Votre question

Problème pc rempli de virus ....

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Octobre 2009 22:18:30

Bonsoir bonsoir , voila je viens encore une fois vous voir a causes de virus ....

Mon pc est devenu lent depuis un peut plus d'une semaine et antivir ne fait que m'afficher des virus sauf que je beau faire supprimé ou mise en quarantaine rien ne marche ils reviennent toujours .

Cordialement Wirgless

Autres pages sur : probleme rempli virus

a c 327 8 Sécurité
5 Octobre 2009 22:21:13

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    6 Octobre 2009 22:14:11

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Pc jeu chichoune at 2009-10-06 22:12:53
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 18 GB (12%) free of 153 GB
    Total RAM: 2046 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:12:59, on 06/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\WINDOWS\vVX1000.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\ctfmon.exe
    c:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Pc jeu chichoune\Mes documents\Téléchargements\RSIT.exe
    C:\Program Files\trend micro\Pc jeu chichoune.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system\smss.exe
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [LifeCam] "c:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pc jeu chichoune\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Policies\Explorer\Run: [CmSTP] C:\DOCUME~1\PCJEUC~1\APPLIC~1\MICROS~1\cmstp.exe /waitservice
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice (User 'Default user')
    O4 - Startup: IcStarter.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
    O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O20 - Winlogon Notify: 98e343c7684 - C:\WINDOWS\System32\dpserial32.dll
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 8569 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1208520219.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1647877149-682003330-1003Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1647877149-682003330-1003UA.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{CC8D0111-4D23-4F91-8F67-17A0AC23E898}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    Locked

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
    "LifeCam"=c:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]
    "VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
    "P17Helper"=Rundll32 P17.dll,P17Helper []
    "AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-03-10 35328]
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2008-06-10 107248]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-05-28 1501064]
    "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-12 1657376]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-17 13877248]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "Google Update"=C:\Documents and Settings\Pc jeu chichoune\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-15 133104]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "AdobeBridge"= []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    "CmSTP"=C:\DOCUME~1\PCJEUC~1\APPLIC~1\MICROS~1\cmstp.exe /waitservice []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
    C:\Program Files\DNA\btdna.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Steam\Steam.exe -silent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
    C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 393216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

    C:\Documents and Settings\Pc jeu chichoune\Menu Démarrer\Programmes\Démarrage
    IcStarter.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\98e343c7684]
    C:\WINDOWS\System32\dpserial32.dll [2009-10-05 122368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{4F07DA45-8170-4859-9B5F-037EF2970034}"= []
    "{2753B591-D1EC-4A00-93E4-CEC5247EB60C}"= []
    "{8DCB0AE8-533C-A1D2-29E1-3A811135D25A}"= []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "MemCheckBoxInRunDlg"=1
    "NoSMBalloonTip"=1
    "NoDesktopCleanupWizard"=1
    "NoWelcomeScreen"=1
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "NoDrives"=
    "NoDriveAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft"
    "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
    "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\ASUS\GamerOSD\SBS.exe"="C:\Program Files\ASUS\GamerOSD\SBS.exe:*:Enabled:ASUS SBS Application"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\MultiProxy\MProxy.exe"="C:\Program Files\MultiProxy\MProxy.exe:*:Enabled:MultiProxy personal proxy server"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Documents and Settings\Pc jeu chichoune\Mes documents\Downloads\utorrent.exe"="C:\Documents and Settings\Pc jeu chichoune\Mes documents\Downloads\utorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Steam\steamapps\icionestalamas\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\icionestalamas\counter-strike\hl.exe:*:D isabled:Half-Life Launcher"
    "C:\Program Files\Steam\steamapps\icionestalamas\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\icionestalamas\condition zero\hl.exe:*:D isabled:Half-Life Launcher"
    "C:\Program Files\Steam\steamapps\warrior38450\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\warrior38450\counter-strike source\hl2.exe:*:D isabled:hl2"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:D isabled:LimeWire"
    "C:\Documents and Settings\Pc jeu chichoune\metin2.bin"="C:\Documents and Settings\Pc jeu chichoune\metin2.bin:*:D isabled:metin2"
    "C:\Program Files\Capcom\MotoGP 08 Demo\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08 Demo\MotoGP 08\Launcher.exe:*:D isabled:MotoGP 08"
    "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:D isabled:Veoh Web Player "
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-10-06 22:12:54 ----D---- C:\Program Files\trend micro
    2009-10-06 22:12:53 ----D---- C:\rsit
    2009-10-06 21:29:51 ----A---- C:\WINDOWS\system32\61.tmp
    2009-10-03 12:03:45 ----D---- C:\FU_Backup
    2009-10-02 20:01:06 ----A---- C:\WINDOWS\system32\nvudisp.exe
    2009-10-02 20:00:51 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
    2009-10-02 18:55:02 ----D---- C:\Program Files\CCleaner
    2009-10-02 15:49:12 ----A---- C:\WINDOWS\GnuHashes.ini
    2009-10-02 15:41:47 ----SHD---- C:\WINDOWS\system32\LocalService
    2009-10-02 15:41:33 ----A---- C:\WINDOWS\system32\dpserial32.dll
    2009-10-01 16:37:55 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-10-01 16:37:37 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2009-10-01 16:37:33 ----D---- C:\Program Files\Microsoft IntelliType Pro
    2009-10-01 16:17:19 ----D---- C:\Program Files\MSXML 6.0
    2009-10-01 16:17:01 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    2009-10-01 14:59:08 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
    2009-10-01 14:43:32 ----D---- C:\Program Files\ma-config.com
    2009-09-26 20:03:45 ----A---- C:\WINDOWS\WORDPAD.INI
    2009-09-22 22:14:35 ----D---- C:\Program Files\Astonsoft
    2009-09-20 19:17:03 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\MxBoost
    2009-09-20 19:16:37 ----D---- C:\Program Files\Maxthon2
    2009-09-19 19:07:40 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\Trillian
    2009-09-19 19:07:14 ----D---- C:\Program Files\Trillian

    ======List of files/folders modified in the last 1 months======

    2009-10-06 22:12:54 ----RD---- C:\Program Files
    2009-10-06 21:31:07 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-06 21:29:51 ----D---- C:\WINDOWS\system32
    2009-10-05 21:08:15 ----D---- C:\WINDOWS\Temp
    2009-10-05 19:27:51 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-10-05 19:25:53 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-10-05 07:22:01 ----D---- C:\WINDOWS\Prefetch
    2009-10-03 19:36:14 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\OpenOffice.org2
    2009-10-03 12:22:21 ----D---- C:\Program Files\Unlocker
    2009-10-03 12:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2009-10-03 12:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\iolo
    2009-10-03 01:48:54 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\FrostWire
    2009-10-03 00:15:04 ----D---- C:\WINDOWS
    2009-10-02 20:03:05 ----SHD---- C:\WINDOWS\Installer
    2009-10-02 20:02:58 ----D---- C:\WINDOWS\system32\CatRoot
    2009-10-02 20:02:33 ----D---- C:\WINDOWS\Help
    2009-10-02 20:01:11 ----HD---- C:\WINDOWS\inf
    2009-10-02 20:01:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-10-02 20:01:01 ----D---- C:\WINDOWS\system32\drivers
    2009-10-02 19:07:40 ----RSD---- C:\WINDOWS\assembly
    2009-10-02 19:07:40 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-10-02 19:07:35 ----D---- C:\Program Files\Microsoft Office
    2009-10-02 19:07:35 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-10-02 19:07:31 ----D---- C:\Program Files\Fichiers communs
    2009-10-02 19:06:41 ----RSD---- C:\WINDOWS\Fonts
    2009-10-02 19:04:59 ----D---- C:\Program Files\Fichiers communs\System
    2009-10-02 19:04:56 ----A---- C:\WINDOWS\win.ini
    2009-10-02 19:01:53 ----D---- C:\WINDOWS\nview
    2009-10-02 18:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-10-02 18:57:30 ----D---- C:\WINDOWS\Debug
    2009-10-01 17:11:28 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\gtk-2.0
    2009-10-01 16:41:23 ----SD---- C:\Documents and Settings\Pc jeu chichoune\Application Data\Microsoft
    2009-10-01 16:38:40 ----SD---- C:\WINDOWS\Tasks
    2009-10-01 16:38:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-10-01 16:38:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-10-01 14:50:44 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-01 14:49:57 ----D---- C:\Program Files\AGEIA Technologies
    2009-10-01 14:43:32 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-09-26 22:19:06 ----D---- C:\WINDOWS\system32\Restore
    2009-09-25 11:22:52 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\LimeWire
    2009-09-24 22:17:47 ----D---- C:\Program Files\World of Warcraft
    2009-09-12 22:15:49 ----D---- C:\WINDOWS\system32\wbem
    2009-09-12 22:15:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-08-09 28520]
    R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-23 55656]
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-09 12288]
    R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-28 14736]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-17 7729568]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S1 NDISRD;NDISRD; \??\C:\WINDOWS\system32\drivers\NDISRD.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
    S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
    S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-11-06 25280]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
    S3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-06 36864]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-08-09 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-23 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 MSCamSvc;MSCamSvc; c:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
    R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-17 168004]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
    S2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]

    -----------------EOF-----------------


    Le log.txt
    Contenus similaires
    6 Octobre 2009 22:14:45

    info.txt logfile of random's system information tool 1.06 2009-10-06 22:13:01

    ======Uninstall list======

    -->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
    Ableton Live v7.0.2-->"C:\Program Files\Ableton\Live 7.0.2\Uninstall\unins000.exe"
    Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
    Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
    Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
    Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
    Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
    Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
    Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
    Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
    Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32e9033392a51340b32fdc6ad893ab7\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
    Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
    Adobe Photoshop CS4-->C:\Program Files\Fichiers communs\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
    Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
    Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
    Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
    Adobe Setup-->MsiExec.exe /I{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
    AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
    Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ASUS Gamer OSD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x40c -removeonly
    aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    Battlefield 1942-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x40c
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
    Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
    DeepBurner v1.9.0.228-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log" -u
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
    Fraps (remove only)-->"C:\Fraps\uninstall.exe"
    FrostWire 4.17.2-->C:\Program Files\FrostWire\Uninstall.exe
    GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    GTK+ 2.4.14 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\unins000.exe"
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    hp psc 1200 series-->MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox 3 Beta 3\uninstall\helper.exe
    Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Navilog1 3.6.4-->"C:\Program Files\Navilog1\unins000.exe"
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
    NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
    OpenOffice.org 2.3-->MsiExec.exe /I{331DFBF7-734D-4545-8A9D-48CB5D73AF07}
    Opera 10.00-->MsiExec.exe /X{423CF09F-11C9-410E-9B1A-31E087CED383}
    Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
    Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
    Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
    Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
    Photo et imagerie HP 2.0 - hp psc 1200 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
    Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly
    Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sony ACID XPress 5.0a-->MsiExec.exe /X{12F4BE69-6614-41D3-BB3B-DF7F921DF2BB}
    SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Steam(TM)-->C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
    Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    SYSTEM_INFO B07.0905.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC4914EF-6618-4949-A1CF-BD4917A00221}\setup.exe" -l0x9 -removeonly
    TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
    TeamSpeak Overlay BETA 2 (#63)-->"C:\Program Files\TSO\uninstall.exe"
    Trillian-->C:\Program Files\Trillian\Trillian.exe /uninstall
    Ubuntu-->C:\ubuntu\Uninstall-Ubuntu.exe
    Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Vegas Movie Studio 9.0-->MsiExec.exe /X{CF58B132-4C67-4E0A-BE3D-8DADB1E32258}
    Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
    Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM-->MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}
    Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
    Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AntiVir Desktop

    ======System event log======

    Computer Name: XPSP2-294281CEB
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

    Record Number: 5402
    Source Name: Service Control Manager
    Time Written: 20090713160505.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: XPSP2-294281CEB
    Event Code: 7036
    Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.

    Record Number: 5401
    Source Name: Service Control Manager
    Time Written: 20090713160503.000000+120
    Event Type: Informations
    User:

    Computer Name: XPSP2-294281CEB
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.

    Record Number: 5400
    Source Name: Service Control Manager
    Time Written: 20090713160503.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: XPSP2-294281CEB
    Event Code: 7036
    Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

    Record Number: 5399
    Source Name: Service Control Manager
    Time Written: 20090713160501.000000+120
    Event Type: Informations
    User:

    Computer Name: XPSP2-294281CEB
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

    Record Number: 5398
    Source Name: Service Control Manager
    Time Written: 20090713160501.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: XPSP2-294281CEB
    Event Code: 1
    Message:
    Record Number: 2994
    Source Name: Bonjour Service
    Time Written: 20090930062444.000000+120
    Event Type: Informations
    User:

    Computer Name: XPSP2-294281CEB
    Event Code: 0
    Message:
    Record Number: 2993
    Source Name: MSCamSvc
    Time Written: 20090930062441.000000+120
    Event Type: Informations
    User:

    Computer Name: XPSP2-294281CEB
    Event Code: 0
    Message:
    Record Number: 2992
    Source Name: MSCamSvc
    Time Written: 20090930062441.000000+120
    Event Type: Informations
    User:

    Computer Name: XPSP2-294281CEB
    Event Code: 0
    Message:
    Record Number: 2991
    Source Name: MSCamSvc
    Time Written: 20090930062441.000000+120
    Event Type: Informations
    User:

    Computer Name: XPSP2-294281CEB
    Event Code: 4096
    Message: Le service AntiVir a bien démarré!

    Record Number: 2990
    Source Name: Avira AntiVir
    Time Written: 20090930062438.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------

    et info.txt

    merci de ton aide
    a c 327 8 Sécurité
    6 Octobre 2009 22:43:29

    Je vois des infections.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    7 Octobre 2009 17:54:56

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2919
    Windows 5.1.2600 Service Pack 2

    07/10/2009 17:53:32
    mbam-log-2009-10-07 (17-53-32).txt

    Type de recherche: Examen rapide
    Eléments examinés: 93234
    Temps écoulé: 6 minute(s), 18 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 5

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\System32\dpserial32.dll (Trojan.Tracur) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\98e343c7684 (Trojan.Tracur) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\CmSTP (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\WINDOWS\system32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\System32\dpserial32.dll (Trojan.Tracur) -> Delete on reboot.
    C:\WINDOWS\system32\LocalService\129.tmp (Worm.Archive) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\WoWEmuHacker5.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
    a c 327 8 Sécurité
    7 Octobre 2009 23:30:18

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    8 Octobre 2009 21:21:52

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Pc jeu chichoune at 2009-10-08 21:21:04
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 18 GB (12%) free of 153 GB
    Total RAM: 2046 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:21:08, on 08/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\WINDOWS\vVX1000.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\ctfmon.exe
    c:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Messenger\wlcsdk.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Pc jeu chichoune\Mes documents\Téléchargements\RSIT.exe
    C:\Program Files\trend micro\Pc jeu chichoune.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system\smss.exe
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [LifeCam] "c:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pc jeu chichoune\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice (User 'Default user')
    O4 - Startup: IcStarter.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
    O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://D:\components\A9.ocx
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O20 - Winlogon Notify: 98e343c7684 - C:\WINDOWS\System32\dpserial32.dll
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 8741 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1208520219.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1647877149-682003330-1003Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-1647877149-682003330-1003UA.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{CC8D0111-4D23-4F91-8F67-17A0AC23E898}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    Locked

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
    "LifeCam"=c:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
    "ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]
    "VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
    "P17Helper"=Rundll32 P17.dll,P17Helper []
    "AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-03-10 35328]
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2008-06-10 107248]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-05-28 1501064]
    "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-12 1657376]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-17 13877248]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "Google Update"=C:\Documents and Settings\Pc jeu chichoune\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-10-15 133104]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "AdobeBridge"= []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
    C:\Program Files\DNA\btdna.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    C:\WINDOWS\system32\NvMcTray.dll [2009-08-17 86016]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    C:\Program Files\Steam\Steam.exe -silent []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
    C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 393216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pc jeu chichoune^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

    C:\Documents and Settings\Pc jeu chichoune\Menu Démarrer\Programmes\Démarrage
    IcStarter.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\98e343c7684]
    C:\WINDOWS\System32\dpserial32.dll [2009-10-08 122368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{4F07DA45-8170-4859-9B5F-037EF2970034}"= []
    "{2753B591-D1EC-4A00-93E4-CEC5247EB60C}"= []
    "{8DCB0AE8-533C-A1D2-29E1-3A811135D25A}"= []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "MemCheckBoxInRunDlg"=1
    "NoSMBalloonTip"=1
    "NoDesktopCleanupWizard"=1
    "NoWelcomeScreen"=1
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "NoDrives"=
    "NoDriveAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:World of Warcraft"
    "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
    "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\ASUS\GamerOSD\SBS.exe"="C:\Program Files\ASUS\GamerOSD\SBS.exe:*:Enabled:ASUS SBS Application"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\MultiProxy\MProxy.exe"="C:\Program Files\MultiProxy\MProxy.exe:*:Enabled:MultiProxy personal proxy server"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Documents and Settings\Pc jeu chichoune\Mes documents\Downloads\utorrent.exe"="C:\Documents and Settings\Pc jeu chichoune\Mes documents\Downloads\utorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Steam\steamapps\icionestalamas\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\icionestalamas\counter-strike\hl.exe:*:D isabled:Half-Life Launcher"
    "C:\Program Files\Steam\steamapps\icionestalamas\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\icionestalamas\condition zero\hl.exe:*:D isabled:Half-Life Launcher"
    "C:\Program Files\Steam\steamapps\warrior38450\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\warrior38450\counter-strike source\hl2.exe:*:D isabled:hl2"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:D isabled:LimeWire"
    "C:\Documents and Settings\Pc jeu chichoune\metin2.bin"="C:\Documents and Settings\Pc jeu chichoune\metin2.bin:*:D isabled:metin2"
    "C:\Program Files\Capcom\MotoGP 08 Demo\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08 Demo\MotoGP 08\Launcher.exe:*:D isabled:MotoGP 08"
    "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:D isabled:Veoh Web Player "
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-10-08 17:14:38 ----SHD---- C:\WINDOWS\system32\LocalService
    2009-10-08 17:13:48 ----A---- C:\WINDOWS\system32\2F7.tmp
    2009-10-07 17:45:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-06 22:12:54 ----D---- C:\Program Files\trend micro
    2009-10-06 22:12:53 ----D---- C:\rsit
    2009-10-03 12:03:45 ----D---- C:\FU_Backup
    2009-10-02 20:01:06 ----A---- C:\WINDOWS\system32\nvudisp.exe
    2009-10-02 20:00:51 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
    2009-10-02 18:55:02 ----D---- C:\Program Files\CCleaner
    2009-10-02 15:41:33 ----A---- C:\WINDOWS\system32\dpserial32.dll
    2009-10-01 16:37:55 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-10-01 16:37:37 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2009-10-01 16:37:33 ----D---- C:\Program Files\Microsoft IntelliType Pro
    2009-10-01 16:17:19 ----D---- C:\Program Files\MSXML 6.0
    2009-10-01 16:17:01 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    2009-10-01 14:59:08 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
    2009-10-01 14:43:32 ----D---- C:\Program Files\ma-config.com
    2009-09-26 20:03:45 ----A---- C:\WINDOWS\WORDPAD.INI
    2009-09-22 22:14:35 ----D---- C:\Program Files\Astonsoft
    2009-09-20 19:17:03 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\MxBoost
    2009-09-20 19:16:37 ----D---- C:\Program Files\Maxthon2
    2009-09-19 19:07:40 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\Trillian
    2009-09-19 19:07:14 ----D---- C:\Program Files\Trillian

    ======List of files/folders modified in the last 1 months======

    2009-10-08 21:21:07 ----D---- C:\WINDOWS\system32
    2009-10-08 20:52:25 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-08 19:33:00 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-10-08 17:15:04 ----D---- C:\WINDOWS\Prefetch
    2009-10-07 17:53:32 ----D---- C:\WINDOWS
    2009-10-07 17:45:45 ----D---- C:\WINDOWS\system32\drivers
    2009-10-07 17:45:42 ----RD---- C:\Program Files
    2009-10-07 12:00:13 ----D---- C:\WINDOWS\Temp
    2009-10-05 19:27:51 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-10-03 19:36:14 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\OpenOffice.org2
    2009-10-03 12:22:21 ----D---- C:\Program Files\Unlocker
    2009-10-03 12:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2009-10-03 12:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\iolo
    2009-10-03 01:48:54 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\FrostWire
    2009-10-02 20:03:05 ----SHD---- C:\WINDOWS\Installer
    2009-10-02 20:02:58 ----D---- C:\WINDOWS\system32\CatRoot
    2009-10-02 20:02:33 ----D---- C:\WINDOWS\Help
    2009-10-02 20:01:11 ----HD---- C:\WINDOWS\inf
    2009-10-02 20:01:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-10-02 19:07:40 ----RSD---- C:\WINDOWS\assembly
    2009-10-02 19:07:40 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-10-02 19:07:35 ----D---- C:\Program Files\Microsoft Office
    2009-10-02 19:07:35 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-10-02 19:07:31 ----D---- C:\Program Files\Fichiers communs
    2009-10-02 19:06:41 ----RSD---- C:\WINDOWS\Fonts
    2009-10-02 19:04:59 ----D---- C:\Program Files\Fichiers communs\System
    2009-10-02 19:04:56 ----A---- C:\WINDOWS\win.ini
    2009-10-02 19:01:53 ----D---- C:\WINDOWS\nview
    2009-10-02 18:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-10-02 18:57:30 ----D---- C:\WINDOWS\Debug
    2009-10-01 17:11:28 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\gtk-2.0
    2009-10-01 16:41:23 ----SD---- C:\Documents and Settings\Pc jeu chichoune\Application Data\Microsoft
    2009-10-01 16:38:40 ----SD---- C:\WINDOWS\Tasks
    2009-10-01 16:38:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-10-01 16:38:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-10-01 14:50:44 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-01 14:49:57 ----D---- C:\Program Files\AGEIA Technologies
    2009-10-01 14:43:32 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-09-26 22:19:06 ----D---- C:\WINDOWS\system32\Restore
    2009-09-25 11:22:52 ----D---- C:\Documents and Settings\Pc jeu chichoune\Application Data\LimeWire
    2009-09-24 22:17:47 ----D---- C:\Program Files\World of Warcraft
    2009-09-12 22:15:49 ----D---- C:\WINDOWS\system32\wbem
    2009-09-12 22:15:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-08-09 28520]
    R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
    R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-23 55656]
    R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-24 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-09 12288]
    R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-28 14736]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-17 7729568]
    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S1 NDISRD;NDISRD; \??\C:\WINDOWS\system32\drivers\NDISRD.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
    S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
    S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-11-06 25280]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
    S3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-06 36864]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-08-09 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-23 185089]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 MSCamSvc;MSCamSvc; c:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
    R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-17 168004]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
    S2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]

    -----------------EOF-----------------

    j'ai toujours le même virus qui revient :s
    et j'ai l'impression qu'il vient que quand j'ouvre mes documents
    a c 327 8 Sécurité
    9 Octobre 2009 03:54:07

    1/

  • Lance ce fichier : C:\Program Files\trend micro\Pc jeu chichoune.exe
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system\smss.exe

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice (User 'Default user')

    O4 - Startup: IcStarter.exe

    O20 - Winlogon Notify: 98e343c7684 - C:\WINDOWS\System32\dpserial32.dll

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.


    2/

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :services
    NDISRD

    :files
    C:\WINDOWS\System32\dpserial32.dll
    C:\WINDOWS\system32\2F7.tmp
    C:\WINDOWS\system32\LocalService
    C:\WINDOWS\system32\drivers\NDISRD.sys

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    9 Octobre 2009 17:43:28

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== SERVICES/DRIVERS ==========

    Service\Driver NDISRD deleted successfully.
    ========== FILES ==========
    File/Folder C:\WINDOWS\System32\dpserial32.dll not found.
    C:\WINDOWS\system32\2F7.tmp moved successfully.
    File/Folder C:\WINDOWS\system32\LocalService not found.
    File/Folder C:\WINDOWS\system32\drivers\NDISRD.sys not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 1049784 bytes
    ->Temporary Internet Files folder emptied: 391371 bytes

    User: NetworkService
    ->Temp folder emptied: 1049784 bytes
    File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 336693 bytes
    ->FireFox cache emptied: 3281464 bytes

    User: Pc jeu chichoune
    ->Temp folder emptied: 65360584 bytes
    ->Temporary Internet Files folder emptied: 17201181 bytes
    ->Java cache emptied: 1860287 bytes
    ->FireFox cache emptied: 94700133 bytes
    ->Google Chrome cache emptied: 8045841 bytes
    ->Apple Safari cache emptied: 73371079 bytes
    ->Opera cache emptied: 33159846 bytes

    %systemdrive% .tmp files removed: 0 bytes
    C:\WINDOWS\msdownld.tmp folder deleted successfully.
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    Windows Temp folder emptied: 66016 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 286,01 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 10092009_173410
    a c 327 8 Sécurité
    9 Octobre 2009 18:01:55

  • Désinstalle les programmes suivants :
    - Java 6 Update 13
    - Java 6 Update 3
    - Java 6 Update 5
    - Java 6 Update 7

  • Mets à jour Java.

  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    9 Octobre 2009 18:54:03

    J'ai tout supprimé mais quand je veut le mettre à jour sa me marque a la fin de l'installation erreur de décompression des fichiers core
    9 Octobre 2009 19:28:34

    Marche pas non plus :s
    9 Octobre 2009 22:44:02

    Marche pas non plus oO pas possible sa
    a c 327 8 Sécurité
    9 Octobre 2009 22:52:23

    :( 

    Tu peux quand même faire le scan avec AntiVir.
    11 Octobre 2009 13:49:26

    c'est fait . Il y avait des trucs a supprimé
    a c 327 8 Sécurité
    11 Octobre 2009 16:21:18

    L'installation du nouveau Java est toujours impossible ?
    11 Octobre 2009 17:33:43

    toujours impossible :s en passant je voulais vous demandez si un problème internet peut venir d'un virus/trojan etc ... ? Je m'explique , depuis ont va dire deux bonnes semaines ma connexion est devenu très lente ! Devoir attendre plusieurs minutes des fois pour charger une video youtube . Quand je télécharge un fichier sois c'est comme avant ( dans les 7méga en dl ) sois je me retrouve avec même pas 1méga .... Il y a de quoi rendre fou a certains moments
    a c 327 8 Sécurité
    11 Octobre 2009 17:40:32

    Tu as essayé ta connexion avec un autre PC ?
    12 Octobre 2009 20:45:42

    J'ai deux pc de branchés les deux rame
    a c 327 8 Sécurité
    12 Octobre 2009 22:11:49

    Tu as quoi comme FAI ?
    13 Octobre 2009 19:56:48

    Je suis chez orange
    a c 327 8 Sécurité
    13 Octobre 2009 21:28:46

    Si ça vient de la connexion, faut voir ça avec eux.
    13 Octobre 2009 22:11:32

    Je vais les appelés dès que possible alors ;)  merci pour tout ;) 
    a c 327 8 Sécurité
    16 Octobre 2009 04:34:49

    Tiens-moi au courant :) 
    21 Octobre 2009 20:55:28

    Ok sa marche , pour l'instant je n'ai pas eu l'occas téléphoner mais ca ne va pas tardé
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS