Votre question

[Résolu] Nettoyage PC recherche aide

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Décembre 2009 17:15:42

Depuis 2 à 3 semaines, mon ordi portable sous XP s'est ralenti et Antivir qui a remplacé Avast depuis une semaine m'alerte d'une pollution. Deux trojans reviennent régulièrement.
On m'a dit HijackThis était la solution pour éliminé ces malfaisants. Mais comme je ne connais pas l'anglais et peu à l'aise en système informatique, je cherche de l'aide pour me guider. Merci.

Autres pages sur : resolu nettoyage recherche aide

a c 295 8 Sécurité
18 Décembre 2009 17:17:15

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    18 Décembre 2009 17:27:23

    Est-ce bien ce tu voulais, merci de l'aide.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-12-18 17:22:38
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 58 GB (76%) free of 76 GB
    Total RAM: 2046 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:23:12, on 18/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Winsudate\gibusr.exe
    C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Winsudate\gibsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\IObit\IObit Security 360\is360.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\mes Documents\Logiciels\RSIT.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    D:\mes Documents\Logiciels\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/annuaire
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: TBSB06153 - {07CA483F-30BC-425D-823D-48620A3BD13F} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: IXQUICKTB - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - C:\PROGRA~1\IXQUIC~1\ix_quick.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Ecolo-info Toolbar - {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - C:\Program Files\Ecolo-info\tbEcol.dll
    O3 - Toolbar: Share Accelerator - {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - (no file)
    O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Ixquick Toolbar - {70F241F6-52AB-4D45-993E-C1C09920095B} - C:\Program Files\Ixquick Toolbar\ix_quick.dll
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [RDfrNET] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GPLog.lnk = ?
    O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c9bb2738e6b172) (gupdate1c9bb2738e6b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

    --
    End of file - 12904 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\AWC AutoSweep.job
    C:\WINDOWS\tasks\AWC Update.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500UA.job
    C:\WINDOWS\tasks\Low Battery Alarm Program.job
    C:\WINDOWS\tasks\SLOW-PCfighter.job
    C:\WINDOWS\tasks\SmartDefrag.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{30D2C3E2-E0F3-4B92-8448-BFFB8E977315}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CA483F-30BC-425D-823D-48620A3BD13F}]
    TBSB06153 Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
    IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-10 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5CAA6CD-8EE4-40a3-92E0-385561406C50}]
    IXQUICKTB Class - C:\PROGRA~1\IXQUIC~1\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-11-26 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-19 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF96BA30-57F6-4700-8065-910EC3BE9E3B}]
    CGreenPrintPDF Object - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll [2008-06-25 87960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-20 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - Ecolo-info Toolbar - C:\Program Files\Ecolo-info\tbEcol.dll [2008-08-20 1780248]
    {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - []
    {31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]
    {70F241F6-52AB-4D45-993E-C1C09920095B} - Ixquick Toolbar - C:\Program Files\Ixquick Toolbar\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
    "Device Detector"=DevDetect.exe -autorun []
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2007-11-20 69632]
    "ScanSoft OmniPage SE 4.0-reminder"=C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe [2006-09-26 1414696]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
    "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
    "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
    "IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-11-14 1278736]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "EPSON Stylus D92 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE [2006-09-27 139264]
    "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
    "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
    "WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-12-01 88304]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]
    "RDfrNET"=C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe [2009-11-28 13737056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cesoi]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-TF1]
    C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPPrinterNotify]
    C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
    C:\PROGRA~1\Magentic\bin\Magentic.exe [2008-08-04 488808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime Alternative\qttask.exe [2009-09-05 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2007-11-20 16841216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-20 136600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint Printer Notify.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPPRIN~1.EXE [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint TrayIcon.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPTray.exe [2008-06-25 272272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^VersionTrackerPro.lnk]
    C:\WINDOWS\Installer\{64A32253-A906-4AEB-B6A7-A90512B68D87}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe /hide []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    GPLog.lnk - C:\Program Files\GreenPrint Technologies\GreenPrint World\LOGWnd.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2007-11-20 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-09-09 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "disablecad"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMConfigurePrograms"=1
    "NoResolveTrack"=1
    "NoResolveSearch"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
    "C:\Program Files\Zapu\Zapu\wDivi.exe"="C:\Program Files\Zapu\Zapu\wDivi.exe:*:Enabled:Zapu Control"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe:*:Enabled:IreIke"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f86bb3-cdcb-11dd-8fe3-001b9e7116c1}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bda0fdf-d7df-11dd-8ffb-001b9e7116c1}]
    shell\AutoRun\command - G:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-12-17 18:12:36 ----D---- C:\rsit
    2009-12-17 17:38:21 ----SHD---- C:\Config.Msi
    2009-12-07 07:35:03 ----A---- C:\WINDOWS\system32\MSVolumeRDFr.dll
    2009-12-06 14:03:36 ----D---- C:\Program Files\Avira
    2009-12-06 14:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-12-06 09:35:05 ----D---- C:\Program Files\RegistryDoktor 4.1
    2009-12-04 16:41:41 ----D---- C:\Documents and Settings\All Users\Application Data\Fighters
    2009-12-04 08:24:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Icones
    2009-12-04 08:21:50 ----D---- C:\Program Files\Ixquick Toolbar
    2009-12-01 16:30:50 ----D---- C:\Program Files\Winsudate
    2009-12-01 07:28:53 ----D---- C:\coktel
    2009-11-25 17:57:27 ----D---- C:\Program Files\Adobe
    2009-11-24 20:08:24 ----D---- C:\Documents and Settings\All Users\Application Data\IObit

    ======List of files/folders modified in the last 1 months======

    2009-12-18 17:22:21 ----D---- C:\WINDOWS\Prefetch
    2009-12-18 17:12:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2009-12-18 16:30:00 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-18 16:03:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2009-12-18 16:01:41 ----SD---- C:\WINDOWS\Tasks
    2009-12-18 16:01:34 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-12-18 14:02:03 ----D---- C:\WINDOWS\Temp
    2009-12-18 08:12:07 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-18 08:11:23 ----D---- C:\WINDOWS\system32\fr-fr
    2009-12-18 08:11:23 ----D---- C:\WINDOWS
    2009-12-18 08:11:22 ----HD---- C:\WINDOWS\inf
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\system32\dllcache
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\system32
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Media
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Help
    2009-12-18 08:11:22 ----D---- C:\Program Files\Internet Explorer
    2009-12-18 08:10:16 ----D---- C:\WINDOWS\ie8updates
    2009-12-17 18:06:41 ----D---- C:\Program Files\Fichiers communs
    2009-12-17 18:06:41 ----D---- C:\Program Files
    2009-12-17 18:05:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-12-17 18:05:22 ----D---- C:\WINDOWS\system32\drivers
    2009-12-17 17:38:31 ----SHD---- C:\WINDOWS\Installer
    2009-12-17 17:38:31 ----D---- C:\WINDOWS\WinSxS
    2009-12-17 16:09:15 ----A---- C:\WINDOWS\imsins.BAK
    2009-12-17 14:28:58 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-13 11:18:12 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-12-13 10:25:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-06 17:46:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
    2009-12-06 12:46:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-04 16:27:43 ----D---- C:\Documents and Settings\Administrateur\Application Data\IObit
    2009-12-01 16:33:38 ----AC---- C:\WINDOWS\OEWABLog.txt
    2009-12-01 07:28:38 ----RSD---- C:\WINDOWS\Fonts
    2009-11-30 15:58:37 ----SHD---- C:\WINDOWS\CSC
    2009-11-25 17:58:12 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-11-25 17:57:43 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-11-25 11:35:35 ----D---- C:\Program Files\Google
    2009-11-24 20:08:19 ----D---- C:\Program Files\IObit

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 EQDRV5;EQUANT NDIS 5 Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\eqdrv5.sys [2008-05-22 16000]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys []
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-25 278984]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-25 25416]
    R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-11-19 1161888]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-01-24 1291328]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-09-09 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-20 2418688]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2007-11-20 84992]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-09-09 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-20 4611072]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-09-09 61824]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-02 5888]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-11-20 90880]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2007-09-09 78720]
    R3 swivsp;AC8xx Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2006-10-12 20352]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-11-20 290304]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
    R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
    R3 UVCFTR;UVCFTR; C:\WINDOWS\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
    R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-12-13 57408]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S2 Crypto;Crypto; \??\C:\WINDOWS\system32\Drivers\Crypto.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 GtVUsb;GlobeTrotter 3G+ Viper Filter Service; C:\WINDOWS\system32\DRIVERS\GtVUsb.sys [2006-11-21 5120]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2007-09-09 12032]
    S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2007-09-09 11008]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-02 4736]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-09-09 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-09-09 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-11-19 9216]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-20 483328]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-06-03 39936]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
    R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2009-11-14 312592]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-20 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
    R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-12-01 70896]
    S2 gupdate1c9bb2738e6b172;Google Update Service (gupdate1c9bb2738e6b172); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-12 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------
    Contenus similaires
    a c 295 8 Sécurité
    18 Décembre 2009 17:31:29

  • Désinstalle RegistryDoktor qui est un rogue.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    18 Décembre 2009 17:40:04

    RegistryDoktor se cache sous quel nom car je ne trouve pas dans la liste ajout suppression de programme.
    J'ai aussi un disque dur externe quand faut-il s'en occuper? Merci
    a c 295 8 Sécurité
    18 Décembre 2009 17:48:28

    Citation :
    RegistryDoktor se cache sous quel nom car je ne trouve pas dans la liste ajout suppression de programme.

    --> Malwarebytes' Anti-Malware va s'en occuper.

    Citation :
    J'ai aussi un disque dur externe quand faut-il s'en occuper?

    --> D'après le rapport, non.
    18 Décembre 2009 18:16:34

    ça marche comme sur des roulettes, merci encore.

    Malwarebytes' Anti-Malware 1.42
    Version de la base de données: 3385
    Windows 5.1.2600 Service Pack 2
    Internet Explorer 7.0.5730.13

    18/12/2009 18:02:22
    mbam-log-2009-12-18 (18-02-22).txt

    Type de recherche: Examen rapide
    Eléments examinés: 117960
    Temps écoulé: 2 minute(s), 48 second(s)

    Processus mémoire infecté(s): 3
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Unloaded process successfully.
    C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (Rogue.AntivirusDoktor) -> Unloaded process successfully.
    C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rdfrnet (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
    a c 295 8 Sécurité
    18 Décembre 2009 18:32:05

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Poste le rapport info situé dans C:\Rsit.
    18 Décembre 2009 18:49:23

    Est-ce qu'il y a d'autres choses à faire pour la santé de mon ordi.
    Merci pour tout.
    a c 295 8 Sécurité
    18 Décembre 2009 18:52:15

    Tu as vu ma réponse ?
    18 Décembre 2009 19:21:38

    Dans C/rsit, il y a 2 documents et je n'ai réussi qu'a copié que le 1ier.


    info.txt logfile of random's system information tool 1.06 2009-12-17 18:12:58

    ======Uninstall list======

    -->C:\PROGRA~1\Yahoo!\Common\unyt.exe
    -->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu" -c"C:\WINDOWS\StiRegstFre.dll"
    -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{329899E1-CBBA-49BC-9FFE-199E94316727}\setup.exe" -l0x40c -removeonly
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.45-->MsiExec.exe /I{23170F69-40C1-2701-0445-020001000000}
    ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
    ABBYY FineReader 6.0-->MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}
    ACDSee for PENTAX 3.0-->MsiExec.exe /X{82515476-A57B-4C43-B642-5F396E20C648}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
    Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
    Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
    Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x040c
    ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Canon CanoScan Toolbox 5.0-->"C:\Program Files\Canon\CanoScan Toolbox Ver5.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\CanoScan Toolbox Ver5.0\uninst.ini
    CanoScan 4400F-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803 /L0x000c
    CartoExploreur-->C:\Program Files\CartoExploreur\Uninstal.exe
    Catalyst Control Center - Branding-->MsiExec.exe /I{22543949-70E8-45D0-A938-F38143EB8BF8}
    Combined Community Codec Pack 2007-07-22-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
    Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Ecolo-info Toolbar-->C:\PROGRA~1\ECOLO-~1\UNWISE.EXE C:\PROGRA~1\ECOLO-~1\INSTALL.LOG
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    GIMP 2.4.6-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
    GreenPrint World-->"C:\Program Files\InstallShield Installation Information\{2E42C207-47A7-45C8-805C-5EF9AF4BD5A7}\setup.exe" -runfromtemp -l0x0009 -removeonly
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
    Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
    IObit Security 360-->"C:\Program Files\IObit\IObit Security 360\unins000.exe"
    IObitCom Toolbar-->C:\PROGRA~1\IObitCom\UNWISE.EXE /U C:\PROGRA~1\IObitCom\INSTALL.LOG
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    Ixquick Toolbar-->regsvr32 /u /s "C:\Program Files\Ixquick Toolbar\ix_quick.dll"
    Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    K-Lite Codec Pack 3.8.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Logiciel de photoreflex-->"C:\Program Files\Photoreflex\Logiciel de photoreflex\uninstall.exe"
    Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    PDF-XChange 3-->"C:\Program Files\Tracker Software\PDF-XChange 3\unins000.exe"
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    Presto! PageManager 7.15.14-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}\PMSetup.exe" -l0x40c anything -removeonly
    QuickTime Alternative 2.5.1-->"C:\Program Files\QuickTime Alternative\unins000.exe"
    QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
    Real Alternative 1.8.0-->"C:\Program Files\Real Alternative\unins000.exe"
    REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{C1E693A4-B1D5-4DCD-B68D-2087835B7184}
    Share Accelerator-->regsvr32 /u /s "C:\Program Files\IEToolbar\Share Accelerator\tbu05167\ShareAcceleratorToolbar12_11_08.dll"
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Smart Defrag 1.11-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
    Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x040c
    TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
    TOSHIBA Hardware Setup-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036
    Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
    TOSHIBA Software Modem-->Tosmreg -U
    VirginMega.Fr Premium-->MsiExec.exe /I{C179292C-735A-47EC-AD6D-AC6C6BE20017}
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    WinZip-->"C:\Program Files\Winzip\WINZIP32.EXE" /uninstall
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AntiVir Desktop

    ======System event log======

    Computer Name: BERNARD
    Event Code: 7036
    Message: Le service Acquisition d'image Windows (WIA) est entré dans l'état : en cours d'exécution.

    Record Number: 53593
    Source Name: Service Control Manager
    Time Written: 20091029174915.000000+060
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 4201
    Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{687FACEC-FEFA-4158-9201-CBB6D0203196} était connectée au réseau,
    et a lancé une opération normale sur la carte réseau.

    Record Number: 53592
    Source Name: Tcpip
    Time Written: 20091029174913.000000+060
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 7036
    Message: Le service Acquisition d'image Windows (WIA) est entré dans l'état : en cours d'exécution.

    Record Number: 53591
    Source Name: Service Control Manager
    Time Written: 20091029105800.000000+060
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 1003
    Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001B9E7116C1. Il s'est
    produit l'erreur suivante :
    L'opération a été annulée par l'utilisateur.
    .
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Record Number: 53590
    Source Name: Dhcp
    Time Written: 20091029105759.000000+060
    Event Type: Avertissement
    User:

    Computer Name: BERNARD
    Event Code: 4201
    Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{687FACEC-FEFA-4158-9201-CBB6D0203196} était connectée au réseau,
    et a lancé une opération normale sur la carte réseau.

    Record Number: 53589
    Source Name: Tcpip
    Time Written: 20091029105758.000000+060
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: BERNARD
    Event Code: 0
    Message:
    Record Number: 7333
    Source Name: gusvc
    Time Written: 20090930133709.000000+120
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 0
    Message:
    Record Number: 7332
    Source Name: gusvc
    Time Written: 20090929112047.000000+120
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 0
    Message:
    Record Number: 7331
    Source Name: gusvc
    Time Written: 20090929111936.000000+120
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 0
    Message:
    Record Number: 7330
    Source Name: gusvc
    Time Written: 20090929052406.000000+120
    Event Type: Informations
    User:

    Computer Name: BERNARD
    Event Code: 0
    Message:
    Record Number: 7329
    Source Name: gupdate1c9bb2738e6b172
    Time Written: 20090929052341.000000+120
    Event Type: Informations
    User:

    =====Security event log=====

    Computer Name: BERNARD
    Event Code: 560
    Message: Objet ouvert

    Serveur de l'objet : SC Manager

    Type de l'objet : SERVICE OBJECT

    Nom de l'objet : TlntSvr

    Identificateur du handle : -

    Identificateur de l'opération : {0,263695}

    Id. du processus : 1108

    Nom du fichier image : C:\WINDOWS\system32\services.exe

    Utilisateur principal : BERNARD$

    Domaine principal : PRATZ

    Id d'ouv. de session principale : (0x0,0x3E7)

    Utilisateur du client : SERVICE RÉSEAU

    Domaine du client : AUTORITE NT

    Id. d'ouv. de session client : (0x0,0x3E4)

    Accès : READ_CONTROL

    Requête d'informations sur la configuration de service

    Requête état de service

    Énumération des dépendances de service

    Requête d'informations du service



    Privilèges : -

    Nombre de SID restreint : 0


    Record Number: 5
    Source Name: Security
    Time Written: 20080522112136.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SERVICE RÉSEAU

    Computer Name: BERNARD
    Event Code: 637
    Message: Membre du groupe local de sécurité activée supprimé :

    Nom du membre : -

    Id. du membre : %{S-1-5-21-530980867-1256504590-1268912549-513}

    Nom de compte cible : Utilisateurs

    Domaine cible : Builtin

    Id. du compte cible : BUILTIN\Utilisateurs

    Utilisateur appelant : Administrateur

    Domaine appelant : BERNARD

    Id. de session de l'appelant : (0x0,0x1AED3)

    Privilèges : -


    Record Number: 4
    Source Name: Security
    Time Written: 20080522110514.000000+120
    Event Type: Succès de l'audit
    User: BERNARD\Administrateur

    Computer Name: BERNARD
    Event Code: 637
    Message: Membre du groupe local de sécurité activée supprimé :

    Nom du membre : -

    Id. du membre : %{S-1-5-21-530980867-1256504590-1268912549-512}

    Nom de compte cible : Administrateurs

    Domaine cible : Builtin

    Id. du compte cible : BUILTIN\Administrateurs

    Utilisateur appelant : Administrateur

    Domaine appelant : BERNARD

    Id. de session de l'appelant : (0x0,0x1AED3)

    Privilèges : -


    Record Number: 3
    Source Name: Security
    Time Written: 20080522110514.000000+120
    Event Type: Succès de l'audit
    User: BERNARD\Administrateur

    Computer Name: BERNARD
    Event Code: 560
    Message: Objet ouvert

    Serveur de l'objet : SC Manager

    Type de l'objet : SERVICE OBJECT

    Nom de l'objet : TlntSvr

    Identificateur du handle : -

    Identificateur de l'opération : {0,89967}

    Id. du processus : 1536

    Nom du fichier image : C:\WINDOWS\system32\services.exe

    Utilisateur principal : BERNARD$

    Domaine principal : BOURBON

    Id d'ouv. de session principale : (0x0,0x3E7)

    Utilisateur du client : SERVICE RÉSEAU

    Domaine du client : AUTORITE NT

    Id. d'ouv. de session client : (0x0,0x3E4)

    Accès : READ_CONTROL

    Requête d'informations sur la configuration de service

    Requête état de service

    Énumération des dépendances de service

    Requête d'informations du service



    Privilèges : -

    Nombre de SID restreint : 0


    Record Number: 2
    Source Name: Security
    Time Written: 20080522105309.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SERVICE RÉSEAU

    Computer Name: BERNARD
    Event Code: 612
    Message: Modification de la stratégie d'audit :

    Nouvelle stratégie :

    Succès Échec

    - + Ouvertures/Fermetures de session

    - + Accès aux objets

    - - Utilisation d'un privilège

    + + Gestion des comptes

    - - Changement de stratégie

    - + Système

    - - Suivi détaillé

    - - Accès Active Directory

    - - Connexion au compte


    Modifié par :

    Utilisateur : BERNARD$

    Nom du domaine : BOURBON

    Id. de la session : (0x0,0x3E7)

    Record Number: 1
    Source Name: Security
    Time Written: 20080522104955.000000+120
    Event Type: Succès de l'audit
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime Alternative\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-12-18 17:22:38
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 58 GB (76%) free of 76 GB
    Total RAM: 2046 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:23:12, on 18/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Winsudate\gibusr.exe
    C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Winsudate\gibsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\IObit\IObit Security 360\is360.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\mes Documents\Logiciels\RSIT.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    D:\mes Documents\Logiciels\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/annuaire
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: TBSB06153 - {07CA483F-30BC-425D-823D-48620A3BD13F} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: IXQUICKTB - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - C:\PROGRA~1\IXQUIC~1\ix_quick.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Ecolo-info Toolbar - {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - C:\Program Files\Ecolo-info\tbEcol.dll
    O3 - Toolbar: Share Accelerator - {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - (no file)
    O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Ixquick Toolbar - {70F241F6-52AB-4D45-993E-C1C09920095B} - C:\Program Files\Ixquick Toolbar\ix_quick.dll
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [RDfrNET] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GPLog.lnk = ?
    O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c9bb2738e6b172) (gupdate1c9bb2738e6b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

    --
    End of file - 12904 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\AWC AutoSweep.job
    C:\WINDOWS\tasks\AWC Update.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500UA.job
    C:\WINDOWS\tasks\Low Battery Alarm Program.job
    C:\WINDOWS\tasks\SLOW-PCfighter.job
    C:\WINDOWS\tasks\SmartDefrag.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{30D2C3E2-E0F3-4B92-8448-BFFB8E977315}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CA483F-30BC-425D-823D-48620A3BD13F}]
    TBSB06153 Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
    IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-10 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5CAA6CD-8EE4-40a3-92E0-385561406C50}]
    IXQUICKTB Class - C:\PROGRA~1\IXQUIC~1\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-11-26 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-19 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF96BA30-57F6-4700-8065-910EC3BE9E3B}]
    CGreenPrintPDF Object - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll [2008-06-25 87960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-20 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - Ecolo-info Toolbar - C:\Program Files\Ecolo-info\tbEcol.dll [2008-08-20 1780248]
    {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - []
    {31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]
    {70F241F6-52AB-4D45-993E-C1C09920095B} - Ixquick Toolbar - C:\Program Files\Ixquick Toolbar\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
    "Device Detector"=DevDetect.exe -autorun []
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2007-11-20 69632]
    "ScanSoft OmniPage SE 4.0-reminder"=C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe [2006-09-26 1414696]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
    "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
    "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
    "IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-11-14 1278736]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "EPSON Stylus D92 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE [2006-09-27 139264]
    "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
    "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
    "WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-12-01 88304]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]
    "RDfrNET"=C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe [2009-11-28 13737056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cesoi]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-TF1]
    C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPPrinterNotify]
    C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
    C:\PROGRA~1\Magentic\bin\Magentic.exe [2008-08-04 488808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime Alternative\qttask.exe [2009-09-05 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2007-11-20 16841216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-20 136600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint Printer Notify.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPPRIN~1.EXE [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint TrayIcon.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPTray.exe [2008-06-25 272272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^VersionTrackerPro.lnk]
    C:\WINDOWS\Installer\{64A32253-A906-4AEB-B6A7-A90512B68D87}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe /hide []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    GPLog.lnk - C:\Program Files\GreenPrint Technologies\GreenPrint World\LOGWnd.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2007-11-20 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-09-09 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "disablecad"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMConfigurePrograms"=1
    "NoResolveTrack"=1
    "NoResolveSearch"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
    "C:\Program Files\Zapu\Zapu\wDivi.exe"="C:\Program Files\Zapu\Zapu\wDivi.exe:*:Enabled:Zapu Control"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe:*:Enabled:IreIke"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f86bb3-cdcb-11dd-8fe3-001b9e7116c1}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bda0fdf-d7df-11dd-8ffb-001b9e7116c1}]
    shell\AutoRun\command - G:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-12-17 18:12:36 ----D---- C:\rsit
    2009-12-17 17:38:21 ----SHD---- C:\Config.Msi
    2009-12-07 07:35:03 ----A---- C:\WINDOWS\system32\MSVolumeRDFr.dll
    2009-12-06 14:03:36 ----D---- C:\Program Files\Avira
    2009-12-06 14:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-12-06 09:35:05 ----D---- C:\Program Files\RegistryDoktor 4.1
    2009-12-04 16:41:41 ----D---- C:\Documents and Settings\All Users\Application Data\Fighters
    2009-12-04 08:24:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Icones
    2009-12-04 08:21:50 ----D---- C:\Program Files\Ixquick Toolbar
    2009-12-01 16:30:50 ----D---- C:\Program Files\Winsudate
    2009-12-01 07:28:53 ----D---- C:\coktel
    2009-11-25 17:57:27 ----D---- C:\Program Files\Adobe
    2009-11-24 20:08:24 ----D---- C:\Documents and Settings\All Users\Application Data\IObit

    ======List of files/folders modified in the last 1 months======

    2009-12-18 17:22:21 ----D---- C:\WINDOWS\Prefetch
    2009-12-18 17:12:00 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2009-12-18 16:30:00 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-18 16:03:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2009-12-18 16:01:41 ----SD---- C:\WINDOWS\Tasks
    2009-12-18 16:01:34 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-12-18 14:02:03 ----D---- C:\WINDOWS\Temp
    2009-12-18 08:12:07 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-18 08:11:23 ----D---- C:\WINDOWS\system32\fr-fr
    2009-12-18 08:11:23 ----D---- C:\WINDOWS
    2009-12-18 08:11:22 ----HD---- C:\WINDOWS\inf
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\system32\dllcache
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\system32
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Media
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Help
    2009-12-18 08:11:22 ----D---- C:\Program Files\Internet Explorer
    2009-12-18 08:10:16 ----D---- C:\WINDOWS\ie8updates
    2009-12-17 18:06:41 ----D---- C:\Program Files\Fichiers communs
    2009-12-17 18:06:41 ----D---- C:\Program Files
    2009-12-17 18:05:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-12-17 18:05:22 ----D---- C:\WINDOWS\system32\drivers
    2009-12-17 17:38:31 ----SHD---- C:\WINDOWS\Installer
    2009-12-17 17:38:31 ----D---- C:\WINDOWS\WinSxS
    2009-12-17 16:09:15 ----A---- C:\WINDOWS\imsins.BAK
    2009-12-17 14:28:58 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-13 11:18:12 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-12-13 10:25:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-06 17:46:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
    2009-12-06 12:46:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-04 16:27:43 ----D---- C:\Documents and Settings\Administrateur\Application Data\IObit
    2009-12-01 16:33:38 ----AC---- C:\WINDOWS\OEWABLog.txt
    2009-12-01 07:28:38 ----RSD---- C:\WINDOWS\Fonts
    2009-11-30 15:58:37 ----SHD---- C:\WINDOWS\CSC
    2009-11-25 17:58:12 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-11-25 17:57:43 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-11-25 11:35:35 ----D---- C:\Program Files\Google
    2009-11-24 20:08:19 ----D---- C:\Program Files\IObit

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 EQDRV5;EQUANT NDIS 5 Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\eqdrv5.sys [2008-05-22 16000]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys []
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-25 278984]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-25 25416]
    R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-11-19 1161888]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-01-24 1291328]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-09-09 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-20 2418688]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2007-11-20 84992]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-09-09 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-20 4611072]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-09-09 61824]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-02 5888]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-11-20 90880]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2007-09-09 78720]
    R3 swivsp;AC8xx Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2006-10-12 20352]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-11-20 290304]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
    R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
    R3 UVCFTR;UVCFTR; C:\WINDOWS\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
    R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-12-13 57408]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S2 Crypto;Crypto; \??\C:\WINDOWS\system32\Drivers\Crypto.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 GtVUsb;GlobeTrotter 3G+ Viper Filter Service; C:\WINDOWS\system32\DRIVERS\GtVUsb.sys [2006-11-21 5120]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2007-09-09 12032]
    S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2007-09-09 11008]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-02 4736]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-09-09 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-09-09 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-11-19 9216]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-20 483328]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-06-03 39936]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
    R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2009-11-14 312592]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-20 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
    R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-12-01 70896]
    S2 gupdate1c9bb2738e6b172;Google Update Service (gupdate1c9bb2738e6b172); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-12 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    18 Décembre 2009 19:32:18

  • Désinstalle Java 6 Update 12 et Java 6 Update 7.

  • Mets à jour Java.

  • Refais un scan RSIT et poste le rapport log.
    18 Décembre 2009 22:20:12

    Excuse-moi j'avais quitté mon ordi, j'ai fait le nécessaire et l'ordi va beaucoup mieux, il réagit plus vite. Je ne sais comment te remercier.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-12-18 22:16:05
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 58 GB (76%) free of 76 GB
    Total RAM: 2046 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:16:08, on 18/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\mes Documents\Logiciels\RSIT (1).exe
    C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/annuaire
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: TBSB06153 - {07CA483F-30BC-425D-823D-48620A3BD13F} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: IXQUICKTB - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - C:\PROGRA~1\IXQUIC~1\ix_quick.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Ecolo-info Toolbar - {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - C:\Program Files\Ecolo-info\tbEcol.dll
    O3 - Toolbar: Share Accelerator - {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - (no file)
    O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Ixquick Toolbar - {70F241F6-52AB-4D45-993E-C1C09920095B} - C:\Program Files\Ixquick Toolbar\ix_quick.dll
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GPLog.lnk = ?
    O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c9bb2738e6b172) (gupdate1c9bb2738e6b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    --
    End of file - 12147 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\AWC AutoSweep.job
    C:\WINDOWS\tasks\AWC Update.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500UA.job
    C:\WINDOWS\tasks\Low Battery Alarm Program.job
    C:\WINDOWS\tasks\SLOW-PCfighter.job
    C:\WINDOWS\tasks\SmartDefrag.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{30D2C3E2-E0F3-4B92-8448-BFFB8E977315}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CA483F-30BC-425D-823D-48620A3BD13F}]
    TBSB06153 Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
    IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-10 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5CAA6CD-8EE4-40a3-92E0-385561406C50}]
    IXQUICKTB Class - C:\PROGRA~1\IXQUIC~1\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-11-26 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-18 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF96BA30-57F6-4700-8065-910EC3BE9E3B}]
    CGreenPrintPDF Object - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll [2008-06-25 87960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-18 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - Ecolo-info Toolbar - C:\Program Files\Ecolo-info\tbEcol.dll [2008-08-20 1780248]
    {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - []
    {31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]
    {70F241F6-52AB-4D45-993E-C1C09920095B} - Ixquick Toolbar - C:\Program Files\Ixquick Toolbar\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
    "Device Detector"=DevDetect.exe -autorun []
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2007-11-20 69632]
    "ScanSoft OmniPage SE 4.0-reminder"=C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe [2006-09-26 1414696]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
    "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
    "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
    "IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-11-14 1278736]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-18 149280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "EPSON Stylus D92 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE [2006-09-27 139264]
    "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
    "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cesoi]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-TF1]
    C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPPrinterNotify]
    C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
    C:\PROGRA~1\Magentic\bin\Magentic.exe [2008-08-04 488808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime Alternative\qttask.exe [2009-09-05 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2007-11-20 16841216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-18 149280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint Printer Notify.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPPRIN~1.EXE [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint TrayIcon.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPTray.exe [2008-06-25 272272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^VersionTrackerPro.lnk]
    C:\WINDOWS\Installer\{64A32253-A906-4AEB-B6A7-A90512B68D87}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe /hide []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    GPLog.lnk - C:\Program Files\GreenPrint Technologies\GreenPrint World\LOGWnd.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2007-11-20 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-09-09 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "disablecad"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMConfigurePrograms"=1
    "NoResolveTrack"=1
    "NoResolveSearch"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
    "C:\Program Files\Zapu\Zapu\wDivi.exe"="C:\Program Files\Zapu\Zapu\wDivi.exe:*:Enabled:Zapu Control"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe:*:Enabled:IreIke"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f86bb3-cdcb-11dd-8fe3-001b9e7116c1}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bda0fdf-d7df-11dd-8ffb-001b9e7116c1}]
    shell\AutoRun\command - G:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\java.exe
    2009-12-18 17:45:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2009-12-18 17:45:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-12-18 17:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-12-17 18:12:36 ----D---- C:\rsit
    2009-12-07 07:35:03 ----A---- C:\WINDOWS\system32\MSVolumeRDFr.dll
    2009-12-06 14:03:36 ----D---- C:\Program Files\Avira
    2009-12-06 14:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-12-06 09:35:05 ----D---- C:\Program Files\RegistryDoktor 4.1
    2009-12-04 16:41:41 ----D---- C:\Documents and Settings\All Users\Application Data\Fighters
    2009-12-04 08:24:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Icones
    2009-12-04 08:21:50 ----D---- C:\Program Files\Ixquick Toolbar
    2009-12-01 07:28:53 ----D---- C:\coktel
    2009-11-25 17:57:27 ----D---- C:\Program Files\Adobe
    2009-11-24 20:08:24 ----D---- C:\Documents and Settings\All Users\Application Data\IObit

    ======List of files/folders modified in the last 1 months======

    2009-12-18 22:12:42 ----SHD---- C:\WINDOWS\Installer
    2009-12-18 22:12:35 ----D---- C:\WINDOWS\system32
    2009-12-18 22:12:20 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-12-18 22:12:02 ----D---- C:\WINDOWS\Prefetch
    2009-12-18 22:09:46 ----D---- C:\WINDOWS\Temp
    2009-12-18 22:06:46 ----D---- C:\Program Files\Java
    2009-12-18 22:06:45 ----D---- C:\Program Files\Fichiers communs
    2009-12-18 22:05:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2009-12-18 20:12:21 ----D---- C:\WINDOWS
    2009-12-18 18:50:00 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-18 18:20:07 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-12-18 18:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-18 18:06:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2009-12-18 18:05:55 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-18 18:05:51 ----SD---- C:\WINDOWS\Tasks
    2009-12-18 18:04:55 ----D---- C:\WINDOWS\system32\drivers
    2009-12-18 18:04:55 ----D---- C:\WINDOWS\Debug
    2009-12-18 18:02:22 ----D---- C:\Program Files
    2009-12-18 16:01:34 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-12-18 08:11:23 ----D---- C:\WINDOWS\system32\fr-fr
    2009-12-18 08:11:22 ----HD---- C:\WINDOWS\inf
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\system32\dllcache
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Media
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Help
    2009-12-18 08:11:22 ----D---- C:\Program Files\Internet Explorer
    2009-12-18 08:10:16 ----D---- C:\WINDOWS\ie8updates
    2009-12-17 18:05:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-12-17 17:38:31 ----D---- C:\WINDOWS\WinSxS
    2009-12-17 16:09:15 ----A---- C:\WINDOWS\imsins.BAK
    2009-12-17 14:28:58 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-13 10:25:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-06 17:46:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
    2009-12-04 16:27:43 ----D---- C:\Documents and Settings\Administrateur\Application Data\IObit
    2009-12-01 16:33:38 ----AC---- C:\WINDOWS\OEWABLog.txt
    2009-12-01 07:28:38 ----RSD---- C:\WINDOWS\Fonts
    2009-11-30 15:58:37 ----SHD---- C:\WINDOWS\CSC
    2009-11-25 17:58:12 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-11-25 17:57:43 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-11-25 11:35:35 ----D---- C:\Program Files\Google
    2009-11-24 20:08:19 ----D---- C:\Program Files\IObit

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 EQDRV5;EQUANT NDIS 5 Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\eqdrv5.sys [2008-05-22 16000]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys []
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-25 278984]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-25 25416]
    R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-11-19 1161888]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-01-24 1291328]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-09-09 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-20 2418688]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2007-11-20 84992]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-09-09 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-20 4611072]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-09-09 61824]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-02 5888]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-11-20 90880]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2007-09-09 78720]
    R3 swivsp;AC8xx Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2006-10-12 20352]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-11-20 290304]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
    R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
    R3 UVCFTR;UVCFTR; C:\WINDOWS\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
    R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-12-13 57408]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S2 Crypto;Crypto; \??\C:\WINDOWS\system32\Drivers\Crypto.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 GtVUsb;GlobeTrotter 3G+ Viper Filter Service; C:\WINDOWS\system32\DRIVERS\GtVUsb.sys [2006-11-21 5120]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2007-09-09 12032]
    S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2007-09-09 11008]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-02 4736]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-09-09 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-09-09 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-11-19 9216]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-20 483328]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-06-03 39936]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
    R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2009-11-14 312592]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-18 153376]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
    S2 gupdate1c9bb2738e6b172;Google Update Service (gupdate1c9bb2738e6b172); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-12 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-12-18 22:16:05
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 58 GB (76%) free of 76 GB
    Total RAM: 2046 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:16:08, on 18/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    D:\mes Documents\Logiciels\RSIT (1).exe
    C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/annuaire
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: TBSB06153 - {07CA483F-30BC-425D-823D-48620A3BD13F} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: IXQUICKTB - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - C:\PROGRA~1\IXQUIC~1\ix_quick.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Ecolo-info Toolbar - {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - C:\Program Files\Ecolo-info\tbEcol.dll
    O3 - Toolbar: Share Accelerator - {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - (no file)
    O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Ixquick Toolbar - {70F241F6-52AB-4D45-993E-C1C09920095B} - C:\Program Files\Ixquick Toolbar\ix_quick.dll
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GPLog.lnk = ?
    O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c9bb2738e6b172) (gupdate1c9bb2738e6b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    --
    End of file - 12147 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\AWC AutoSweep.job
    C:\WINDOWS\tasks\AWC Update.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500UA.job
    C:\WINDOWS\tasks\Low Battery Alarm Program.job
    C:\WINDOWS\tasks\SLOW-PCfighter.job
    C:\WINDOWS\tasks\SmartDefrag.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{30D2C3E2-E0F3-4B92-8448-BFFB8E977315}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CA483F-30BC-425D-823D-48620A3BD13F}]
    TBSB06153 Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
    IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-10 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5CAA6CD-8EE4-40a3-92E0-385561406C50}]
    IXQUICKTB Class - C:\PROGRA~1\IXQUIC~1\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-11-26 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-18 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF96BA30-57F6-4700-8065-910EC3BE9E3B}]
    CGreenPrintPDF Object - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll [2008-06-25 87960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-18 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - Ecolo-info Toolbar - C:\Program Files\Ecolo-info\tbEcol.dll [2008-08-20 1780248]
    {FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5} - []
    {31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]
    {70F241F6-52AB-4D45-993E-C1C09920095B} - Ixquick Toolbar - C:\Program Files\Ixquick Toolbar\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
    "Device Detector"=DevDetect.exe -autorun []
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2007-11-20 69632]
    "ScanSoft OmniPage SE 4.0-reminder"=C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe [2006-09-26 1414696]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
    "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
    "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
    "IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-11-14 1278736]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-18 149280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "EPSON Stylus D92 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE [2006-09-27 139264]
    "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
    "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cesoi]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-TF1]
    C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPPrinterNotify]
    C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
    C:\PROGRA~1\Magentic\bin\Magentic.exe [2008-08-04 488808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime Alternative\qttask.exe [2009-09-05 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2007-11-20 16841216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-18 149280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint Printer Notify.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPPRIN~1.EXE [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint TrayIcon.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPTray.exe [2008-06-25 272272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^VersionTrackerPro.lnk]
    C:\WINDOWS\Installer\{64A32253-A906-4AEB-B6A7-A90512B68D87}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe /hide []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    GPLog.lnk - C:\Program Files\GreenPrint Technologies\GreenPrint World\LOGWnd.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2007-11-20 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-09-09 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "disablecad"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMConfigurePrograms"=1
    "NoResolveTrack"=1
    "NoResolveSearch"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
    "C:\Program Files\Zapu\Zapu\wDivi.exe"="C:\Program Files\Zapu\Zapu\wDivi.exe:*:Enabled:Zapu Control"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe:*:Enabled:IreIke"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f86bb3-cdcb-11dd-8fe3-001b9e7116c1}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bda0fdf-d7df-11dd-8ffb-001b9e7116c1}]
    shell\AutoRun\command - G:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\java.exe
    2009-12-18 17:45:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2009-12-18 17:45:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-12-18 17:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-12-17 18:12:36 ----D---- C:\rsit
    2009-12-07 07:35:03 ----A---- C:\WINDOWS\system32\MSVolumeRDFr.dll
    2009-12-06 14:03:36 ----D---- C:\Program Files\Avira
    2009-12-06 14:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-12-06 09:35:05 ----D---- C:\Program Files\RegistryDoktor 4.1
    2009-12-04 16:41:41 ----D---- C:\Documents and Settings\All Users\Application Data\Fighters
    2009-12-04 08:24:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Icones
    2009-12-04 08:21:50 ----D---- C:\Program Files\Ixquick Toolbar
    2009-12-01 07:28:5
    a c 295 8 Sécurité
    18 Décembre 2009 22:23:31

    Je m'absente.
    18 Décembre 2009 22:29:09

    Je m'aperçois que IE est toujours dans la machine alors que je l'ai désinstallé dans ajout et suppression de programme. Il n'apparait plus pourtant dans cette liste.
    Comment l'éliminer?
    a c 295 8 Sécurité
    18 Décembre 2009 23:14:31

    Tu ne peux pas désinstaller complètement Internet Explorer.


  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cesoi]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{FA34EE7E-55EB-41DB-9718-1AE6EA1CF9A5}"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CA483F-30BC-425D-823D-48620A3BD13F}]

    :files
    C:\Program Files\RegistryDoktor 4.1

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    19 Décembre 2009 06:57:55

    J'ai fait la manoeuvre mais pour le rapport, je ne le trouve pas dans C: Je ne vois pas OTM et en regardant dans Programmes Files, je ne trouve pas non plus.
    Il y a surement d'autres programmes dans l'ordi que je croyais utiles et qui ne sert pas . Lesquels te semble t'il inutiles. Merci.
    a c 295 8 Sécurité
    19 Décembre 2009 09:09:20

  • Refais un scan RSIT et poste le rapport log.
    19 Décembre 2009 10:54:06

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-12-19 10:54:01
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 58 GB (76%) free of 76 GB
    Total RAM: 2046 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:54:08, on 19/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\explorer.exe
    D:\mes Documents\Logiciels\RSIT.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/annuaire
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: IXQUICKTB - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - C:\PROGRA~1\IXQUIC~1\ix_quick.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Ecolo-info Toolbar - {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - C:\Program Files\Ecolo-info\tbEcol.dll
    O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Ixquick Toolbar - {70F241F6-52AB-4D45-993E-C1C09920095B} - C:\Program Files\Ixquick Toolbar\ix_quick.dll
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ScanSoft OmniPage SE 4.0-reminder] "C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPageSE4.0\Ereg\ereg.ini"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: GPLog.lnk = ?
    O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c9bb2738e6b172) (gupdate1c9bb2738e6b172) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    --
    End of file - 11947 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\AWC AutoSweep.job
    C:\WINDOWS\tasks\AWC Update.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1801674531-1417001333-500UA.job
    C:\WINDOWS\tasks\Low Battery Alarm Program.job
    C:\WINDOWS\tasks\SLOW-PCfighter.job
    C:\WINDOWS\tasks\SmartDefrag.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{30D2C3E2-E0F3-4B92-8448-BFFB8E977315}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
    IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-10 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5CAA6CD-8EE4-40a3-92E0-385561406C50}]
    IXQUICKTB Class - C:\PROGRA~1\IXQUIC~1\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-11-26 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-18 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF96BA30-57F6-4700-8065-910EC3BE9E3B}]
    CGreenPrintPDF Object - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll [2008-06-25 87960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-18 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8b7625de-675d-4627-9ebe-bd02b7d0a89a} - Ecolo-info Toolbar - C:\Program Files\Ecolo-info\tbEcol.dll [2008-08-20 1780248]
    {31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-26 256112]
    {70F241F6-52AB-4D45-993E-C1C09920095B} - Ixquick Toolbar - C:\Program Files\Ixquick Toolbar\ix_quick.dll [2007-04-26 557056]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]
    "Device Detector"=DevDetect.exe -autorun []
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2007-11-20 69632]
    "ScanSoft OmniPage SE 4.0-reminder"=C:\Program Files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe [2006-09-26 1414696]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
    "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
    "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2009-09-05 417792]
    "IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-11-14 1278736]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-18 149280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "EPSON Stylus D92 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE [2006-09-27 139264]
    "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
    "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-TF1]
    C:\Program Files\TF1Vision\TF1vision.exe [2008-03-05 397312]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPPrinterNotify]
    C:\Program Files\GreenPrint Technologies\GreenPrint World\GPPrinterNotify.exe [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
    C:\PROGRA~1\Magentic\bin\Magentic.exe [2008-08-04 488808]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime Alternative\qttask.exe [2009-09-05 417792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2007-11-20 16841216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
    C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-18 149280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint Printer Notify.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPPRIN~1.EXE [2008-06-25 595872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GreenPrint TrayIcon.lnk]
    C:\PROGRA~1\GREENP~1\GREENP~1\GPTray.exe [2008-06-25 272272]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^VersionTrackerPro.lnk]
    C:\WINDOWS\Installer\{64A32253-A906-4AEB-B6A7-A90512B68D87}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe /hide []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    GPLog.lnk - C:\Program Files\GreenPrint Technologies\GreenPrint World\LOGWnd.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2007-11-20 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 183808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-09-09 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "disablecad"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMConfigurePrograms"=1
    "NoResolveTrack"=1
    "NoResolveSearch"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
    "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
    "C:\Program Files\Zapu\Zapu\wDivi.exe"="C:\Program Files\Zapu\Zapu\wDivi.exe:*:Enabled:Zapu Control"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\IreIKE.exe:*:Enabled:IreIke"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
    "C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe"="C:\Program Files\CoSine Communications\IPSec Dial Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11f86bb3-cdcb-11dd-8fe3-001b9e7116c1}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bda0fdf-d7df-11dd-8ffb-001b9e7116c1}]
    shell\AutoRun\command - G:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-12-18 22:12:35 ----A---- C:\WINDOWS\system32\java.exe
    2009-12-18 17:45:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2009-12-18 17:45:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-12-18 17:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-12-17 18:12:36 ----D---- C:\rsit
    2009-12-07 07:35:03 ----A---- C:\WINDOWS\system32\MSVolumeRDFr.dll
    2009-12-06 14:03:36 ----D---- C:\Program Files\Avira
    2009-12-06 14:03:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-12-04 16:41:41 ----D---- C:\Documents and Settings\All Users\Application Data\Fighters
    2009-12-04 08:24:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Icones
    2009-12-04 08:21:50 ----D---- C:\Program Files\Ixquick Toolbar
    2009-12-01 07:28:53 ----D---- C:\coktel
    2009-11-25 17:57:27 ----D---- C:\Program Files\Adobe
    2009-11-24 20:08:24 ----D---- C:\Documents and Settings\All Users\Application Data\IObit

    ======List of files/folders modified in the last 1 months======

    2009-12-19 10:52:52 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
    2009-12-19 10:51:44 ----D---- C:\Documents and Settings\Administrateur\Application Data\skypePM
    2009-12-19 10:51:28 ----D---- C:\WINDOWS\Temp
    2009-12-19 10:51:24 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-19 10:51:20 ----SD---- C:\WINDOWS\Tasks
    2009-12-19 10:50:11 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-19 06:33:43 ----D---- C:\WINDOWS\system32
    2009-12-19 06:33:43 ----D---- C:\WINDOWS
    2009-12-19 06:33:40 ----D---- C:\Program Files
    2009-12-18 22:12:42 ----SHD---- C:\WINDOWS\Installer
    2009-12-18 22:12:20 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-12-18 22:12:02 ----D---- C:\WINDOWS\Prefetch
    2009-12-18 22:06:46 ----D---- C:\Program Files\Java
    2009-12-18 22:06:45 ----D---- C:\Program Files\Fichiers communs
    2009-12-18 18:20:07 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-12-18 18:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-18 18:04:55 ----D---- C:\WINDOWS\system32\drivers
    2009-12-18 18:04:55 ----D---- C:\WINDOWS\Debug
    2009-12-18 16:01:34 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-12-18 08:11:23 ----D---- C:\WINDOWS\system32\fr-fr
    2009-12-18 08:11:22 ----HD---- C:\WINDOWS\inf
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\system32\dllcache
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Media
    2009-12-18 08:11:22 ----D---- C:\WINDOWS\Help
    2009-12-18 08:11:22 ----D---- C:\Program Files\Internet Explorer
    2009-12-18 08:10:16 ----D---- C:\WINDOWS\ie8updates
    2009-12-17 18:05:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-12-17 17:38:31 ----D---- C:\WINDOWS\WinSxS
    2009-12-17 16:09:15 ----A---- C:\WINDOWS\imsins.BAK
    2009-12-17 14:28:58 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-12-13 10:25:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-12-06 17:46:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
    2009-12-04 16:27:43 ----D---- C:\Documents and Settings\Administrateur\Application Data\IObit
    2009-12-01 16:33:38 ----AC---- C:\WINDOWS\OEWABLog.txt
    2009-12-01 07:28:38 ----RSD---- C:\WINDOWS\Fonts
    2009-11-30 15:58:37 ----SHD---- C:\WINDOWS\CSC
    2009-11-25 17:58:12 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-11-25 17:57:43 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-11-25 11:35:35 ----D---- C:\Program Files\Google
    2009-11-24 20:08:19 ----D---- C:\Program Files\IObit

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 EQDRV5;EQUANT NDIS 5 Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\eqdrv5.sys [2008-05-22 16000]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys []
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-11-25 278984]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
    R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-11-25 25416]
    R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-11-19 1161888]
    R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-01-24 1291328]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-09-09 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-11-20 2418688]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2007-11-20 84992]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-09-09 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-20 4611072]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-09-09 61824]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-02 5888]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-11-20 90880]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2007-09-09 78720]
    R3 swivsp;AC8xx Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2006-10-12 20352]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-11-20 290304]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
    R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
    R3 UVCFTR;UVCFTR; C:\WINDOWS\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
    R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-12-13 57408]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S2 Crypto;Crypto; \??\C:\WINDOWS\system32\Drivers\Crypto.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 GtVUsb;GlobeTrotter 3G+ Viper Filter Service; C:\WINDOWS\system32\DRIVERS\GtVUsb.sys [2006-11-21 5120]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2007-09-09 12032]
    S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2007-09-09 11008]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2005-03-02 4736]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-09-09 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-09-09 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-11-19 9216]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-11-20 483328]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-06-03 39936]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
    R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2009-11-14 312592]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-18 153376]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
    S2 gupdate1c9bb2738e6b172;Google Update Service (gupdate1c9bb2738e6b172); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-12 133104]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-07 30192]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    19 Décembre 2009 11:23:12

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    19 Décembre 2009 11:40:28

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\Rsit: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
    C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
    C:\Rsit: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    a c 295 8 Sécurité
    19 Décembre 2009 11:43:33

    Tu peux supprimer ToolsCleaner.

    Bonne journée ;) 
    19 Décembre 2009 14:38:34

    La dernière partie à partir de désactiver et réactiver la restauration du système, je crois que je n'ai pas su faire !
    Là je vais m'absenter et merci encore, je vais m'y remettre ce soir.
    19 Décembre 2009 17:26:05

    Finalement j'ai compris et je suis allé au bout. Avec mes remerciements. : :bounce: 
    a c 295 8 Sécurité
    19 Décembre 2009 21:19:05

    Bonne nuit ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS