07-26 12:16 -------- d-----w- c:\documents and settings\Jeje\Application Data\IDM
    2009-11-22 15:37 . 2009-07-29 12:52 921632 ----a-w- C:\SPC500NC.DAT
    2009-11-19 10:48 . 2009-11-24 13:34 872960 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    2009-11-19 10:48 . 2009-11-24 13:34 43008 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
    2009-11-19 10:48 . 2009-11-24 13:34 340480 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
    2009-11-19 10:48 . 2009-11-24 13:34 346624 ----a-w- c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
    2009-11-19 05:12 . 2007-10-07 09:22 664 ----a-w- c:\windows\system32\d3d9caps.dat
    2009-11-16 09:29 . 2009-11-16 09:29 -------- d-----w- c:\documents and settings\IWAM_ASP.PCFIXE\Application Data\Jasc Software Inc
    2009-11-13 22:00 . 2009-11-12 16:49 -------- d-----w- c:\documents and settings\Jeje\Application Data\Canon
    2009-11-12 16:50 . 2009-11-12 16:50 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJScan
    2009-11-12 16:21 . 2009-11-12 16:21 -------- d-----w- c:\documents and settings\Jeje\Application Data\CD-LabelPrint
    2009-11-12 16:17 . 2009-11-12 16:17 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJEGV
    2009-11-12 16:05 . 2009-11-12 15:51 -------- d-----w- c:\program files\Canon
    2009-11-12 16:04 . 2009-11-12 16:04 -------- d-----w- c:\program files\Fichiers communs\CANON
    2009-11-12 15:54 . 2009-11-12 15:54 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
    2009-11-12 15:53 . 2009-11-12 15:53 -------- d--h--w- c:\program files\CanonBJ
    2009-11-11 07:20 . 2009-11-11 07:20 -------- d-----w- c:\documents and settings\IWAM_ASP\Application Data\Jasc Software Inc
    2009-11-10 10:46 . 2009-11-10 10:46 -------- d-----w- c:\program files\MXpie Patch
    2009-11-08 00:49 . 2009-11-08 00:49 -------- d-----w- c:\documents and settings\Jeje\Application Data\Camfrog
    2009-11-08 00:49 . 2009-11-08 00:49 -------- d-----w- c:\program files\Camfrog
    2009-11-04 07:50 . 2009-11-04 07:50 152576 ----a-w- c:\documents and settings\Jeje\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
    2009-11-01 22:26 . 2009-02-16 09:32 4045528 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2009-10-29 07:42 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSvix86.sys
    2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSXpx86.sys
    2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\Scxpx86.dll
    2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSxpx86.dll
    2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\BinHub\IDSviA64.sys
    2009-10-21 05:39 . 2004-08-05 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
    2009-10-21 05:39 . 2004-08-05 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
    2009-10-20 16:20 . 2004-08-05 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
    2009-10-13 10:33 . 2004-08-05 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
    2009-10-12 13:39 . 2004-08-05 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
    2009-10-12 13:39 . 2004-08-05 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
    2009-10-11 03:17 . 2008-12-05 15:51 411368 ----a-w- c:\windows\system32\deploytk.dll
    2006-05-03 09:06 . 2008-12-11 08:39 163328 --sh--r- c:\windows\system32\flvDX.dll
    2007-02-21 10:47 . 2008-12-11 08:39 31232 --sh--r- c:\windows\system32\msfDX.dll
    2008-03-16 12:30 . 2008-12-11 08:39 216064 --sh--r- c:\windows\system32\nbDX.dll
    .

    ------- Sigcheck -------

    [-] 2010-01-05 . AC9A15CB3C431468F43C1E0D5DCE3B0E . 14336 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
    [7] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe

    [-] 2010-01-05 . 072B6B7283C109F361A4414494B9043E . 112640 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
    [7] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
    [7] 2008-04-14 . 54CB50058851D95E56EC70D09F70857F . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

    [-] 2010-01-05 . 86CE8F09FA7DCADDFA31014FAC232AFB . 58368 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
    [7] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
    [-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

    [-] 2010-01-05 . D8B34FF3B2D3DA74CBE15610C9D9C06A . 16896 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
    [7] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe

    [7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
    [-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe

    c:\windows\explorer.exe ... manque !!
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
    2009-07-31 01:00 698880 ----a-w- c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll" [2009-07-31 698880]

    [HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-08 323392]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-20 68856]
    "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-16 13680640]
    "nwiz"="nwiz.exe" [2009-01-16 1657376]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 813912]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-18 282624]
    "RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-16 86016]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
    "ISUSScheduler"="c:\progra~1\fichie~1\instal~1\update~1\issch.exe" [2004-08-09 81920]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-23 1983816]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]
    "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232]
    "SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-07-29 1024512]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\Jeje\Menu D‚marrer\Programmes\D‚marrage\
    QuickMonth Calendar.lnk - c:\windows\qmc.exe [2007-10-16 218419]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
    2009-10-13 06:37 41864 ----a-w- c:\program files\Camfrog\Camfrog Video Chat\CamfrogNET.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2007-09-20 08:06 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
    "swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
    "SPC500NC_Monitor"=c:\windows\Philips\SPC500NC\Monitor.exe
    "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
    "c:\\Program Files\\DNA\\btdna.exe"=
    "c:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
    "c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:*:D isabled:@xpsp2res.dll,-22009

    R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [07/01/2009 22:39 20744]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [05/01/2010 19:10 28552]
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1101000.013\SymDS.sys [19/12/2009 18:33 328752]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1101000.013\SymEFA.sys [19/12/2009 18:33 171056]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys [05/12/2009 05:54 529456]
    R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1101000.013\cchpx86.sys [19/12/2009 18:33 501888]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1101000.013\Ironx86.sys [19/12/2009 18:33 114736]
    R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [19/12/2009 18:33 126392]
    R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [19/02/2009 11:23 14976]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [13/11/2009 11:57 1021256]
    R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [21/12/2009 02:27 102448]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSXpx86.sys [06/01/2010 00:02 329592]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 07:24 10064]
    S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26/09/2007 14:02 685816]
    S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [07/12/2008 11:44 30088]
    S3 BvrpKrnl;BvrpKrnl; [x]
    S3 hcdriver;Intel EHCI Compliance Test Tool Device Driver;c:\windows\system32\drivers\hcdriver.sys [13/04/2009 19:44 50432]
    S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02/07/2008 13:58 26248]
    S3 SPC500NC;Philips SPC500NC Webcam;c:\windows\system32\drivers\SPC500NC.SYS [21/06/2007 05:42 409600]
    .
    Contenu du dossier 'Tâches planifiées'
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
    IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
    IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    Trusted Zone: com.tw\asia.msi
    Trusted Zone: com.tw\global.msi
    Trusted Zone: com.tw\www.msi
    DPF: Microsoft XML Parser for Java
    DPF: {01232355-5C70-455B-B33E-A62433F3B77F} - hxxp://82.122.236.219:48841/WebCamX.cab
    DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} - hxxp://data.jeuxclassiques.com/npwwg.cab
    DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    FF - ProfilePath - c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\
    FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:o fficial
    FF - component: c:\documents and settings\Jeje\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
    FF - component: c:\documents and settings\Jeje\Application Data\Mozilla\Firefox\Profiles\9j9x330u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
    FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----

    FF - user.js: content.switch.threshold - 600000
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    AddRemove-QuickMonth Calendar_is1 - c:\windows\unins000.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-01-06 10:03
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.1.0.19\diMaster.dll\" /prefetch:1"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-436374069-1547161642-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:29,6c,d4,27,58,0b,5d,5d,94,52,f9,6a,2a,55,4b,c9,82,fe,cc,a7,75,79,79,
    38,25,5b,8b,03,20,0b,58,b1,08,d6,d0,6f,2b,26,22,85,a7,7b,82,30,00,79,7c,86,\
    "??"=hex:97,f3,ec,86,15,81,64,f6,85,37,6e,92,c0,9b,48,35

    [HKEY_USERS\S-1-5-21-436374069-1547161642-725345543-1003\Software\SecuROM\License information*]
    "datasecu"=hex:02,71,a0,85,35,76,56,47,62,c1,cf,a6,9f,fd,c1,c9,2c,81,7f,b3,a7,
    15,e6,97,53,b2,36,cd,3f,73,22,d6,3c,3e,eb,2e,e8,a6,0b,fe,3e,f8,1e,1b,54,0b,\
    "rkeysecu"=hex:5c,ee,16,b2,93,fe,06,c3,fb,3a,3b,ab,ee,9f,8d,73

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):44,4b,7e,b3,40,8d,01,96,e0,5f,24,73,79,2d,57,99,a9,8a,c4,c7,2e,
    57,68,0c,0a,bc,d4,21,19,65,b3,a1,f0,cd,03,4f,31,38,e5,33,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{882431ea-42a4-41f1-b70e-89e53d1e1d88}]
    @Denied: (Full) (Everyone)
    "Model"=dword:000000ac
    "Therad"=dword:00000015
    "MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
    4b,7b,ad,04,7a,b1,b5,76,9b,27,47,91,4b,35,e2,0d,3d,6d,ba,95,17,08,ab,09,bc,\

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    Heure de fin: 2010-01-06 10:05:32
    ComboFix-quarantined-files.txt 2010-01-06 09:05

    Avant-CF: 2 147 307 520 octets libres
    Après-CF: 2 106 814 464 octets libres

    - - End Of File - - 74F27EBBE81022CE219B63C19171004A
    a c 295 8 Sécurité
    6 Janvier 2010 10:29:22

    /!\ Seul jeje1967 peut suivre cette procédure /!\

    Désactive toute protection résidente (Antivirus...) !

    ---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

    KillAll::

    Folder::
    c:\documents and settings\Administrateur\Application Data\Search Settings
    c:\documents and settings\Jeje\Application Data\Search Settings

    FCOPY::
    c:\windows\ServicePackFiles\i386\explorer.exe|c:\windows\explorer.exe

    ---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

    - Colle (CTRL+V) le texte dans le Bloc-notes.
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer.
    - Quitte le Bloc-notes.

    ---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît, accepte.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
  • Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

    ;) 
    6 Janvier 2010 10:54:49

    Tout d'abord merci a toi destrio5
    par contre je ne peux pas faire ca car je n'ai pas de bureau en faitj'ai uniquement un ecran noir pas de de fond d'ecran, par de barre avec le menu demarrer par de clic gauche sur la souris rien que le déplacement de la souris ete le gestionnaire de tache qui me permet d'ouvrir des "taches".
    tout ce que je fais jusqu'a maintenant c'est via le gestionnaire.
    6 Janvier 2010 10:58:13

    de plus je voudrais indiquer que apparemment norton m'a détecté des virus et qu'il les a mis en quarantaine et ceci avant le log.
    cela peut il t'aider?
    as tu repéré encore un ou des virus?
    a c 295 8 Sécurité
    6 Janvier 2010 11:02:03

    Il faudrait copier-coller le fichier c:\windows\ServicePackFiles\i386\explorer.exe dans c:\windows\.
    6 Janvier 2010 11:08:36

    ok ca c'est fait
    a c 295 8 Sécurité
    6 Janvier 2010 11:10:03

    Redémarre le PC ou réessaie de lancer l'explorer.
    6 Janvier 2010 11:13:48

    j'ai cliquer sur explorer et mon bureau est revenu
    mais pour autant est ce que tout est réglé?????
    a c 295 8 Sécurité
    6 Janvier 2010 11:24:14

  • Désinstalle pdfforge Toolbar.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    6 Janvier 2010 12:14:05

    Malwarebytes' Anti-Malware 1.43
    Version de la base de données: 3499
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    06/01/2010 12:13:11
    mbam-log-2010-01-06 (12-13-08).txt

    Type de recherche: Examen rapide
    Eléments examinés: 139009
    Temps écoulé: 8 minute(s), 35 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\explorer.exe (Worm.AutoRun) -> No action taken.
    a c 295 8 Sécurité
    6 Janvier 2010 12:15:57

    Tu as supprimé l'infection trouvée ?
    6 Janvier 2010 12:38:00

    Ok donc j'ai supprimé l'infection.
    j'ai refait un malawarebytes examen rapide et il n"à rien trouvé.
    Est ce mon problème est réglé?
    a c 295 8 Sécurité
    6 Janvier 2010 12:39:46

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.

  • Poste le rapport info qui se trouve dans C:\Rsit.
    6 Janvier 2010 12:43:40

    Ok donc quarantaine MBAM supprimé.
    Voici le rapport RSIT

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Jeje at 2010-01-06 12:42:08
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 2 GB (10%) free of 19 GB
    Total RAM: 3071 MB (77% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:42:13, on 06/01/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    C:\WINDOWS\system32\bgsvcgen.exe
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\FolderSize\FolderSizeSvc.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\progra~1\fichie~1\instal~1\update~1\issch.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\qmc.exe
    C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Jeje\Mes documents\Téléchargements\RSIT.exe
    C:\Program Files\trend micro\Jeje.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com
    O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com
    O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
    O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
    O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
    O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com
    O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com
    O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
    O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
    O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
    O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
    O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
    O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
    O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
    O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
    O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
    O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
    O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
    O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
    O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
    O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
    O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
    O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
    O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
    O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
    O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
    O1 - Hosts: 205.238.40.2 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
    O1 - Hosts: 65.75.216.6 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
    O1 - Hosts: 205.238.40.54 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com
    O1 - Hosts: 65.75.216.6 test0.winmxgroup.net test5.winmxgroup.net
    O1 - Hosts: 65.75.216.7 test1.winmxgroup.net test6.winmxgroup.net
    O1 - Hosts: 82.43.229.238 test2.winmxgroup.net
    O1 - Hosts: 205.238.40.1 test3.winmxgroup.net
    O1 - Hosts: 205.238.40.2 test4.winmxgroup.net
    O1 - Hosts: 65.75.216.6 cache0.winmxgroup.com cache5.winmxgroup.com cache0.winmxgroup.net cache5.winmxgroup.net cache10.winmxgroup.net cache15.winmxgroup.net
    O1 - Hosts: 65.75.216.7 cache1.winmxgroup.com cache6.winmxgroup.com cache1.winmxgroup.net cache6.winmxgroup.net cache11.winmxgroup.net cache16.winmxgroup.net
    O1 - Hosts: 82.43.229.238 cache2.winmxgroup.com cache7.winmxgroup.com cache2.winmxgroup.net cache7.winmxgroup.net cache12.winmxgroup.net cache17.winmxgroup.net
    O1 - Hosts: 205.238.40.1 cache3.winmxgroup.com cache8.winmxgroup.com cache3.winmxgroup.net cache8.winmxgroup.net cache13.winmxgroup.net cache18.winmxgroup.net
    O1 - Hosts: 205.238.40.2 cache4.winmxgroup.com cache9.winmxgroup.com cache4.winmxgroup.net cache9.winmxgroup.net cache14.winmxgroup.net cache19.winmxgroup.net
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\progra~1\fichie~1\instal~1\update~1\issch.exe" -start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: QuickMonth Calendar.lnk = C:\WINDOWS\qmc.exe
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
    O15 - Trusted Zone: http://asia.msi.com.tw
    O15 - Trusted Zone: http://global.msi.com.tw
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {01232355-5C70-455B-B33E-A62433F3B77F} (WebCamX Control) - http://82.122.236.219:48841/WebCamX.cab
    O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://81.252.25.161/Remote/msrdp.cab
    O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/fr/Prg/ESTPTe...
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - http://liveupdate.msi.com.tw/autobios/LOnline/install.c...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CS2\Services\Tcpip\..\{0B13B9FB-C951-4C88-B95A-DA6A5DB918CE}: NameServer = 212.27.53.252,212.27.54.252
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
    O23 - Service: BvrpKrnl - Unknown owner - (no file)
    O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

    --
    End of file - 16939 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
    C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
    C:\WINDOWS\tasks\Norton Internet Security - Analyse système complète - Jeje.job
    C:\WINDOWS\tasks\OGALogon.job
    C:\WINDOWS\tasks\Recherche de problèmes automatique.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
    IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-01-08 95664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-04-23 1377576]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\IPSBHO.DLL [2009-10-01 79224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-25 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-28 263280]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.1.0.19\coIEPlg.dll [2009-10-29 392560]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-16 13680640]
    "nwiz"=nwiz.exe /install []
    "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]
    "itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-11-21 813912]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-03-18 282624]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-16 86016]
    "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
    "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
    "ISUSScheduler"=C:\progra~1\fichie~1\instal~1\update~1\issch.exe [2004-08-09 81920]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-23 1983816]
    "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]
    "ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-10-11 31232]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-09 323392]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
    C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe [2009-10-13 41864]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-20 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    C:\Documents and Settings\Jeje\Menu Démarrer\Programmes\Démarrage
    QuickMonth Calendar.lnk - C:\WINDOWS\qmc.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
    "C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======List of files/folders created in the last 1 months======

    2010-01-06 11:17:32 ----A---- C:\WINDOWS\explorer.exe
    2010-01-06 11:16:57 ----A---- C:\LISTING.TXT
    2010-01-06 10:58:09 ----A---- C:\WINDOWS\system32\uxtuneup.dll
    2010-01-06 10:57:05 ----SHD---- C:\Config.Msi
    2010-01-06 10:05:32 ----A---- C:\ComboFix.txt
    2010-01-06 09:40:09 ----A---- C:\Boot.bak
    2010-01-06 09:40:04 ----RASHD---- C:\cmdcons
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\zip.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\SWXCACLS.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\SWSC.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\SWREG.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\sed.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\PEV.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\NIRCMD.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\MBR.exe
    2010-01-06 09:32:12 ----A---- C:\WINDOWS\grep.exe
    2010-01-06 09:32:04 ----D---- C:\WINDOWS\ERDNT
    2010-01-06 09:20:57 ----D---- C:\Qoobox
    2010-01-06 08:06:12 ----D---- C:\Program Files\trend micro
    2010-01-06 08:06:09 ----D---- C:\rsit
    2010-01-05 19:09:17 ----D---- C:\Program Files\Panda Security
    2010-01-05 12:36:30 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-12-19 18:34:15 ----D---- C:\Program Files\Symantec
    2009-12-19 18:34:15 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
    2009-12-19 18:32:48 ----D---- C:\Program Files\Windows Sidebar
    2009-12-19 18:32:42 ----D---- C:\Program Files\Norton Internet Security
    2009-12-19 18:27:25 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
    2009-12-19 18:27:06 ----D---- C:\Program Files\NortonInstaller
    2009-12-19 18:27:06 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2009-12-19 18:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
    2009-12-18 11:42:17 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
    2009-12-15 11:07:21 ----D---- C:\Program Files\OpenXML-ODF Translator
    2009-12-15 11:06:25 ----D---- C:\Program Files\MSECache
    2009-12-10 11:59:57 ----A---- C:\WINDOWS\system32\TURegOpt.exe
    2009-12-10 11:59:11 ----D---- C:\Program Files\TuneUp Utilities 2010
    2009-12-10 11:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
    2009-12-10 11:58:50 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
    2009-12-09 09:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

    ======List of files/folders modified in the last 1 months======

    2010-01-06 12:36:31 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-06 12:33:34 ----D---- C:\Documents and Settings\Jeje\Application Data\DNA
    2010-01-06 12:28:19 ----D---- C:\WINDOWS\Temp
    2010-01-06 12:23:29 ----D---- C:\Program Files\DNA
    2010-01-06 12:22:06 ----D---- C:\WINDOWS
    2010-01-06 12:21:55 ----SHD---- C:\System Volume Information
    2010-01-06 12:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2010-01-06 12:21:17 ----D---- C:\WINDOWS\system32\drivers
    2010-01-06 12:20:49 ----A---- C:\WINDOWS\SchedLgU.Txt
    2010-01-06 11:54:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-01-06 11:36:39 ----SHD---- C:\WINDOWS\Installer
    2010-01-06 11:36:37 ----D---- C:\WINDOWS\WinSxS
    2010-01-06 11:36:14 ----D---- C:\Program Files
    2010-01-06 11:17:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2010-01-06 10:58:11 ----D---- C:\WINDOWS\system32\config
    2010-01-06 10:58:09 ----D---- C:\WINDOWS\system32
    2010-01-06 10:03:27 ----A---- C:\WINDOWS\system.ini
    2010-01-06 10:01:27 ----D---- C:\WINDOWS\AppPatch
    2010-01-06 10:01:17 ----D---- C:\Program Files\Fichiers communs
    2010-01-06 09:57:21 ----D---- C:\WINDOWS\system32\CatRoot2
    2010-01-06 09:44:41 ----SD---- C:\WINDOWS\Tasks
    2010-01-06 09:44:40 ----RSD---- C:\WINDOWS\Fonts
    2010-01-06 09:40:09 ----RASH---- C:\boot.ini
    2010-01-06 09:20:56 ----D---- C:\WINDOWS\Prefetch
    2010-01-05 19:09:49 ----HD---- C:\WINDOWS\inf
    2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\svchost.exe
    2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\spoolsv.exe
    2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\services.exe
    2010-01-05 12:22:48 ----A---- C:\WINDOWS\system32\lsass.exe
    2009-12-26 13:56:36 ----D---- C:\Documents and Settings\Jeje\Application Data\Skype
    2009-12-26 13:32:19 ----D---- C:\Program Files\Tomtomax Maxi-Box
    2009-12-24 11:49:43 ----A---- C:\WINDOWS\win.ini
    2009-12-22 11:09:21 ----D---- C:\Documents and Settings\Jeje\Application Data\DMCache
    2009-12-21 19:53:34 ----SHD---- C:\WINDOWS\CSC
    2009-12-19 18:31:14 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
    2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
    2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
    2009-12-19 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
    2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-12-19 17:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
    2009-12-19 17:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
    2009-12-19 17:03:26 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
    2009-12-19 17:03:24 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
    2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
    2009-12-19 17:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
    2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
    2009-12-19 17:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
    2009-12-19 17:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
    2009-12-19 17:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
    2009-12-19 17:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
    2009-12-19 17:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
    2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-12-19 17:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
    2009-12-19 17:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
    2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
    2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
    2009-12-19 17:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-12-19 17:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
    2009-12-19 17:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946627$
    2009-12-19 17:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
    2009-12-19 17:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
    2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2009-12-19 17:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
    2009-12-19 17:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2009-12-19 17:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
    2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-12-19 17:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-12-19 17:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-12-19 17:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
    2009-12-19 17:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-12-19 17:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-12-19 17:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-12-19 17:02:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-12-19 17:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
    2009-12-19 17:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
    2009-12-19 17:02:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-12-19 17:02:31 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-12-18 11:31:40 ----D---- C:\WINDOWS\Debug
    2009-12-18 10:59:45 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-17 10:36:39 ----D---- C:\Documents and Settings\Jeje\Application Data\UseNeXT
    2009-12-17 10:23:43 ----D---- C:\Program Files\eMule
    2009-12-15 15:27:45 ----A---- C:\WINDOWS\ModemLog_Olitec SmartMemory 56000 V90 & K56 PnP.txt
    2009-12-15 12:05:40 ----D---- C:\WINDOWS\Microsoft.NET
    2009-12-15 11:08:34 ----RSD---- C:\WINDOWS\assembly
    2009-12-15 11:08:15 ----SD---- C:\Documents and Settings\Jeje\Application Data\Microsoft
    2009-12-15 11:06:53 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-12-15 11:06:35 ----D---- C:\Program Files\Microsoft Office
    2009-12-15 10:32:10 ----A---- C:\WINDOWS\ModemLog_Olitec Smart Memory 56000 V90 & K56.txt
    2009-12-15 10:23:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-15 10:09:22 ----A---- C:\WINDOWS\wgedit.ini
    2009-12-10 11:58:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-12-09 09:32:50 ----D---- C:\Program Files\Internet Explorer
    2009-12-09 09:32:28 ----HD---- C:\WINDOWS\$hf_mig$
    2009-12-08 19:32:47 ----D---- C:\Program Files\WinPhone eXPert

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
    R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20091205.001\BHDrvx86.sys []
    R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1101000.013\ccHPx86.sys [2009-10-20 501888]
    R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
    R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSP.SYS [2009-10-09 325168]
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSPX.SYS [2009-10-09 43696]
    R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\Ironx86.SYS [2009-10-09 114736]
    R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\NIS\1101000.013\SYMTDI.SYS [2009-10-15 361520]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-02-08 278984]
    R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
    R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-02-08 25416]
    R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20091230.004\IDSxpx86.sys []
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-06 4755968]
    R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-07-13 171008]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.053\NAVENG.SYS []
    R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100105.053\NAVEX15.SYS []
    R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-16 6305120]
    R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-07 21760]
    R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-12-09 296448]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
    S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
    S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []
    S3 afwqpjan;afwqpjan; C:\WINDOWS\system32\drivers\afwqpjan.sys []
    S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
    S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\drivers\BT.sys []
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
    S3 catchme;catchme; \??\C:\DOCUME~1\Jeje\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 hcdriver;Intel EHCI Compliance Test Tool Device Driver; C:\WINDOWS\system32\DRIVERS\hcdriver.sys [2006-11-20 50432]
    S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 nocashio;nocashio; C:\WINDOWS\system32\drivers\nocashio.sys [2009-06-30 4096]
    S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SPC500NC;Philips SPC500NC Webcam; C:\WINDOWS\system32\DRIVERS\SPC500NC.SYS [2007-06-21 409600]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;Driver Programmateur USB COGELEC; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
    S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\drivers\VComm.sys []
    S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\system32\drivers\VcommMgr.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
    R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2007-10-11 51712]
    R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2010-01-05 16896]
    R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
    R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
    R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
    R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-12-18 9158656]
    R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe [2009-10-20 126392]
    R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-16 163908]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
    R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2010-01-05 16896]
    R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
    S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
    S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-06 435016]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    6 Janvier 2010 13:08:53

    Je m'absente.
    7 Janvier 2010 12:07:48

    je pensais que destrio5 terminerait son analyse avec moi mais .....
    ceci étant merci a destrio5 pour ces solutions.
    peut on m'indiquer au vu des rapports log si mon problème est fini ou si j'ai encore des choses a supprimer?
    merci d'avance
    a c 295 8 Sécurité
    7 Janvier 2010 17:15:15

  • Télécharge HostsXpert sur ton Bureau.
  • Décompresse-le (Clic droit >> Extraire ici).
  • Double-clique sur HostsXpert pour le lancer.
  • Clique sur le bouton Restore MS Hosts File puis ferme le programme.

    PS : Avant de cliquer sur le bouton Restore MS Hosts File, vérifie que le cadenas en haut à gauche soit ouvert sinon tu vas avoir un message d'erreur.

    Et pour le rapport info ?
    7 Janvier 2010 19:21:09

    ok donc HostsXpert c fait.
    En ce qui concerne le rapport info il est au dessus quand tu t absenté; il était déjà posté.
    Par contre, bon mon écran bureau est revenu avec la barre de menu "démarrer" mais par contre je ne peux pas ouvrir les dossiers en fait on dirait qu'il essaye d'ouvrir ca sous une fentre DOS avec command.com ?????
    a c 295 8 Sécurité
    7 Janvier 2010 19:28:46

    Non, c'est le rapport log et non info.
    7 Janvier 2010 20:25:46



    Ok autant pour excuse moi donc voici le rapport info.





    info.txt logfile of random's system information tool 1.06 2010-01-06 08:06:25

    ======Uninstall list======

    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    1-2-3 Schéma-->C:\WINDOWS\IsUn040c.exe -fc:\Hager\Taloha\Uninst.isu
    40000 lettres types & correspondance-->"C:\Program Files\Anuman Interactive\40000 lettres types & correspondance\unins000.exe"
    ABBYY PDF Transformer 1.0-->MsiExec.exe /I{4837718C-5B6E-4496-B283-FFFB5A937825}
    Access Password Recovery Master 1.0-->"C:\Program Files\Access Password Recovery Master\unins000.exe"
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    ArcSoft Software Suite-->C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe -runfromtemp -l0x040c -removeonly
    Camfrog Video Chat 5.3-->"C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
    Canon MP Navigator EX 3.0-->"C:\Program Files\Canon\MP Navigator EX 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 3.0\uninst.ini
    Canon MP640 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series
    Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
    Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
    Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
    CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
    Ciel Compta pour Windows-->C:\WINDOWS\unin040c.exe -fC:\CIEL\WCPTA\DeIsL1.isu
    Ciel Gestion Commerciale Evolution pour Windows-->C:\WINDOWS\unin040c.exe -fC:\CIEL\WGC\DeIsL1.isu
    Ciel Liasse Fiscale pour Windows-->C:\WINDOWS\unin040c.exe -fC:\CIEL\WLF\DeIsL1.isu
    City Life Deluxe-->D:\Jeux installés\CityLife\City Life Deluxe\uninst.exe
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    CureROM Pro 1.3.1-->C:\Program Files\CureROM\uninst.exe
    Diskeeper 2008 Pro Premier-->MsiExec.exe /X{4ECCF281-ED79-4EA7-AE89-5E39D3291C2A}
    DivX ;-) Audio Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivX Audio codec.inf
    DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
    DriverMax 4-->"C:\Program Files\Innovative Solutions\DriverMax\unins000.exe"
    DTE-->C:\WINDOWS\IsUninst.exe -fC:\DTE\Uninst.isu
    DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
    eLearn CDROM 1.0-->C:\eLearn\unins000.exe
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Enregistrement utilisateur de Canon MP640 series-->C:\Program Files\Canon\IJEREG\MP640 series\UNINST.EXE
    EVEREST Ultimate Edition v5.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    eXtreme Movie Manager 6.7.4.0 - Full Install!-->"C:\Program Files\eXtreme Movie Manager\unins000.exe"
    Folder Size for Windows-->MsiExec.exe /I{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    HomePlayer 1.5.9-->C:\Program Files\HomePlayer\uninst.exe
    Hotel Giant 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6328CF1B-FA83-485C-94F5-B3D1B4B934E2}\setup.exe" -l0x40c -uninst -removeonly
    Hotfix 2055 for SQL Server 2000 ENU (KB960082)-->"C:\WINDOWS\$SQLUninstallSQL2000-KB960082-v8.00.2055-x86-ENU$\spuninst\spuninst.exe"
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
    Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
    Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
    KC Softwares AudioGrail-->"C:\Program Files\KC Softwares\AudioGrail\unins000.exe"
    La_SchemaTech-->MsiExec.exe /I{3BA69722-4F00-4195-ABCE-1B290F884E32}
    Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
    LightSoft-->"C:\Cogelec\LightSoft\unins000.exe"
    Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{CBDE9C7D-CF52-4558-B23E-B66359CB586A}
    Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Nokia_PC_Suite_rel_7_0_9_2_fre.exe
    Nokia PC Suite-->MsiExec.exe /I{D5577624-0626-4C4B-87AA-D966DA1739D6}
    Nokia Software Updater-->MsiExec.exe /X{A2A0D7E5-BBD0-4948-B452-63A91354C12C}
    Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\17.1.0.19\InstStub.exe /X
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    ODF Add-in for Microsoft Office-->MsiExec.exe /I{59D1195A-7E64-4120-BB37-F053D9FD45FB}
    OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    Package de pilotes Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
    Package de pilotes Windows - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
    Package de pilotes Windows - Nokia Modem (08/03/2007 6.84.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
    Package de pilotes Windows - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
    Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
    Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
    PCC-1O01A-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F35C4331-A385-4DC9-9BAE-485E4C999D07}\setup.exe" -l0x9
    PDF Password Cracker Pro v2.0-->"C:\Program Files\PDF Password Cracker Pro v2.0\unins000.exe"
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    pdfforge Toolbar v1.1.1-->MsiExec.exe /X{4EF8BE6A-899C-4196-94E7-297C5F7A203E}
    Philips SPC500NC Webcam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C243875A-1622-427A-BBAB-57EA705A6C3D}\setup.exe" -l0x40c -removeonly
    Philips VLounge-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9486FE2-407B-4B45-B353-0EBE1E4F4FDE}\Setup.exe" -l0x40c
    PHOTOfunSTUDIO HD Edition-->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
    ProSoft v1.2.1-->"C:\Cogelec\ProSoft\unins000.exe"
    QuickMonth Calendar 1.2-->"C:\WINDOWS\unins000.exe"
    QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Semiolog-->C:\WINDOWS\IsUn040c.exe -fc:\Hager\Semiolog\Uninst.isu
    Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{09959E11-AD5D-408E-96AF-E3346954D6B8}
    Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}
    Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Sony Sound Forge Audio Studio 9.0-->MsiExec.exe /X{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}
    SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    TeLL me More Anglais prestige-->"D:\JEUX INSTALLÉS\TELL ME MORE NV ANGLAIS PRESTIGE\BIN\unsetup.exe" -file "D:\JEUX INSTALLÉS\TELL ME MORE NV ANGLAIS PRESTIGE\unsetup.aui"
    Thrustmaster FFB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe" -l0x40c -removeonly
    TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
    Tomtomax Maxi-Box V2.0.19-->"C:\Program Files\Tomtomax Maxi-Box\unins000.exe"
    TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
    Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
    Ultra AVI Converter 5.0.1123-->"C:\Program Files\Ultra AVI Converter\unins000.exe"
    Uniblue RegistryBooster 2-->"C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
    VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WebCam T'nB-->C:\Program Files\WebCamTnB\Uninstal.exe
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    WinGTSystem-->C:\PROGRA~1\WINGTS~1\UNWISE.EXE C:\PROGRA~1\WINGTS~1\INSTALL.LOG
    WinHTTrack Website Copier 3.42-2-->"C:\Program Files\WinHTTrack\unins000.exe"
    WinPhone eXPert-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C339CAC7-65FF-40F3-9D56-317BF20C8CFE}\Setup.exe" -l0x40c ControlPanel
    X-Lite 3.0-->"C:\Program Files\CounterPath\X-Lite\unins000.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    XviD Video Codec 18082002-1 (Koepi's build with EPSZ ME)-->"C:\Program Files\XviD\UninstXviD.exe"

    ======Hosts File======

    65.75.216.6 www.winmx.com err.winmx.com
    205.238.40.54 www.winmx.com err.winmx.com
    65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com
    65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com
    82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com
    205.238.40.1 cache3.winmx.com test3204.winmx.com
    205.238.40.2 cache4.winmx.com test3205.winmx.com
    65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
    65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
    65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com

    ======System event log======

    Computer Name: PCFIXE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service LiveUpdate.

    Record Number: 33836
    Source Name: Service Control Manager
    Time Written: 20091119011950.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PCFIXE
    Event Code: 7036
    Message: Le service Google Software Updater est entré dans l'état : arrêté.

    Record Number: 33835
    Source Name: Service Control Manager
    Time Written: 20091118215117.000000+060
    Event Type: Informations
    User:

    Computer Name: PCFIXE
    Event Code: 7036
    Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

    Record Number: 33834
    Source Name: Service Control Manager
    Time Written: 20091118215017.000000+060
    Event Type: Informations
    User:

    Computer Name: PCFIXE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

    Record Number: 33833
    Source Name: Service Control Manager
    Time Written: 20091118215017.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PCFIXE
    Event Code: 7036
    Message: Le service LiveUpdate est entré dans l'état : arrêté.

    Record Number: 33832
    Source Name: Service Control Manager
    Time Written: 20091118210900.000000+060
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: PCFIXE
    Event Code: 1904
    Message:
    Record Number: 5246
    Source Name: HHCTRL
    Time Written: 20091102081153.000000+060
    Event Type: Informations
    User:

    Computer Name: PCFIXE
    Event Code: 1904
    Message:
    Record Number: 5245
    Source Name: HHCTRL
    Time Written: 20091102081153.000000+060
    Event Type: Informations
    User:

    Computer Name: PCFIXE
    Event Code: 1904
    Message:
    Record Number: 5244
    Source Name: HHCTRL
    Time Written: 20091102081153.000000+060
    Event Type: Informations
    User:

    Computer Name: PCFIXE
    Event Code: 1904
    Message:
    Record Number: 5243
    Source Name: HHCTRL
    Time Written: 20091102081153.000000+060
    Event Type: Informations
    User:

    Computer Name: PCFIXE
    Event Code: 1904
    Message:
    Record Number: 5242
    Source Name: HHCTRL
    Time Written: 20091102081153.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\DISKEE~1\DISKEE~1\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=4b02
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 295 8 Sécurité
    7 Janvier 2010 21:26:20

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    7 Janvier 2010 21:39:19

    Voila le log de USBfIX



    ############################## | UsbFix V6.071 |

    User : Jeje (Administrateurs) # PCFIXE
    Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 21:32:32 | 07/01/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Disabled
    AV : Norton Internet Security 17.1.0.19 [ Enabled | Updated ]
    FW : Norton Internet Security[ Enabled ]17.1.0.19

    C:\ -> Disque fixe local # 18,64 Go (2,27 Go free) # NTFS
    D:\ -> Disque fixe local # 298,09 Go (56,88 Go free) [Sauvegarde DD2] # NTFS
    E:\ -> Disque fixe local # 149,05 Go (9,34 Go free) [DD3 160 Go] # NTFS
    F:\ -> Disque amovible
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque CD-ROM
    K:\ -> Disque CD-ROM
    L:\ -> Disque amovible

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 860
    C:\WINDOWS\system32\csrss.exe 1228
    C:\WINDOWS\system32\winlogon.exe 1404
    C:\WINDOWS\system32\services.exe 1592
    C:\WINDOWS\system32\lsass.exe 1636
    C:\WINDOWS\system32\svchost.exe 1836
    C:\WINDOWS\system32\svchost.exe 1940
    C:\WINDOWS\System32\svchost.exe 160
    C:\WINDOWS\system32\svchost.exe 308
    C:\WINDOWS\system32\svchost.exe 548
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 684
    C:\WINDOWS\Explorer.EXE 1168
    C:\WINDOWS\system32\spoolsv.exe 1304
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe 2004
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe 604
    C:\WINDOWS\system32\bgsvcgen.exe 600
    C:\WINDOWS\system32\svchost.exe 696
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe 888
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe 1264
    C:\Program Files\FolderSize\FolderSizeSvc.exe 1456
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe 1028
    C:\Program Files\Java\jre6\bin\jqs.exe 1068
    C:\Program Files\Microsoft IntelliType Pro\itype.exe 1076
    C:\WINDOWS\RTHDCPL.EXE 1468
    C:\WINDOWS\system32\RUNDLL32.EXE 972
    C:\WINDOWS\system32\rundll32.exe 1564
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe 1604
    C:\progra~1\fichie~1\instal~1\update~1\issch.exe 196
    C:\Program Files\Java\jre6\bin\jusched.exe 2156
    C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 2188
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe 2792
    C:\Program Files\CDBurnerXP\NMSAccessU.exe 3016
    C:\WINDOWS\system32\nvsvc32.exe 3140
    C:\WINDOWS\system32\svchost.exe 3272
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 3464
    C:\Program Files\DNA\btdna.exe 3520
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3680
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 4024
    C:\WINDOWS\system32\ctfmon.exe 1236
    C:\WINDOWS\system32\wdfmgr.exe 2352
    C:\WINDOWS\system32\RUNDLL32.EXE 2460
    C:\WINDOWS\qmc.exe 2592
    C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 3684
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe 2616
    C:\WINDOWS\System32\alg.exe 3228
    C:\Program Files\Mozilla Firefox\firefox.exe 1956
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2360

    ################## | Elements infectieux |


    ################## | Registre |

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

    ################## | Mountpoints2 |


    ################## | Cracks > Keygens > Serials |


    ################## | ! Fin du rapport # UsbFix V6.071 ! |
    a c 295 8 Sécurité
    7 Janvier 2010 21:50:58

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    9 Janvier 2010 13:52:16

    Avec quelque jours de retard, il faut bien bosser, voici le rapport apres suppression avec usbfix



    ############################## | UsbFix V6.071 |

    User : Jeje (Administrateurs) # PCFIXE
    Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 12:59:58 | 09/01/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Disabled
    AV : Norton Internet Security 17.1.0.19 [ Enabled | Updated ]
    FW : Norton Internet Security[ Enabled ]17.1.0.19

    C:\ -> Disque fixe local # 18,64 Go (2,17 Go free) # NTFS
    D:\ -> Disque fixe local # 298,09 Go (56,94 Go free) [Sauvegarde DD2] # NTFS
    E:\ -> Disque fixe local # 149,05 Go (9,34 Go free) [DD3 160 Go] # NTFS
    F:\ -> Disque amovible
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque CD-ROM
    L:\ -> Disque amovible

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 724
    C:\WINDOWS\system32\csrss.exe 1052
    C:\WINDOWS\system32\winlogon.exe 1124
    C:\WINDOWS\system32\services.exe 1184
    C:\WINDOWS\system32\lsass.exe 1196
    C:\WINDOWS\system32\svchost.exe 1432
    C:\WINDOWS\system32\svchost.exe 1540
    C:\WINDOWS\System32\svchost.exe 1636
    C:\WINDOWS\system32\svchost.exe 1788
    C:\WINDOWS\system32\svchost.exe 1912
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 1960
    C:\WINDOWS\system32\spoolsv.exe 524
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe 848
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe 1044
    C:\WINDOWS\system32\bgsvcgen.exe 1072
    C:\WINDOWS\system32\svchost.exe 1056
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe 1324
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe 1368
    C:\Program Files\FolderSize\FolderSizeSvc.exe 1448
    C:\Program Files\Java\jre6\bin\jqs.exe 1904
    C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe 2040
    C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 576
    C:\Program Files\CDBurnerXP\NMSAccessU.exe 616
    C:\WINDOWS\system32\nvsvc32.exe 628
    C:\WINDOWS\system32\svchost.exe 792
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 816
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 1144
    C:\WINDOWS\system32\wdfmgr.exe 1608
    C:\WINDOWS\system32\RUNDLL32.EXE 1748
    C:\WINDOWS\system32\wuauclt.exe 2184
    C:\WINDOWS\System32\alg.exe 3228
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2916
    C:\Program Files\Norton Internet Security\Engine\17.1.0.19\ccSvcHst.exe 3604
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe 3684
    C:\WINDOWS\system32\userinit.exe 3792
    C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe 3808
    C:\WINDOWS\Explorer.EXE 3844
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2748

    ################## | Elements infectieux |

    Supprimé ! C:\Recycler\S-1-5-21-436374069-1547161642-725345543-1003
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-2635879813-4033499100-240206174-1000
    Supprimé ! D:\Recycler\S-1-5-21-117609710-1897051121-839522115-1003
    Supprimé ! D:\Recycler\S-1-5-21-1715567821-1801674531-839522115-1003
    Supprimé ! D:\Recycler\S-1-5-21-436374069-1547161642-725345543-1003
    Supprimé ! D:\Recycler\S-1-5-21-854245398-1547161642-725345543-1003
    Supprimé ! E:\Recycler\S-1-5-21-436374069-1547161642-725345543-1003
    Supprimé ! E:\Recycler\S-1-5-21-854245398-1547161642-725345543-1003

    ################## | Registre |

    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

    ################## | Mountpoints2 |


    ################## | Listing des fichiers présent |

    [20/03/2009 23:36|--a------|128] C:\AUTOEXEC.BAT
    [20/03/2009 22:59|--a------|212] C:\Boot.bak
    [06/01/2010 09:40|-rahs----|282] C:\boot.ini
    [05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
    [17/02/2008 23:59|--a------|177] C:\CielVideo.ini
    [03/08/2004 23:00|--a------|263488] C:\cmldr
    [06/01/2010 10:05|--a------|32594] C:\ComboFix.txt
    [24/07/2008 14:55|--a------|102] C:\Config.Dat
    [16/09/2007 17:50|--a------|0] C:\CONFIG.SYS
    [06/11/2007 12:22|--a------|49236] C:\fat32format.exe
    [04/11/2009 22:00|--a------|0] C:\hw.log
    [04/11/2009 22:16|--a------|285] C:\ILsSrv.log
    [31/10/2007 09:04|--a------|420] C:\InstallHelper.log
    [16/09/2007 17:50|-rahs----|0] C:\IO.SYS
    [14/05/2009 11:20|--a------|0] C:\iwctrllog.txt
    [03/02/2009 22:48|--a------|0] C:\libSRTP_log.txt
    [08/01/2010 10:22|--a------|4756] C:\LISTING.TXT
    [28/02/2008 11:29|--a------|831] C:\MKDEMSG.LOG
    [28/02/2008 11:28|--a------|2048] C:\MKDEWE.TRN
    [18/03/2009 10:07|--a------|213406] C:\MSDELog.log
    [16/09/2007 17:50|-rahs----|0] C:\MSDOS.SYS
    [05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
    [16/09/2008 08:33|-rahs----|252240] C:\ntldr
    [29/02/2004 16:44|--a------|52576] C:\orange.bmp
    [04/11/2009 22:16|--a------|653] C:\SIPPakage.log
    [22/11/2009 16:37|--a------|921632] C:\SPC500NC.DAT
    [09/01/2010 13:06|--a------|5214] C:\UsbFix.txt
    [04/11/2009 22:16|--a------|187] C:\VisuIPUI.log
    [28/04/2008 09:52|-ra------|328] C:\YukonInstall.log
    [27/05/2009 22:01|--a------|3584] D:\playback.grf
    [10/02/2007 15:04|--a------|14278] E:\Ciel_2004_crack_supergege.zip
    [?|?|?] E:\pagefile.sys

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.
    # E:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Crack > Keygen > Serial |



    ################## | Upload |

    Veuillez envoyer le fichier : C:\DOCUME~1\Jeje\Bureau\UsbFix_Upload_Me_PCFIXE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.071 ! |
    a c 295 8 Sécurité
    9 Janvier 2010 20:22:54

  • Relance UsbFix et choisis l'option 6 pour le désinstaller.

    Il te reste quel(s) souci(s) ?
    11 Janvier 2010 11:36:10

    Merci pour tous ce que tu a fait pour moi,

    les soucis qu'il me reste sont:
    quand je clic sur un dossier sur mon bureau, il me lance une commande DOS c:/windows/system32/command.com et le dossier ne s'ouvre pas.
    de plus quand je clic sur bureau dans lancement rapide rien ne se passe.
    De plus j'ai essayé de faire ccleaner pour nettoyer la base de registre et la, une multitude d'erreur que je n'avais pas avant. je n'est pas réparé me disant que tu voudrais peut être voir un log de ces erreurs.
    quand penses tu?
    a c 295 8 Sécurité
    11 Janvier 2010 15:23:15

    Tu peux réparer les erreurs avec CCleaner.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS