Votre question
Résolu

Problème de spam

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Décembre 2009 19:20:00

Bonjour tout le monde, voila mon problème. Depuis quelques jours, j'ai des spams récurrents de pages internet menant vers un site en anglais. J'ai déjà eu une fois ce problème avec Limewire mais là c'est à cause de la clé usb d'un ami .... Depuis que je l'ai mise sur mon ordi ça me fait ça donc je suppose que c'est un virus. Je post ci-dessous le rapport Hijackthis.
___________________________________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:54:02, on 4/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Simon\Mes documents\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr_ver.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBBEFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - C:\WINDOWS\system32\pbbefrv2.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PBBEFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - C:\WINDOWS\system32\pbbefrv2.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr_ver.htm
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 9873 bytes
_________________________________________________________________

Merci d'avance chez sages d'info du net :)  [:_tom_:7].

Autres pages sur : probleme spam

a c 295 8 Sécurité
4 Décembre 2009 19:48:26

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    m
    0
    l
    4 Décembre 2009 20:03:44

    Log :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Simon at 2009-12-04 19:59:28
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 3 GB (5%) free of 68 GB
    Total RAM: 1014 MB (24% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:59:36, on 4/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\APPS\SMP\SmpSys.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\BitTorrent\bittorrent.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Simon\Mes documents\Téléchargements\RSIT.exe
    C:\Documents and Settings\Simon\Mes documents\Downloads\Simon.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr_ver.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: PBBEFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - C:\WINDOWS\system32\pbbefrv2.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: PBBEFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - C:\WINDOWS\system32\pbbefrv2.dll (file missing)
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr_ver.htm
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 9741 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Extension de garantie.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006UA.job
    C:\WINDOWS\tasks\Master CD_DVD Creator.job
    C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
    C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
    C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D}]
    PBBEFRV2 - C:\WINDOWS\system32\pbbefrv2.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - PBBEFRV2 - C:\WINDOWS\system32\pbbefrv2.dll []
    {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-03 98304]
    "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-03 77824]
    "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-03 118784]
    "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-06-20 729178]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
    "Google Update"=C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-10 133104]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2005-11-03 135168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-10-15 110592]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe"="C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Jeux\World of Warcraft\Launcher.exe"="C:\Program Files\Jeux\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\APPS\skype\Phone\Skype.exe"="C:\APPS\skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1f4ccec-85e4-11de-b636-0016365acc60}]
    shell\AutoRun\command - G:\ime/moje.exe
    shell\explore\command - G:\ime/moje.exe
    shell\open\command - G:\ime/moje.exe


    ======List of files/folders created in the last 1 months======

    2009-12-04 19:59:28 ----D---- C:\rsit
    2009-12-04 19:23:55 ----D---- C:\Program Files\BitTorrent
    2009-12-04 17:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\2DBoy
    2009-12-04 11:15:43 ----D---- C:\Program Files\Dossier photos
    2009-12-04 11:14:00 ----D---- C:\Mes Images
    2009-12-04 11:12:18 ----A---- C:\WINDOWS\rtfctl32.dll
    2009-12-04 11:11:45 ----D---- C:\Program Files\FotoStation 4.0
    2009-11-30 16:15:07 ----D---- C:\Documents and Settings\Simon\Application Data\VanDale
    2009-11-30 13:34:30 ----D---- C:\VanDale
    2009-11-25 22:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
    2009-11-25 22:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
    2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-11-14 14:51:48 ----D---- C:\Program Files\DivX
    2009-11-14 00:21:06 ----D---- C:\Documents and Settings\Simon\Application Data\Media Player Classic
    2009-11-14 00:17:51 ----D---- C:\Program Files\Combined Community Codec Pack
    2009-11-13 21:36:47 ----D---- C:\Program Files\Microsoft Silverlight
    2009-11-13 21:32:39 ----D---- C:\Program Files\Microsoft
    2009-11-13 20:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
    2009-11-05 18:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$

    ======List of files/folders modified in the last 1 months======

    2009-12-04 19:59:37 ----D---- C:\Documents and Settings\Simon\Application Data\BitTorrent
    2009-12-04 19:59:33 ----D---- C:\WINDOWS\PREFETCH
    2009-12-04 19:35:48 ----D---- C:\WINDOWS\Temp
    2009-12-04 19:23:55 ----RD---- C:\Program Files
    2009-12-04 19:10:57 ----D---- C:\Program Files\Mozilla Firefox
    2009-12-04 11:12:24 ----D---- C:\WINDOWS
    2009-12-04 11:12:23 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-12-04 11:10:24 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-03 23:37:42 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-01 23:10:59 ----D---- C:\Documents and Settings\Simon\Application Data\Skype
    2009-12-01 23:10:28 ----D---- C:\Documents and Settings\Simon\Application Data\skypePM
    2009-12-01 22:50:12 ----D---- C:\WINDOWS\system32\Lang
    2009-11-30 22:13:54 ----RSHD---- C:\RECYCLER
    2009-11-26 08:34:50 ----D---- C:\WINDOWS\security
    2009-11-26 08:34:35 ----HD---- C:\WINDOWS\inf
    2009-11-26 08:32:24 ----AD---- C:\WINDOWS\system32
    2009-11-25 22:56:25 ----SHD---- C:\WINDOWS\Installer
    2009-11-25 22:56:12 ----A---- C:\WINDOWS\imsins.BAK
    2009-11-25 22:55:45 ----HD---- C:\WINDOWS\$hf_mig$
    2009-11-25 22:55:37 ----D---- C:\WINDOWS\WinSxS
    2009-11-25 08:26:03 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-11-25 08:25:59 ----RSD---- C:\WINDOWS\assembly
    2009-11-25 08:23:41 ----RSD---- C:\WINDOWS\Fonts
    2009-11-25 08:23:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-11-25 08:21:13 ----D---- C:\Program Files\Microsoft Works
    2009-11-25 08:21:10 ----D---- C:\WINDOWS\pchealth
    2009-11-23 20:48:31 ----D---- C:\Documents and Settings\Simon\Application Data\U3
    2009-11-21 02:15:48 ----A---- C:\WINDOWS\win.ini
    2009-11-21 02:15:47 ----D---- C:\Program Files\Fichiers communs\System
    2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs
    2009-11-13 22:37:08 ----D---- C:\WINDOWS\Microsoft.NET
    2009-11-13 21:35:07 ----D---- C:\Program Files\Windows Live
    2009-11-13 20:37:55 ----D---- C:\WINDOWS\Help

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-28 17119]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
    R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-03 1353820]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-25 3134976]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-06-20 190400]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
    S3 a6d5fm57;a6d5fm57; C:\WINDOWS\system32\drivers\a6d5fm57.sys []
    S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-09-23 1852488]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
    R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
    R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-10-15 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
    R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-10-15 225353]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------

    ___________________________________________________________________________________

    Info :

    info.txt logfile of random's system information tool 1.06 2009-12-04 19:59:39

    ======Uninstall list======

    -->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    -->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    -->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
    Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
    Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Combined Community Codec Pack 2009-09-09-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
    Commandos 2: Men of Courage-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}\setup.exe"
    Correctif pour Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB918005)-->"C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
    Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    FotoStation 4.0-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\FotoStation 4.0\Uninst.isu"
    GUILD WARS-->"C:\Program Files\GUILD WARS\Gw.exe" -uninstall
    Guitar Pro 5.0-->"C:\Program Files\Guitar Pro 5\unins000.exe"
    HijackThis 2.0.2-->"C:\Documents and Settings\Simon\Mes documents\Downloads\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
    iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
    IZArc 4.0 beta 1-->"C:\Program Files\IZArc\unins000.exe"
    J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
    mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
    mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
    mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    mEoU.msi-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
    mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
    mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
    mToolkit-->MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Packard Bell Toolbar 1.0-->"C:\Program Files\Dynamic Toolbar\unins000.exe"
    QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
    Robin Hood: The Legend Of Sherwood-->C:\Documents and Settings\Simon\Mes documents\Downloads\Robin Hood The Legend Of Sherwood\Robin Hood The Legend Of Sherwood
    RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5}
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe

    ======Security center information======

    AV: AntiVir Desktop

    ======System event log======

    Computer Name: 106254330136
    Event Code: 240
    Message: Une requête de suspension de pouvoir a été refusée par winlogon.exe.

    Record Number: 6793
    Source Name: Win32k
    Time Written: 20091119231404.000000+060
    Event Type: warning
    User:

    Computer Name: 106254330136
    Event Code: 18
    Message: TIMEOUT<ZCfgSvc.exe> C:\...Settings\Settings.ini

    Record Number: 6792
    Source Name: avgntflt
    Time Written: 20091119231342.000000+060
    Event Type: warning
    User:

    Computer Name: 106254330136
    Event Code: 10010
    Message: Le serveur {4BEE36D7-DF28-49C1-8B85-1F3AED830E66} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.

    Record Number: 6770
    Source Name: DCOM
    Time Written: 20091119173340.000000+060
    Event Type: error
    User: AUTORITE NT\SYSTEM

    Computer Name: 106254330136
    Event Code: 1003
    Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00166FAAA569. Il s'est
    produit l'erreur suivante :
    L'opération a été annulée par l'utilisateur.
    .
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Record Number: 6679
    Source Name: Dhcp
    Time Written: 20091119153953.000000+060
    Event Type: warning
    User:

    Computer Name: 106254330136
    Event Code: 1003
    Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00166FAAA569. Il s'est
    produit l'erreur suivante :
    L'opération a été annulée par l'utilisateur.
    .
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Record Number: 6670
    Source Name: Dhcp
    Time Written: 20091119150935.000000+060
    Event Type: warning
    User:

    =====Application event log=====

    Computer Name: 106254330136
    Event Code: 1015
    Message: La connexion au serveur est impossible. Erreur : 0x800401F0

    Record Number: 429
    Source Name: MsiInstaller
    Time Written: 20090924165825.000000+120
    Event Type: warning
    User: 106254330136\Simon

    Computer Name: 106254330136
    Event Code: 1015
    Message: La connexion au serveur est impossible. Erreur : 0x800401F0

    Record Number: 427
    Source Name: MsiInstaller
    Time Written: 20090924165825.000000+120
    Event Type: warning
    User: 106254330136\Simon

    Computer Name: 106254330136
    Event Code: 1015
    Message: La connexion au serveur est impossible. Erreur : 0x800401F0

    Record Number: 425
    Source Name: MsiInstaller
    Time Written: 20090924165825.000000+120
    Event Type: warning
    User: 106254330136\Simon

    Computer Name: 106254330136
    Event Code: 1015
    Message: La connexion au serveur est impossible. Erreur : 0x800401F0

    Record Number: 423
    Source Name: MsiInstaller
    Time Written: 20090924165825.000000+120
    Event Type: warning
    User: 106254330136\Simon

    Computer Name: 106254330136
    Event Code: 1015
    Message: La connexion au serveur est impossible. Erreur : 0x800401F0

    Record Number: 421
    Source Name: MsiInstaller
    Time Written: 20090924165825.000000+120
    Event Type: warning
    User: 106254330136\Simon

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0d08
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip

    -----------------EOF-----------------


    Voila :) 
    m
    0
    l
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    a c 295 8 Sécurité
    4 Décembre 2009 20:08:05

  • Désinstalle Ask Toolbar.

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    m
    0
    l
    6 Décembre 2009 12:34:50

    Voila le rapport


    ############################## | UsbFix V6.059 |

    User : Simon (Administrateurs) # 106254330136
    Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 12:23:16 | 6/12/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Pentium(R) M processor 1.80GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
    Internet Explorer 6.0.2900.2180
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 66,71 Go (1,3 Go free) [HDD] # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    G:\ -> Disque amovible # 1,87 Go (200,38 Mo free) [UDISK] # FAT

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 764
    C:\WINDOWS\system32\csrss.exe 816
    C:\WINDOWS\system32\winlogon.exe 840
    C:\WINDOWS\system32\services.exe 884
    C:\WINDOWS\system32\lsass.exe 896
    C:\WINDOWS\system32\svchost.exe 1056
    C:\WINDOWS\system32\svchost.exe 1116
    C:\WINDOWS\System32\svchost.exe 1232
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1308
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1372
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe 1412
    C:\WINDOWS\system32\svchost.exe 1524
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe 1536
    C:\WINDOWS\system32\svchost.exe 1668
    C:\WINDOWS\Explorer.EXE 1780
    C:\WINDOWS\system32\spoolsv.exe 200
    C:\Program Files\Avira\AntiVir Desktop\sched.exe 252
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe 360
    C:\WINDOWS\system32\svchost.exe 804
    C:\WINDOWS\system32\igfxtray.exe 1324
    C:\WINDOWS\system32\igfxpers.exe 1432
    C:\WINDOWS\RTHDCPL.EXE 1472
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1548
    C:\Program Files\Java\jre6\bin\jusched.exe 1652
    C:\Apps\Powercinema\PCMService.exe 1656
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1704
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe 1728
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe 1744
    C:\Program Files\iTunes\iTunesHelper.exe 1768
    C:\APPS\SMP\SmpSys.exe 1808
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1876
    C:\WINDOWS\system32\ctfmon.exe 1920
    C:\Program Files\RocketDock\RocketDock.exe 556
    C:\Program Files\DAEMON Tools Lite\daemon.exe 368
    C:\Program Files\a-squared Free\a2service.exe 1984
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1616
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1864
    C:\Program Files\Bonjour\mDNSResponder.exe 1840
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe 2056
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe 2468
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe 2500
    c:\APPS\HIDSERVICE\HIDSERVICE.exe 2504
    C:\Program Files\Java\jre6\bin\jqs.exe 2624
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe 3224
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 3276
    C:\WINDOWS\system32\wdfmgr.exe 3348
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe 3680
    C:\Program Files\iPod\bin\iPodService.exe 3796
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 3896
    C:\WINDOWS\System32\alg.exe 1464
    C:\WINDOWS\system32\wuauclt.exe 3856
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe 3788
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe 640
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe 876
    C:\WINDOWS\system32\wbem\wmiprvse.exe 3632

    ################## | Fichiers # Dossiers infectieux |

    C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\nissan.exe
    C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\Desktop.ini
    C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014
    G:\autorun.inf
    G:\DOBRERIBE
    G:\ime\moje.exe
    G:\ime

    ################## | Spyware.OnlineGames |


    ################## | Registre # Clés infectieuses |

    [HKLM\software\microsoft\windows nt\currentversion\winlogon] "Taskman"

    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{a1f4ccec-85e4-11de-b636-0016365acc60}
    Shell\AutoRun\command =G:\ime/moje.exe
    Shell\explore\command =G:\ime/moje.exe
    Shell\open\command =G:\ime/moje.exe

    ################## | Cracks / Keygens / Serials |

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\vegaspro90_32bit.exe"
    20/08/2009 22:00 |Size 168857432 |Crc32 e382a830 |Md5 0f51969f67a66e0b212bd31a9e236301

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\crack vegas 9\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe"
    20/08/2009 21:41 |Size 96256 |Crc32 88452780 |Md5 fc9fc6fe89061acc405df329c2192895

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\50comupd.exe"
    25/10/2005 20:02 |Size 509984 |Crc32 2187dc5a |Md5 1fe5054c22c17f349e96b977365da427

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\hhupd.exe"
    25/10/2005 20:02 |Size 471840 |Crc32 3b4fb565 |Md5 cbab5757c973d4366352043d27e0860f

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86a.exe"
    25/10/2005 20:03 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86w.exe"
    25/10/2005 20:03 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\Setup.exe"
    03/04/2006 20:02 |Size 562688 |Crc32 fe7f3160 |Md5 b5b96e200b30ed9430ce70e4dd9b686e

    "C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\b-fm1010.rar"
    -> contain : Crack\fm.exe


    ################## | ! Fin du rapport # UsbFix V6.059 ! |



    Désolé pour le retard hein mais j'étais pas chez moi hier ^^.
    m
    0
    l
    a c 295 8 Sécurité
    6 Décembre 2009 18:40:33

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    m
    0
    l
    7 Décembre 2009 20:16:23

    Voila le rapport

    ############################## | UsbFix V6.059 |

    User : Simon (Administrateurs) # 106254330136
    Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 20:07:10 | 7/12/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Pentium(R) M processor 1.80GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
    Internet Explorer 6.0.2900.2180
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

    C:\ -> Disque fixe local # 66,71 Go (1,18 Go free) [HDD] # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    G:\ -> Disque amovible # 1,87 Go (200,38 Mo free) [UDISK] # FAT

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe 764
    C:\WINDOWS\system32\csrss.exe 824
    C:\WINDOWS\system32\winlogon.exe 848
    C:\WINDOWS\system32\services.exe 892
    C:\WINDOWS\system32\lsass.exe 904
    C:\WINDOWS\system32\svchost.exe 1064
    C:\WINDOWS\system32\svchost.exe 1136
    C:\WINDOWS\System32\svchost.exe 1236
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 1324
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 1376
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe 1416
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe 1472
    C:\WINDOWS\system32\svchost.exe 1584
    C:\WINDOWS\system32\svchost.exe 1736
    C:\WINDOWS\Explorer.EXE 1784
    C:\WINDOWS\system32\spoolsv.exe 292
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe 300
    C:\Program Files\Avira\AntiVir Desktop\sched.exe 380
    C:\WINDOWS\system32\svchost.exe 1200
    C:\Program Files\a-squared Free\a2service.exe 1480
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1544
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1556
    C:\Program Files\Bonjour\mDNSResponder.exe 1572
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe 1596
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe 1728
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe 1816
    c:\APPS\HIDSERVICE\HIDSERVICE.exe 1824
    C:\Program Files\Java\jre6\bin\jqs.exe 1908
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe 2024
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 224
    C:\WINDOWS\system32\wdfmgr.exe 464
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe 608
    C:\WINDOWS\system32\wuauclt.exe 796
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 2080
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2140
    C:\WINDOWS\System32\alg.exe 2160
    C:\WINDOWS\system32\wbem\wmiprvse.exe 2224

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\nissan.exe
    Supprimé ! C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014\Desktop.ini
    Supprimé ! C:\Recycler\S-1-5-21-1622337330-7226149548-304615326-2014
    G:\autorun.inf -> fichier appelé : "G:\ime/moje.exe" ( Présent ! )
    Non supprimé ! G:\ime/moje.exe
    G:\autorun.inf -> fichier appelé : "G:\ime/moje.exe" ( Présent ! )
    Non supprimé ! G:\ime/moje.exe
    Supprimé ! G:\autorun.inf
    Supprimé ! G:\DOBRERIBE
    Supprimé ! G:\ime\moje.exe
    Supprimé ! G:\ime

    ################## | Spyware.OnlineGames |

    Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd
    Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd
    Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd
    Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP45\A0014321.cmd

    ################## | Registre # Clés infectieuses |


    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{5c94c700-bced-11de-b65c-0016365acc60}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a1f4ccec-85e4-11de-b636-0016365acc60}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [01/08/2006 16:20|-rahs----|215] C:\BOOT.BAK
    [10/08/2009 18:37|-rahs----|296] C:\BOOT.INI
    [05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
    [05/08/2004 13:00|-rahs----|263488] C:\cmldr
    [01/08/2006 15:50|--a------|6539] C:\DWNLOG.TXT
    [?|?|?] C:\hiberfil.sys
    [25/11/2009 20:31|--a------|1417] C:\INSTALL.LOG
    [01/08/2006 16:22|-rahs----|0] C:\IO.SYS
    [01/08/2006 16:22|-rahs----|0] C:\MSDOS.SYS
    [05/08/2004 13:00|--a------|47564] C:\NTDETECT.COM
    [05/08/2004 13:00|--a------|251712] C:\NTLDR
    [?|?|?] C:\pagefile.sys
    [11/08/2005 08:31|--a------|97] C:\SAUDIT.TXT
    [07/12/2009 20:10|--a------|4535] C:\UsbFix.txt
    [08/10/2009 11:17|--a------|215552] G:\Journalis[1][1]...doc
    [17/09/2009 20:23|--a------|26338] G:\Carte-d'invit'.png
    [17/09/2009 20:07|--a------|2480] G:\Carte-d'invit'verso.png
    [04/10/2009 20:54|--a------|29665] G:\Invasie van spinnen, article 1 ndls.docx
    [08/10/2009 10:00|--a------|75264] G:\DOCHY Economie 24.09.09.doc
    [13/10/2009 08:57|--a------|67072] G:\Article 1 anglais Saturne rings.doc
    [19/10/2009 20:53|--a------|24576] G:\Expression ‚crite.doc
    [28/10/2009 14:44|---h-----|23552] G:\~WRL0001.tmp
    [28/10/2009 15:54|--a------|23552] G:\As.doc
    [11/01/2004 00:55|--a------|653748004] G:\Goodbye lenin VOST.avi
    [16/11/2009 08:52|--a------|11206] G:\cours Droit.docx
    [26/11/2009 15:48|--a------|117386] G:\BIBLIO Al, Za, Del.docx
    [23/06/2009 09:29|--a------|2054089] G:\SomeoneSpecial-MickGordon.zip
    [03/12/2009 23:12|--a------|208896] G:\Buxin SimonAnimation Socioculturelle.doc

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # G:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Cracks / Keygens / Serials |

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\vegaspro90_32bit.exe"
    20/08/2009 22:00 |Size 168857432 |Crc32 e382a830 |Md5 0f51969f67a66e0b212bd31a9e236301

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\crack vegas 9\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe"
    20/08/2009 21:41 |Size 96256 |Crc32 88452780 |Md5 fc9fc6fe89061acc405df329c2192895

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\50comupd.exe"
    25/10/2005 20:02 |Size 509984 |Crc32 2187dc5a |Md5 1fe5054c22c17f349e96b977365da427

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\hhupd.exe"
    25/10/2005 20:02 |Size 471840 |Crc32 3b4fb565 |Md5 cbab5757c973d4366352043d27e0860f

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86a.exe"
    25/10/2005 20:03 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86w.exe"
    25/10/2005 20:03 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

    "C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\Setup.exe"
    03/04/2006 20:02 |Size 562688 |Crc32 fe7f3160 |Md5 b5b96e200b30ed9430ce70e4dd9b686e

    "C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\b-fm1010.rar"
    -> contain : Crack\fm.exe


    ################## | Upload |

    Veuillez envoyer le fichier : C:\DOCUME~1\Simon\Bureau\UsbFix_Upload_Me_106254330136.zip : http://chiquitine.changelog.fr/Sample/Upload.php
    Merci pour votre contribution .

    Merci :) 
    m
    0
    l
    a c 295 8 Sécurité
    7 Décembre 2009 20:28:51

  • Relance UsbFix et choisis l'option 5 pour le désinstaller.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    m
    0
    l
    9 Décembre 2009 16:42:32

    Voilà le rapport MBAM

    Malwarebytes' Anti-Malware 1.42
    Version de la base de données: 3331
    Windows 5.1.2600 Service Pack 2
    Internet Explorer 6.0.2900.2180

    9/12/2009 16:41:45
    mbam-log-2009-12-09 (16-41-45).txt

    Type de recherche: Examen rapide
    Eléments examinés: 103567
    Temps écoulé: 8 minute(s), 56 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-a0e8-ed6ab197b82d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-a0e8-ed6ab197b82d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    m
    0
    l
    a c 295 8 Sécurité
    9 Décembre 2009 18:54:25

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    m
    0
    l
    10 Décembre 2009 22:26:35

    Voila le log

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Simon at 2009-12-10 22:25:04
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 2 GB (3%) free of 68 GB
    Total RAM: 1014 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:25:21, on 10/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\APPS\SMP\SmpSys.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
    C:\VanDale\Grote woordenboeken\Frans\VDNF.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Simon\Mes documents\Downloads\RSIT.exe
    C:\Documents and Settings\Simon\Mes documents\Downloads\Simon.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\befr_ver.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - (no file)
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr_ver.htm
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    --
    End of file - 9616 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Extension de garantie.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3587632848-4188249037-3701203085-1006UA.job
    C:\WINDOWS\tasks\Master CD_DVD Creator.job
    C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
    C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
    C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D}
    {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-03 98304]
    "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-03 77824]
    "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-03 118784]
    "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-06-20 729178]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
    "PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-15 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2004-10-15 356352]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
    "Google Update"=C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-10 133104]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2005-11-03 135168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2004-10-15 110592]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoDriveAutoRun"=145
    "HonorAutoRunSetting"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe"="C:\Documents and Settings\Simon\Local Settings\Temp\7zS94.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Jeux\World of Warcraft\Launcher.exe"="C:\Program Files\Jeux\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe"="C:\Program Files\Jeux\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\APPS\skype\Phone\Skype.exe"="C:\APPS\skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c94c700-bced-11de-b65c-0016365acc60}]
    shell\AutoRun\command - E:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-12-10 22:21:10 ----D---- C:\WINDOWS\LastGood
    2009-12-09 16:29:58 ----D---- C:\Documents and Settings\Simon\Application Data\Malwarebytes
    2009-12-09 16:29:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-12-09 16:29:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-12-07 20:11:00 ----RASHD---- C:\autorun.inf
    2009-12-06 12:48:53 ----D---- C:\Documents and Settings\Simon\Application Data\AdobeUM
    2009-12-06 12:27:07 ----D---- C:\Documents and Settings\Simon\Application Data\WinRAR
    2009-12-06 12:21:37 ----D---- C:\UsbFix
    2009-12-05 20:41:00 ----D---- C:\WINDOWS\Minidump
    2009-12-05 13:10:51 ----D---- C:\Documents and Settings\All Users\Application Data\Sports Interactive
    2009-12-05 13:08:54 ----D---- C:\Documents and Settings\Simon\Application Data\Sports Interactive
    2009-12-05 13:07:55 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
    2009-12-05 13:07:55 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
    2009-12-05 13:07:55 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
    2009-12-05 13:07:54 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
    2009-12-05 13:07:54 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
    2009-12-05 13:07:53 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
    2009-12-05 13:07:52 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
    2009-12-05 13:07:51 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
    2009-12-05 13:07:51 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
    2009-12-05 13:07:51 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
    2009-12-05 13:07:50 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
    2009-12-05 13:07:50 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
    2009-12-05 13:07:49 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
    2009-12-05 13:07:48 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
    2009-12-05 13:07:48 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
    2009-12-05 13:07:48 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
    2009-12-05 13:07:47 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2009-12-05 13:07:46 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2009-12-05 13:07:46 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2009-12-05 13:07:45 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-12-05 13:07:45 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-12-05 13:07:45 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
    2009-12-05 13:07:44 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-12-05 13:07:43 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2009-12-05 13:07:41 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2009-12-05 13:07:41 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2009-12-05 13:07:40 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2009-12-05 13:07:39 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2009-12-05 13:07:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2009-12-05 13:07:38 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2009-12-05 13:07:37 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2009-12-05 13:07:37 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2009-12-05 13:07:37 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2009-12-05 13:07:36 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
    2009-12-05 13:07:35 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
    2009-12-05 13:07:34 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
    2009-12-05 13:07:34 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
    2009-12-05 13:07:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
    2009-12-05 13:07:32 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
    2009-12-05 13:07:32 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
    2009-12-05 13:07:32 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
    2009-12-05 13:07:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
    2009-12-05 13:07:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
    2009-12-05 13:07:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
    2009-12-05 13:07:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
    2009-12-05 13:07:29 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
    2009-12-05 13:07:28 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-12-05 13:07:24 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-12-05 13:07:21 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-12-05 13:07:21 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-12-05 13:07:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-12-05 13:07:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-12-05 13:07:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-12-05 13:07:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-12-05 13:07:15 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-12-05 13:07:15 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-12-05 13:07:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-12-05 13:07:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-12-05 13:07:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-12-05 13:07:13 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-12-05 13:07:12 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-12-05 13:07:11 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-12-05 13:06:55 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-12-05 13:06:54 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-12-05 13:06:54 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-12-05 13:06:53 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-12-05 13:06:52 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-12-05 13:06:52 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-12-05 13:06:51 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2009-12-05 13:06:51 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2009-12-05 13:06:50 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-12-05 13:06:46 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-12-05 13:06:21 ----D---- C:\WINDOWS\Logs
    2009-12-05 12:59:15 ----HD---- C:\Program Files\Zero G Registry
    2009-12-05 12:59:15 ----D---- C:\Program Files\Sports Interactive
    2009-12-04 19:59:28 ----D---- C:\rsit
    2009-12-04 19:23:55 ----D---- C:\Program Files\BitTorrent
    2009-12-04 17:05:43 ----D---- C:\Documents and Settings\All Users\Application Data\2DBoy
    2009-12-04 11:15:43 ----D---- C:\Program Files\Dossier photos
    2009-12-04 11:14:00 ----D---- C:\Mes Images
    2009-12-04 11:12:18 ----A---- C:\WINDOWS\rtfctl32.dll
    2009-12-04 11:11:45 ----D---- C:\Program Files\FotoStation 4.0
    2009-11-30 16:15:07 ----D---- C:\Documents and Settings\Simon\Application Data\VanDale
    2009-11-30 13:34:30 ----D---- C:\VanDale
    2009-11-25 22:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
    2009-11-25 22:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
    2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-11-14 14:51:48 ----D---- C:\Program Files\DivX
    2009-11-14 00:21:06 ----D---- C:\Documents and Settings\Simon\Application Data\Media Player Classic
    2009-11-14 00:17:51 ----D---- C:\Program Files\Combined Community Codec Pack
    2009-11-13 21:36:47 ----D---- C:\Program Files\Microsoft Silverlight
    2009-11-13 21:32:39 ----D---- C:\Program Files\Microsoft
    2009-11-13 20:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$

    ======List of files/folders modified in the last 1 months======

    2009-12-10 22:25:09 ----D---- C:\WINDOWS\PREFETCH
    2009-12-10 22:22:57 ----HD---- C:\WINDOWS\inf
    2009-12-10 22:22:09 ----HD---- C:\WINDOWS\$hf_mig$
    2009-12-10 22:22:09 ----D---- C:\WINDOWS
    2009-12-10 10:15:30 ----D---- C:\WINDOWS\Temp
    2009-12-10 08:35:08 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-12-10 08:34:21 ----D---- C:\WINDOWS\system32\Lang
    2009-12-09 22:50:48 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-12-09 16:29:53 ----D---- C:\WINDOWS\system32\drivers
    2009-12-09 16:29:49 ----RD---- C:\Program Files
    2009-12-07 20:10:58 ----SHD---- C:\System Volume Information
    2009-12-07 20:10:56 ----SHD---- C:\RECYCLER
    2009-12-06 12:32:41 ----D---- C:\Program Files\Mozilla Firefox
    2009-12-05 20:30:22 ----D---- C:\Documents and Settings\Simon\Application Data\BitTorrent
    2009-12-05 13:07:58 ----D---- C:\WINDOWS\system32\DirectX
    2009-12-05 13:07:56 ----AD---- C:\WINDOWS\system32
    2009-12-05 13:07:11 ----RSD---- C:\WINDOWS\assembly
    2009-12-05 13:06:58 ----D---- C:\WINDOWS\Microsoft.NET
    2009-12-04 11:12:23 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-12-01 23:10:59 ----D---- C:\Documents and Settings\Simon\Application Data\Skype
    2009-12-01 23:10:28 ----D---- C:\Documents and Settings\Simon\Application Data\skypePM
    2009-11-26 08:34:50 ----D---- C:\WINDOWS\security
    2009-11-25 22:56:25 ----SHD---- C:\WINDOWS\Installer
    2009-11-25 22:56:12 ----A---- C:\WINDOWS\imsins.BAK
    2009-11-25 22:55:37 ----D---- C:\WINDOWS\WinSxS
    2009-11-25 08:26:03 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-11-25 08:23:41 ----RSD---- C:\WINDOWS\Fonts
    2009-11-25 08:23:31 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-11-25 08:21:13 ----D---- C:\Program Files\Microsoft Works
    2009-11-25 08:21:10 ----D---- C:\WINDOWS\pchealth
    2009-11-23 20:48:31 ----D---- C:\Documents and Settings\Simon\Application Data\U3
    2009-11-21 02:15:48 ----A---- C:\WINDOWS\win.ini
    2009-11-21 02:15:47 ----D---- C:\Program Files\Fichiers communs\System
    2009-11-14 14:51:49 ----D---- C:\Program Files\Fichiers communs
    2009-11-13 21:35:07 ----D---- C:\Program Files\Windows Live
    2009-11-13 20:37:55 ----D---- C:\WINDOWS\Help

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-28 17119]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
    R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-03 1353820]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-05-25 3134976]
    R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-06-20 190400]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
    S3 a02pcor7;a02pcor7; C:\WINDOWS\system32\drivers\a02pcor7.sys []
    S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-09-23 1852488]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
    R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
    R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2004-10-15 98304]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
    R2 WLANKEEPER;WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2004-10-15 225353]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    m
    0
    l
    a c 295 8 Sécurité
    10 Décembre 2009 22:29:52

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option L.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    m
    0
    l
    11 Décembre 2009 16:11:47

    Voila le log :) 

    .
    ======= LOGFILE OF AD-REMOVER 1.1.4.6_E | ONLY XP/VISTA/7 =======
    .
    Updated by C_XX on 10.12.2009 at 21:08
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Launch at: 16:05:06, ven. 11/12/2009 | Normal Boot | Option: CLEAN
    Executed from: C:\Program Files\Ad-Remover\
    Operating system: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
    Computer Name: 106254330136 | Current user: Simon
    .
    ============== NEUTRALIZED ELEMENT(S) ==============
    .

    C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    C:\Program Files\Ask.com
    C:\DOCUME~1\Simon\LOCALS~1\Temp\AskSearch
    C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

    (!) -- Temp files deleted.

    .
    HKCU\software\appdatalow\AskToolbarInfo
    HKCU\software\Ask.com
    HKCU\software\AskToolbar
    HKCU\software\Dynamic Toolbar
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    HKLM\software\classes\appid\GenericAskToolbar.DLL
    HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\software\classes\GenericAskToolbar.ToolbarWnd
    HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1
    HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    .
    ============== Added scan ==============
    .
    .
    * Mozilla FireFox Version 3.5.5 [fr] *
    .
    ProfilePath: qnqk5n1q.default (Simon)
    .
    .
    .
    * Internet Explorer Version 6.0.2900.2180 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Local Page: C:\WINDOWS\system32\blank.htm
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Use Custom Search URL: 1 (0x1)
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ============== Suspect (Cracks, Serials, ...) ==============
    .
    C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\battery.nfo
    C:\Documents and Settings\Simon\Bureau\Football.Manager.2010.Update.10.1.0.Cracked-BAT\b-fm1010.rar
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\vegaspro90_32bit.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony Vegas Pro 9 + Crack and KeyGen\crack vegas 9\Sony_VegasPro8_DVDArchitect45_SoundForge9_CRACK.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\50comupd.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\hhupd.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86a.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\InstMsi-x86w.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\Setup.exe
    C:\Documents and Settings\Simon\Bureau\Programmes by Ak\Sony.Sound.Forge.v8.0d.Incl.Keygen-SSG\ssg.nfo
    C:\Documents and Settings\Simon\Mes documents\Downloads\Football.Manager.2010.Update.10.1_Crack-BAT.5141818.TPB.torrent
    C:\Documents and Settings\Simon\Mes documents\Downloads\commandos 2 men of courage\patch\InternationalPatch.exe
    .
    ===================================
    .
    4791 Byte(s) - C:\Ad-Report-CLEAN[1].log
    .
    0 File(s) - C:\DOCUME~1\Simon\LOCALS~1\Temp
    1 File(s) - C:\WINDOWS\Temp
    9 File(s) - C:\WINDOWS\Prefetch
    .
    17 File(s) - C:\Program Files\Ad-Remover\BACKUP
    11 File(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    End at: 16:10:03 | ven. 11/12/2009 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    m
    0
    l
    a c 295 8 Sécurité
    11 Décembre 2009 18:13:51

    1/

  • Désinstalle les programmes suivants :
    - Ad-Remover
    - J2SE Runtime Environment 5.0 Update 4
    - Java 6 Update 16

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Mets à jour Internet Explorer.


    2/

  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    m
    0
    l
    15 Décembre 2009 21:18:29

    Voila le log désolé pour le retard.

    Avira AntiVir Personal
    Report file date: mardi 15 décembre 2009 19:49

    Scanning for 1448949 virus strains and unwanted programs.

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows XP
    Windows version : (Service Pack 2) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : 106254330136

    Version information:
    BUILD.DAT : 9.0.0.418 21723 Bytes 2/12/2009 16:28:00
    AVSCAN.EXE : 9.0.3.10 466689 Bytes 20/11/2009 09:30:45
    AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
    LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 09:30:45
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 09:30:45
    VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 09:30:45
    VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 09:30:45
    VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 09:30:45
    VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 09:30:45
    VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 09:30:45
    VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 09:30:45
    VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 09:30:45
    VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 09:30:45
    VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 09:30:45
    VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 09:30:45
    VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 09:30:45
    VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 10:21:37
    VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 07:43:33
    VBASE015.VDF : 7.10.1.178 195584 Bytes 7/12/2009 08:38:20
    VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 18:37:32
    VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 18:37:52
    VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 18:37:53
    VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 18:37:54
    VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 18:37:55
    VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 18:37:56
    VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 18:37:56
    VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 18:37:57
    VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 18:37:57
    VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 18:37:58
    VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 18:37:58
    VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 18:37:59
    VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 18:38:00
    VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 18:38:00
    VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 18:38:01
    VBASE031.VDF : 7.10.2.5 45568 Bytes 15/12/2009 18:38:05
    Engineversion : 8.2.1.108
    AEVDF.DLL : 8.1.1.2 106867 Bytes 23/09/2009 20:08:51
    AESCRIPT.DLL : 8.1.3.2 582010 Bytes 11/12/2009 15:00:58
    AESCN.DLL : 8.1.3.0 127348 Bytes 11/12/2009 15:00:57
    AESBX.DLL : 8.1.1.1 246132 Bytes 20/11/2009 09:30:45
    AERDL.DLL : 8.1.3.4 479605 Bytes 3/12/2009 07:43:38
    AEPACK.DLL : 8.2.0.3 422261 Bytes 18/11/2009 07:45:21
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/07/2009 08:59:39
    AEHEUR.DLL : 8.1.0.186 2183544 Bytes 9/12/2009 08:38:36
    AEHELP.DLL : 8.1.8.0 237942 Bytes 9/12/2009 08:38:32
    AEGEN.DLL : 8.1.1.80 364917 Bytes 9/12/2009 08:38:31
    AEEMU.DLL : 8.1.1.0 393587 Bytes 4/10/2009 19:00:48
    AECORE.DLL : 8.1.9.1 180598 Bytes 11/12/2009 15:00:57
    AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
    AVPREF.DLL : 9.0.3.0 44289 Bytes 23/09/2009 20:08:51
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
    NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
    RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
    RCTEXT.DLL : 9.0.73.0 86785 Bytes 20/11/2009 09:30:44

    Configuration settings for the scan:
    Jobname.............................: Complete system scan
    Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Boot sectors........................: C:,
    Process scan........................: on
    Scan registry.......................: on
    Search for rootkits.................: on
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium

    Start of the scan: mardi 15 décembre 2009 19:49

    Starting search for hidden objects.
    '48869' objects were checked, '0' hidden objects were found.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'OfficeLiveSignIn.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'CLSched.exe' - '1' Module(s) have been scanned
    Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
    Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'OProtSvc.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'HidService.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
    Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'a2service.exe' - '1' Module(s) have been scanned
    Scan process 'daemon.exe' - '1' Module(s) have been scanned
    Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'SMPSYS.EXE' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'EOUWiz.exe' - '1' Module(s) have been scanned
    Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'PCMService.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
    Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
    Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
    Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
    Scan process '1XConfig.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
    Scan process 'WLKEEPER.exe' - '1' Module(s) have been scanned
    Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
    Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    61 processes with 61 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '60' files ).


    Starting the file scan:

    Begin scan in 'C:\' <HDD>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
    [0] Archive type: NSIS
    --> ProgramFilesDir/List.dat
    [DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
    C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
    [0] Archive type: NSIS
    --> ProgramFilesDir/List.dat
    [DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!

    Beginning disinfection:
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
    [NOTE] The file was moved to '4b57ec10.qua'!
    C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
    [NOTE] The file was moved to '4b54ebf7.qua'!


    End of the scan: mardi 15 décembre 2009 21:04
    Used time: 1:14:31 Hour(s)

    The scan has been done completely.

    12518 Scanned directories
    310490 Files were scanned
    2 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    2 Files were moved to quarantine
    0 Files were renamed
    3 Files cannot be scanned
    310485 Files not concerned
    7752 Archives were scanned
    3 Warnings
    4 Notes
    48869 Objects were scanned with rootkit scan
    0 Hidden objects were found



    Avira AntiVir Personal
    Report file date: mardi 15 décembre 2009 19:49

    Scanning for 1448949 virus strains and unwanted programs.

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows XP
    Windows version : (Service Pack 2) [5.1.2600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : 106254330136

    Version information:
    BUILD.DAT : 9.0.0.418 21723 Bytes 2/12/2009 16:28:00
    AVSCAN.EXE : 9.0.3.10 466689 Bytes 20/11/2009 09:30:45
    AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
    LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 09:30:45
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 09:30:45
    VBASE002.VDF : 7.10.1.1 2048 Bytes 19/11/2009 09:30:45
    VBASE003.VDF : 7.10.1.2 2048 Bytes 19/11/2009 09:30:45
    VBASE004.VDF : 7.10.1.3 2048 Bytes 19/11/2009 09:30:45
    VBASE005.VDF : 7.10.1.4 2048 Bytes 19/11/2009 09:30:45
    VBASE006.VDF : 7.10.1.5 2048 Bytes 19/11/2009 09:30:45
    VBASE007.VDF : 7.10.1.6 2048 Bytes 19/11/2009 09:30:45
    VBASE008.VDF : 7.10.1.7 2048 Bytes 19/11/2009 09:30:45
    VBASE009.VDF : 7.10.1.8 2048 Bytes 19/11/2009 09:30:45
    VBASE010.VDF : 7.10.1.9 2048 Bytes 19/11/2009 09:30:45
    VBASE011.VDF : 7.10.1.10 2048 Bytes 19/11/2009 09:30:45
    VBASE012.VDF : 7.10.1.11 2048 Bytes 19/11/2009 09:30:45
    VBASE013.VDF : 7.10.1.79 209920 Bytes 25/11/2009 10:21:37
    VBASE014.VDF : 7.10.1.128 197632 Bytes 30/11/2009 07:43:33
    VBASE015.VDF : 7.10.1.178 195584 Bytes 7/12/2009 08:38:20
    VBASE016.VDF : 7.10.1.224 183296 Bytes 14/12/2009 18:37:32
    VBASE017.VDF : 7.10.1.247 182272 Bytes 15/12/2009 18:37:52
    VBASE018.VDF : 7.10.1.248 2048 Bytes 15/12/2009 18:37:53
    VBASE019.VDF : 7.10.1.249 2048 Bytes 15/12/2009 18:37:54
    VBASE020.VDF : 7.10.1.250 2048 Bytes 15/12/2009 18:37:55
    VBASE021.VDF : 7.10.1.251 2048 Bytes 15/12/2009 18:37:56
    VBASE022.VDF : 7.10.1.252 2048 Bytes 15/12/2009 18:37:56
    VBASE023.VDF : 7.10.1.253 2048 Bytes 15/12/2009 18:37:57
    VBASE024.VDF : 7.10.1.254 2048 Bytes 15/12/2009 18:37:57
    VBASE025.VDF : 7.10.1.255 2048 Bytes 15/12/2009 18:37:58
    VBASE026.VDF : 7.10.2.0 2048 Bytes 15/12/2009 18:37:58
    VBASE027.VDF : 7.10.2.1 2048 Bytes 15/12/2009 18:37:59
    VBASE028.VDF : 7.10.2.2 2048 Bytes 15/12/2009 18:38:00
    VBASE029.VDF : 7.10.2.3 2048 Bytes 15/12/2009 18:38:00
    VBASE030.VDF : 7.10.2.4 2048 Bytes 15/12/2009 18:38:01
    VBASE031.VDF : 7.10.2.5 45568 Bytes 15/12/2009 18:38:05
    Engineversion : 8.2.1.108
    AEVDF.DLL : 8.1.1.2 106867 Bytes 23/09/2009 20:08:51
    AESCRIPT.DLL : 8.1.3.2 582010 Bytes 11/12/2009 15:00:58
    AESCN.DLL : 8.1.3.0 127348 Bytes 11/12/2009 15:00:57
    AESBX.DLL : 8.1.1.1 246132 Bytes 20/11/2009 09:30:45
    AERDL.DLL : 8.1.3.4 479605 Bytes 3/12/2009 07:43:38
    AEPACK.DLL : 8.2.0.3 422261 Bytes 18/11/2009 07:45:21
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/07/2009 08:59:39
    AEHEUR.DLL : 8.1.0.186 2183544 Bytes 9/12/2009 08:38:36
    AEHELP.DLL : 8.1.8.0 237942 Bytes 9/12/2009 08:38:32
    AEGEN.DLL : 8.1.1.80 364917 Bytes 9/12/2009 08:38:31
    AEEMU.DLL : 8.1.1.0 393587 Bytes 4/10/2009 19:00:48
    AECORE.DLL : 8.1.9.1 180598 Bytes 11/12/2009 15:00:57
    AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
    AVPREF.DLL : 9.0.3.0 44289 Bytes 23/09/2009 20:08:51
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
    NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
    RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 14:39:58
    RCTEXT.DLL : 9.0.73.0 86785 Bytes 20/11/2009 09:30:44

    Configuration settings for the scan:
    Jobname.............................: Complete system scan
    Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Boot sectors........................: C:,
    Process scan........................: on
    Scan registry.......................: on
    Search for rootkits.................: on
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium

    Start of the scan: mardi 15 décembre 2009 19:49

    Starting search for hidden objects.
    '48869' objects were checked, '0' hidden objects were found.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'chrome.exe' - '1' Module(s) have been scanned
    Scan process 'OfficeLiveSignIn.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'CLSched.exe' - '1' Module(s) have been scanned
    Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
    Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'OProtSvc.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'HidService.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
    Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'a2service.exe' - '1' Module(s) have been scanned
    Scan process 'daemon.exe' - '1' Module(s) have been scanned
    Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'SMPSYS.EXE' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'EOUWiz.exe' - '1' Module(s) have been scanned
    Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'PCMService.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
    Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
    Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
    Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
    Scan process '1XConfig.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
    Scan process 'WLKEEPER.exe' - '1' Module(s) have been scanned
    Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
    Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    61 processes with 61 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '60' files ).


    Starting the file scan:

    Begin scan in 'C:\' <HDD>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    [NOTE] This file is a Windows system file.
    [NOTE] This file cannot be opened for scanning.
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
    [0] Archive type: NSIS
    --> ProgramFilesDir/List.dat
    [DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
    C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
    [0] Archive type: NSIS
    --> ProgramFilesDir/List.dat
    [DETECTION] Contains recognition pattern of the HTML/Malicious.ActiveX.Gen HTML script virus
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!

    Beginning disinfection:
    C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00062f
    [NOTE] The file was moved to '4b57ec10.qua'!
    C:\Documents and Settings\Simon\Mes documents\Downloads\AD-R.exe
    [NOTE] The file was moved to '4b54ebf7.qua'!


    End of the scan: mardi 15 décembre 2009 21:04
    Used time: 1:14:31 Hour(s)

    The scan has been done completely.

    12518 Scanned directories
    310490 Files were scanned
    2 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 files were deleted
    0 Viruses and unwanted programs were repaired
    2 Files were moved to quarantine
    0 Files were renamed
    3 Files cannot be scanned
    310485 Files not concerned
    7752 Archives were scanned
    3 Warnings
    4 Notes
    48869 Objects were scanned with rootkit scan
    0 Hidden objects were found
    m
    0
    l
    16 Décembre 2009 09:50:03

    Oui voilà j'ai plus de spam :sol:  . Merci beaucoup noble sage d'info du net :)  .
    m
    0
    l

    Meilleure solution

    a c 295 8 Sécurité
    16 Décembre 2009 15:06:17

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    partage
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS