Se connecter / S'enregistrer
Votre question

De multiples virus présents [résolu]

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Octobre 2009 10:56:01

Bonjour à vous !

Je viens ici pour vous dire que mon ordinateur est très lent, bug souvent et comme vous devez le deviner, c'est bien sûr à cause de virus/spy de tout genre.

Cependant je trouve pas d'anti-virus fiable, capable de faire le vide des virus sur mon ordinateur.

Connaissez-vous un bon anti-virus, qui ne fait pas que de détecter les virus, mais aussi les supprimer ?


Merci de vos éventuelles réponses :) 

Autres pages sur : multiples virus presents resolu

4 Octobre 2009 10:57:51

Bonjour ,

Télécharge HiJackThis de TrendMicro sur ton Bureau
  • Procède à son installation.
  • Une fois l'installation achevée, lance le via son icône sur le bureau ou bien via Démarrer>Tout les Programmes>HijackThis>Hijackthis
  • Clique sur "Do a system scan and save a logfile".
  • Le rapport s'affiche dans le bloc-note à présent.
  • Copie colle son contenu dans ton prochain message sur le forum.
    4 Octobre 2009 11:04:45

    Je l'essaye de ce pas, merci bien Romaindu64 :) 
    Contenus similaires
    4 Octobre 2009 11:08:46

    Re,


    C'est un logiciel qui permet de voir si ton pc est infecté ou pas.
    Poste moi son rapport comme dit dans ma réponse précédemment .
    4 Octobre 2009 11:13:51

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:13:21, on 04/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
    O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [aevqabymdz] c:\windows\system32\aevqabymdz.exe aevqabymdz
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [{20-00-00-04-ZN}] C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002
    O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
    O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Documents and Settings\Caroline\Bureau\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: TA_Start.lnk = C:\Documents and Settings\Caroline\Local Settings\Temp\BundleDownloader\27.ex_
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk762YY...
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O17 - HKLM\System\CCS\Services\Tcpip\..\{719BC170-A104-4689-85DB-91D76A8689A8}: NameServer = 80.10.246.1 81.253.149.2
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 14063 bytes
    4 Octobre 2009 11:28:02

    Que dois-je faire suite à ça ?
    4 Octobre 2009 18:40:30

    Re ,

    En effet ton pc est bien infecté.
  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    4 Octobre 2009 20:13:16

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2905
    Windows 5.1.2600 Service Pack 3

    04/10/2009 20:11:25
    mbam-log-2009-10-04 (20-11-25).txt

    Type de recherche: Examen rapide
    Eléments examinés: 98911
    Temps écoulé: 23 minute(s), 48 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 27
    Valeur(s) du Registre infectée(s): 6
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 19

    Processus mémoire infecté(s):
    C:\WINDOWS\system32\service.exe (Adware.Mirar) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\pornpro.pornpro_bho (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\pornpro.pornpro_bho.1 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmotoolbar.seekmotoolband.1 (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{bb224188-52ba-4006-9429-2c7e47ea975b} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41c29b07-6f91-4966-91be-2e2841643c83} (Adware.Adssite) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8a0dcbdb-6e20-489c-9041-c1e8a0352e75} (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a9c9b69-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8a0dcbdb-6e20-489c-9041-c1e8a0352e75} (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmotoolbar.seekmotoolband.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10f3e8bd-257a-4702-a2f5-dc02055b068c} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{10f3e8bd-257a-4702-a2f5-dc02055b068c} (Trojan.BHO) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mdns (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ravav (Worm.RJump) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\service.exe (Adware.Mirar) -> Delete on reboot.
    C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor\Thumbs.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Caroline\Menu Démarrer\Programmes\Démarrage\TA_Start.lnk (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\aevqabymdz_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\aevqabymdz_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\adssite-remove.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\inetmodl.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msegcompid.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rightonadz-uninst.exe (Trojan.BHO) -> Quarantined and deleted successfully.
    C:\WINDOWS\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    4 Octobre 2009 20:14:45

    Redémarre et poste moi un rapport Hijacthis stp .
    4 Octobre 2009 20:22:27

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:22:18, on 04/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [aevqabymdz] c:\windows\system32\aevqabymdz.exe aevqabymdz
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [{20-00-00-04-ZN}] C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002
    O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Documents and Settings\Caroline\Bureau\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk762YY...
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O17 - HKLM\System\CCS\Services\Tcpip\..\{719BC170-A104-4689-85DB-91D76A8689A8}: NameServer = 81.253.149.9 80.10.246.132
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 13134 bytes
    4 Octobre 2009 20:23:11

    Peux-tu m'expliquer ? Je comprends pas grand chose xD

    4 Octobre 2009 20:36:22


    >>> Télécharge Navilog1.exe (Il Mafioso) sur ton bureau.

    >>> Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valide.
    /!\ N'utilise pas l'option 2,3 et 4 sans notre accord /!\

    Patiente jusqu'au message :
    "*** Analyse Termine le ..... ***"
    Appuye sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

    Poste-nous son contenu de cette manière :

    >>> Edition / Sélectionner tout
    >>> Edition / Copier
    >>> Clique-Droit / Coller dans ta réponse


    4 Octobre 2009 20:47:50

    "Poste-nous" ? Vous êtes combien ? ça sent l'arnaque T_T'
    4 Octobre 2009 20:49:38

    Bah c'est pareil ,
    Quoi sent l'arnaque ??
    4 Octobre 2009 20:50:54

    Tu me dis de faire telles analyses, mais explique moi la situation au moins, et pourquoi tout ça ^^
    4 Octobre 2009 20:51:57

    Bah ,tu as l'infections Navipromo .
    4 Octobre 2009 20:55:04

    ça consiste à quoi cette infection ?
    *scan toujours en cours*
    4 Octobre 2009 20:59:58

    Tu dois avoir des popups de publicités sur ton pc non ?
    4 Octobre 2009 21:02:26

    Rarement, a part sur un site lacoccinelle.net où je me prends au moins une pub par changement de page o/

    C'est surtout que mon ordinateur met du temps à charger une page et que des fois ça reste bloqué. :/ 
    4 Octobre 2009 21:03:57

    Ok ,
    J'attends ton rapport Navilog :) 
    4 Octobre 2009 21:07:48

    Euh ils me disent pas Analyse terminé, ils me demandent de redémarrer l'ordinateur... j'fais quoi ?
    4 Octobre 2009 21:09:14

    Redémarre alors .
    4 Octobre 2009 21:19:28

    Fix Navipromo version 4.0.2 commencé le 04/10/2009 20:41:29,14

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.53GHz )
    BIOS : Version 1.00
    USER : Caroline ( Administrator )
    BOOT : Normal boot




    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:74 Go (Free:23 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\WINDOWS\system32\aevqabymdz.dat supprimé !
    C:\WINDOWS\system32\pehjqyndx.dat supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Caroline\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok

    Certificat Egroup supprimé !


    C:\WINDOWS\Tasks\AD8DF27C918A7100.job trouvé ! Infection Lop possible non traitée par cet outil !


    *** Scan terminé 04/10/2009 21:15:39,42 ***

    4 Octobre 2009 21:25:49

    Re poste moi un nouveau rapport Hijacthis .
    4 Octobre 2009 21:26:13

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:27:24, on 04/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [{20-00-00-04-ZN}] C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002
    O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Documents and Settings\Caroline\Bureau\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk762YY...
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O17 - HKLM\System\CCS\Services\Tcpip\..\{719BC170-A104-4689-85DB-91D76A8689A8}: NameServer = 81.253.149.1 80.10.246.3
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 13073 bytes
    4 Octobre 2009 21:33:39

    Y'a du mieux ?
    4 Octobre 2009 21:42:24

    Oui tu as Navipromo en moins :) 
    Pour le reste attend que Destrio5 ou Angeldark te réponse.
    Ton pc est encore infecté.
    5 Octobre 2009 18:50:30

    Oki, merci pour ton aide Romain :) 
    a c 292 8 Sécurité
    5 Octobre 2009 21:04:14

    Bonjour,

  • Désinstalle SweetIM.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    6 Octobre 2009 19:25:31

    Voici pour Log

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Caroline at 2009-10-06 19:23:01
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 25 GB (32%) free of 76 GB
    Total RAM: 255 MB (14% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:23:25, on 06/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Caroline\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Caroline.exe
    C:\Program Files\Microsoft Office\Office\WINWORD.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [{20-00-00-04-ZN}] C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002
    O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Documents and Settings\Caroline\Bureau\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk762YY...
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O17 - HKLM\System\CCS\Services\Tcpip\..\{719BC170-A104-4689-85DB-91D76A8689A8}: NameServer = 80.10.246.130 81.253.149.10
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 12527 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AD8DF27C918A7100.job
    C:\WINDOWS\tasks\music-.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
    {4982D40A-C53B-4615-B15B-B5B5E98D167C} - AOL Toolbar - C:\Program Files\AOL Toolbar\toolbar.dll []
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-05 57344]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2004-11-24 98304]
    "HotKey"=C:\WINDOWS\Twain_32\FlatBed\HotKey.exe [2002-12-10 602112]
    "SpySpotter System Defender"=C:\Program Files\SpySpotter3\Defender.exe -startup []
    "WinFixer 2005"=C:\Program Files\WinFixer 2005\wfx5.exe []
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]
    ""= []
    "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
    "{20-00-00-04-ZN}"=C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002 []
    "Controleur de calendrier pour Ulead Photo Express"=C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe [2004-01-12 69632]
    "Ulead AutoDetector"=C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [2003-11-19 45056]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-12 185632]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-27 67128]
    "WOOKIT"=C:\Program Files\Wanadoo\GestMaj.exe [2004-10-14 32768]
    "Registry Cleaner"=C:\Program Files\Registry Cleaner Trial\Regclean.exe -startminimize []
    "WINSOS VERIFY"=C:\Program Files\WINSOS\WINSOS.EXE MINI []
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "MSMSGS"=C:\Documents and Settings\Caroline\Bureau\msmsgs.exe [2004-10-13 1694208]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-03-15 342848]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\df_kmd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\df_kmd.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:D isabled:SPeechCube"
    "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:D isabled:Microsoft DirectPlay Helper"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\Raven\SOF PLATINUM\SoF.exe"="C:\Program Files\Raven\SOF PLATINUM\SoF.exe:*:Enabled:SoF"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:D isabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
    "C:\Program Files\3DO\Heroes of Might and Magic IV\heroes4f.exe"="C:\Program Files\3DO\Heroes of Might and Magic IV\heroes4f.exe:*:Enabled:Heroes of Might and Magic® IV"
    "C:\Program Files\Vendetta\Vendetta.exe"="C:\Program Files\Vendetta\Vendetta.exe:*:Enabled:Vendetta"
    "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:D isabled:@xpsp2res.dll,-22019"
    "C:\Games\Shogo\Client.exe"="C:\Games\Shogo\Client.exe:*:D isabled:Client"
    "C:\Program Files\Diablo II\Game.exe"="C:\Program Files\Diablo II\Game.exe:*:D isabled:D iablo II"
    "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:D isabled:D ownload Accelerator Plus (DAP)"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:D isabled:eMule"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "C:\Program Files\Duelfield\df.exe"="C:\Program Files\Duelfield\df.exe:*:Enabled:D f"
    "E:\games\hexxagon\Hexxagon.exe"="E:\games\hexxagon\Hexxagon.exe:*:Enabled:Hexxagon"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "E:\TTS\SpeechCube.exe"="E:\TTS\SpeechCube.exe:*:D isabled:SPeechCube"
    "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
    "C:\Program Files\Controle Parental\bin\optproxy.exe"="C:\Program Files\Controle Parental\bin\optproxy.exe:*:D isabled:Contrôle Parental"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\Warez\Warez.exe"="C:\Program Files\Warez\Warez.exe:*:Enabled:Warez3"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\WINSOS\winsos.exe"="C:\Program Files\WINSOS\winsos.exe:*:Enabled:Winsos"
    "C:\Program Files\WINSOS\help.exe"="C:\Program Files\WINSOS\help.exe:*:Enabled:Winsos Help"
    "C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:D isabled:NAVBrowser"
    "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Program Files\Dofus-Arena beta 2\DofusArena.exe"="C:\Program Files\Dofus-Arena beta 2\DofusArena.exe:*:Enabled:D ofus Arena Client"
    "C:\Program Files\Ankama Games\Dofus\Dofus.exe"="C:\Program Files\Ankama Games\Dofus\Dofus.exe:*:Enabled:D ofus Client"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Metin2_France\metin2.bin"="C:\Program Files\Metin2_France\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Caroline\metin2.bin"="C:\Documents and Settings\Caroline\metin2.bin:*:D isabled:metin2"
    "C:\Documents and Settings\Caroline\Bureau\eMule0.49a\eMule0.49a\emule.exe"="C:\Documents and Settings\Caroline\Bureau\eMule0.49a\eMule0.49a\emule.exe:*:Enabled:eMule"
    "C:\Documents and Settings\Caroline\Bureau\eMule\emule.exe"="C:\Documents and Settings\Caroline\Bureau\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
    "C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL 9.0a"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d7607bf-3ca2-11d9-aa63-0010dcfa1c72}]
    shell\Auto\command - F:\AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d20cb2-c8a6-11db-b2a5-4d6564696130}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    shell\Open(&0)\command - F:\Recycled\ctfmon.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91bd30ff-50d4-11dc-b3b2-4d6564696130}]
    shell\Auto\command - F:\AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9beec97d-98ef-11db-b244-4d6564696130}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    shell\Open(&0)\command - F:\Recycled\ctfmon.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7be0b30-def0-11dd-b69b-4d6564696130}]
    shell\Auto\command - F:\AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1dc5c58-2083-11db-b0bf-00038a000015}]
    shell\Auto\command - F:\AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3e007a8-5b8c-11dc-b3cf-0010dcfa1c72}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3e007a9-5b8c-11dc-b3cf-0010dcfa1c72}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6a0308e-f5c0-11dd-b6c1-4d6564696130}]
    shell\AutoRun\command - F:\DPFMate.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c521dd62-6dfc-11dd-b5ed-4d6564696130}]
    shell\Auto\command - F:\AdobeR.exe e
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dbd51ea1-b66d-11da-af98-00038a000015}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    shell\Open(&0)\command - Recycled\ctfmon.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddd72f84-0f92-11dc-b327-4d6564696130}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    shell\Open(&0)\command - Recycled\ctfmon.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff8a72f5-808c-11dc-b425-4d6564696130}]
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    shell\Open(&0)\command - F:\Recycled\ctfmon.exe


    ======List of files/folders created in the last 1 months======

    2009-10-06 19:23:01 ----DC---- C:\rsit
    2009-10-06 19:11:16 ----SHDC---- C:\Config.Msi
    2009-10-06 18:57:32 ----D---- C:\WINDOWS\LastGood
    2009-10-04 20:40:02 ----AC---- C:\cleannavi.txt
    2009-10-04 20:39:05 ----D---- C:\Program Files\Navilog1
    2009-10-04 19:06:28 ----D---- C:\Documents and Settings\Caroline\Application Data\Malwarebytes
    2009-10-04 19:06:02 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-04 19:06:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-04 11:12:23 ----D---- C:\Program Files\Trend Micro
    2009-09-26 11:56:39 ----D---- C:\Program Files\Wakfu
    2009-09-20 18:12:49 ----D---- C:\Program Files\DofusBeta
    2009-09-20 11:09:22 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-09-10 09:06:47 ----DC---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2009-09-09 16:55:45 ----D---- C:\Program Files\Messenger Plus! Live
    2009-09-09 10:23:29 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-09 10:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-09 10:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$

    ======List of files/folders modified in the last 1 months======

    2009-10-06 19:16:05 ----AD---- C:\Program Files
    2009-10-06 19:15:54 ----SHD---- C:\WINDOWS\Installer
    2009-10-06 19:15:11 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-06 19:14:33 ----D---- C:\Documents and Settings\Caroline\Application Data\DNA
    2009-10-06 18:59:16 ----D---- C:\WINDOWS\Temp
    2009-10-06 18:59:04 ----HD---- C:\WINDOWS\inf
    2009-10-06 18:59:04 ----D---- C:\WINDOWS\system32
    2009-10-06 18:59:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-10-06 18:58:37 ----D---- C:\WINDOWS\Help
    2009-10-06 18:57:41 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-10-06 18:57:32 ----AD---- C:\WINDOWS
    2009-10-06 18:56:10 ----D---- C:\Program Files\Wanadoo
    2009-10-06 18:54:31 ----D---- C:\Program Files\DNA
    2009-10-05 20:58:35 ----A---- C:\WINDOWS\ulead32.ini
    2009-10-04 21:12:08 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-10-04 19:06:04 ----D---- C:\WINDOWS\system32\drivers
    2009-10-03 17:29:50 ----D---- C:\Program Files\Gpotato.eu
    2009-10-03 13:33:02 ----D---- C:\Program Files\Dofus
    2009-10-02 19:10:23 ----D---- C:\Documents and Settings\Caroline\Application Data\Real
    2009-09-30 14:50:40 ----D---- C:\Documents and Settings\Caroline\Application Data\LimeWire
    2009-09-20 10:58:31 ----D---- C:\Program Files\eMule
    2009-09-16 17:28:44 ----D---- C:\Documents and Settings\Caroline\Application Data\U3
    2009-09-10 10:11:48 ----A---- C:\WINDOWS\pex.INI
    2009-09-09 10:23:25 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-09 10:23:15 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2007-07-08 5632]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
    R2 GenPort;GenPort; C:\WINDOWS\system32\drivers\GenPort.sys [1997-10-08 4832]
    R2 MapMem;MapMem; C:\WINDOWS\system32\drivers\MapMem.sys [1997-10-08 6816]
    R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
    R2 NTRemap;NTRemap; C:\WINDOWS\system32\drivers\NTRemap.sys [1997-10-08 6336]
    R2 Vcs;Vcs support; \??\C:\WINDOWS\system32\Drivers\Vcs.sys []
    R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-07 404608]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-05 460864]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-04 126686]
    R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2009-09-20 28276]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2004-10-08 211712]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-04 404990]
    R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-04 13240]
    R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S1 df_kmd;df_kmd; \??\C:\WINDOWS\system32\drivers\df_kmd.sys []
    S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
    S3 catchme;catchme; \??\C:\DOCUME~1\Caroline\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DVDACCSS;DVDACCSS; \??\C:\PROGRA~1\DVDACC~1\DVDAX.SYS []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 hidgame;Activateur de port HID à manette de jeu Microsoft; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
    S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288]
    S3 MR97310_VGA_DUAL_CAMERA;VGA Dual Camera; C:\WINDOWS\system32\DRIVERS\mr97310v.sys [2004-03-17 114105]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-04 1309184]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-04 180360]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2002-09-28 32000]
    S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2002-11-28 21081]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-04 95424]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
    S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
    S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
    S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
    S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
    S2 AOLService;AOL Spyware Protection Service; C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe []
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-09-03 3347280]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    6 Octobre 2009 19:26:05

    et le deuxième

    info.txt logfile of random's system information tool 1.06 2009-10-06 19:24:00

    ======Uninstall list======

    --> -c"C:\Program Files\Ulead Systems\Ulead COOL 360\IS32Inst.dll"
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ArcSoft Funhouse 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FC4811E-29F4-4035-9274-43A16816152D}\setup.exe" -l0x40c
    ArcSoft PhotoImpression 4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}\setup.exe" -l0x40c
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
    Carcassonne-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Carcassonne\ST5UNST.LOG"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
    Digimax Master-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe" -l0x9 -removeonly
    Digimax S800-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E25BC708-9133-49C5-BC6C-C82F4652EE73}\Setup.exe" anything
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe
    EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
    EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
    EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x40c Uninstall
    EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
    ESCX6600 Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\ESCX6600\REF_G\DOCUNINS.EXE
    ESCX6600 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESCX6600\PQU_G\DOCUNINS.EXE
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    ffdshow (remove only)-->"C:\Program Files\ffdshow\uninstall.exe"
    fonz Uninstall-->C:\fonz\fonz\ACCSIM~1.EXE /c
    Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
    Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe
    GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Ink-->MsiExec.exe /I{9FCB2876-554D-491D-A2CD-58F8252D6C64}
    Install(Fr)-->C:\Program Files\InstallShield Installation Information\{E32B0931-C97B-48E1-A466-27D4088060EF}\setup.exe -runfromtemp -l0x040c -removeonly
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Les Sims Deluxe-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\Setup.exe" -l040c
    LimeWire 5.2.13-->"C:\Program Files\LimeWire\uninstall.exe"
    LiveUpdate BVRP Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -l0x40c
    LiveUpdate-->C:\Program Files\Symantec\LiveUpdate\Uninst.exe -u
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
    Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
    LogoTools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7F7580D-1261-46F4-8D35-FA38FD609C0C}\Setup.exe" -l0x9 -uninst
    Lyra System File Update Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58EBC737-9828-4204-8512-E0E71BD7E792}\setup.exe" -l0x9
    Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    ManyCam 2.3 (remove only)-->"C:\Program Files\ManyCam 2.3\uninstall.exe"
    Megacity Challenge-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4C5AA47-D289-4507-811F-E036BA959334}\setup.exe" -l0x40c
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    MicroStaff WINASPI-->C:\MWASPI\uninst.exe
    MIDI TO MP3 MAKER version 3.12-->"C:\Program Files\midi2mp3\unins000.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    mobile PhoneTools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}\setup.exe" -l0x40c
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    MoodLogic DeviceLink-->C:\PROGRA~1\MOODLO~1\COMPON~1\DEVICE~1\UNWISE.EXE C:\PROGRA~1\MOODLO~1\COMPON~1\DEVICE~1\INSTALL.LOG
    MoodLogic-->C:\WINDOWS\ml-uninstall-v10.exe
    Mozilla (1.7.13)-->C:\WINDOWS\MozillaUninstall.exe /ua "1.7.13 (en)"
    Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MUSICMATCH® Jukebox-->C:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
    Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
    Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A}
    OLYMPUS CAMEDIA Master 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.1
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    QuickTime for Windows (32-bit)-->C:\WINDOWS\QTW32DEL.EXE
    QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
    SAMSUNG Mobile USB Modem ^^-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
    Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
    Samsung Samples Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
    ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    SigmaTel MSCN Audio Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9B59DAD-86AC-456C-80A7-B665E77AA325}\Setup.exe" -l0x9
    Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
    SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
    Ulead COOL 360 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}\Setup.exe" -l0x40c -uninst
    Ulead Photo Explorer 8.0 SE Basic-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D271DAE0-8D68-4C97-8356-A126D48A1D8C}\Setup.exe" -l0x40c
    Ulead Photo Express 4.0 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}\setup.exe"
    Ulead Photo Express 5 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}\Setup.exe" -l0x40c
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    USB Scanner-->C:\WINDOWS\RunUnDrv.exe C:\WINDOWS\Twain_32\FlatBed\PmxScan.INF DefaultUnInstall.USB.NTX86
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VGA Dual Camera-->MsiExec.exe /X{44E75850-B838-43D2-8F37-84D3FB71FF6E}
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Votre Budget 2005-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57CD01A5-44D0-4B68-A59A-5378B0C2408D}\SETUP.EXE" -l0x40c
    Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

    ======Hosts File======

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD

    ======System event log======

    Computer Name: TRAVERT
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

    Record Number: 244
    Source Name: Service Control Manager
    Time Written: 20090824120438.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 243
    Source Name: Service Control Manager
    Time Written: 20090824120430.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 242
    Source Name: Service Control Manager
    Time Written: 20090824120430.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: TRAVERT
    Event Code: 7036
    Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.

    Record Number: 241
    Source Name: Service Control Manager
    Time Written: 20090824120430.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

    Record Number: 240
    Source Name: Service Control Manager
    Time Written: 20090824120429.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: TRAVERT
    Event Code: 4137
    Message: CI a démarré pour le catalogue c:\system volume information\catalog.wci.

    Record Number: 5
    Source Name: Ci
    Time Written: 20090504190420.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 4
    Source Name: SecurityCenter
    Time Written: 20090504185702.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 0
    Message: Service started

    Record Number: 3
    Source Name: SeaPort
    Time Written: 20090504185656.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 1
    Message:
    Record Number: 2
    Source Name: AVGEMS
    Time Written: 20090504185656.000000+120
    Event Type: Informations
    User:

    Computer Name: TRAVERT
    Event Code: 1
    Message:
    Record Number: 1
    Source Name: Avg7UpdSvc
    Time Written: 20090504185653.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=1
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Ulead Systems\DVD;C:\Program Files\Fichiers communs\DivX Shared\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_REVISION"=0207
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "windir"=%SystemRoot%

    -----------------EOF-----------------
    a c 292 8 Sécurité
    6 Octobre 2009 19:54:40

    Ok, je vois des infections.

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
    (Sous Vista, il faut cliquer droit sur UsbFix et choisir Exécuter en tant qu'administrateur)
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    6 Octobre 2009 20:41:15


    ############################## | UsbFix V6.038 |

    User : Caroline (Administrateurs) # TRAVERT
    Update on 06/10/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 20:35:19 | 06/10/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Pentium(R) 4 CPU 2.53GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 6.0.2900.5512
    Windows Firewall Status : Enabled

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local # 74,49 Go (24,05 Go free) # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\ManyCam 2.3\ManyCam.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés Run infectieuses |


    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{2d7607bf-3ca2-11d9-aa63-0010dcfa1c72}
    Shell\Auto\command =F:\AdobeR.exe e
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{42d20cb2-c8a6-11db-b2a5-4d6564696130}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    Shell\Open(&0)\command =F:\Recycled\ctfmon.exe

    HKCU\..\..\Explorer\MountPoints2\{91bd30ff-50d4-11dc-b3b2-4d6564696130}
    Shell\Auto\command =F:\AdobeR.exe e
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{9beec97d-98ef-11db-b244-4d6564696130}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    Shell\Open(&0)\command =F:\Recycled\ctfmon.exe

    HKCU\..\..\Explorer\MountPoints2\{a7be0b30-def0-11dd-b69b-4d6564696130}
    Shell\Auto\command =F:\AdobeR.exe e
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{b1dc5c58-2083-11db-b0bf-00038a000015}
    Shell\Auto\command =F:\AdobeR.exe e
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{b3e007a8-5b8c-11dc-b3cf-0010dcfa1c72}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

    HKCU\..\..\Explorer\MountPoints2\{b3e007a9-5b8c-11dc-b3cf-0010dcfa1c72}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

    HKCU\..\..\Explorer\MountPoints2\{b6a0308e-f5c0-11dd-b6c1-4d6564696130}
    Shell\AutoRun\command =F:\DPFMate.exe

    HKCU\..\..\Explorer\MountPoints2\{c521dd62-6dfc-11dd-b5ed-4d6564696130}
    Shell\Auto\command =F:\AdobeR.exe e
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{dbd51ea1-b66d-11da-af98-00038a000015}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    Shell\Open(&0)\command =Recycled\ctfmon.exe

    HKCU\..\..\Explorer\MountPoints2\{ddd72f84-0f92-11dc-b327-4d6564696130}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    Shell\Open(&0)\command =Recycled\ctfmon.exe

    HKCU\..\..\Explorer\MountPoints2\{ff8a72f5-808c-11dc-b425-4d6564696130}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
    Shell\Open(&0)\command =F:\Recycled\ctfmon.exe

    ################## | ! Fin du rapport # UsbFix V6.038 ! |



    Merci pour l'info concernant Process.exe ^^
    a c 292 8 Sécurité
    6 Octobre 2009 20:51:23

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur UsbFix et choisir Exécuter en tant qu'administrateur)
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    6 Octobre 2009 21:07:36

    Je pense le faire demain après midi, là ça risque d'être juste pour te répondre ^^

    Qu'entends-tu par "source de données externes", je dois mettre par exemple ma clé usb qui me sert pour des transferts de fichier ?
    6 Octobre 2009 21:09:05

    Oui voila ou disque dur externe si tu as ,etc ..
    7 Octobre 2009 14:47:00


    ############################## | UsbFix V6.038 |

    User : Caroline (Administrateurs) # TRAVERT
    Update on 06/10/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 14:40:24 | 07/10/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Pentium(R) 4 CPU 2.53GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 6.0.2900.5512
    Windows Firewall Status : Enabled

    A:\ -> Lecteur de disquettes 3 ½ pouces
    C:\ -> Disque fixe local # 74,49 Go (24,04 Go free) # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés Run infectieuses |


    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{2d7607bf-3ca2-11d9-aa63-0010dcfa1c72}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{42d20cb2-c8a6-11db-b2a5-4d6564696130}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{91bd30ff-50d4-11dc-b3b2-4d6564696130}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{9beec97d-98ef-11db-b244-4d6564696130}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a7be0b30-def0-11dd-b69b-4d6564696130}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{b1dc5c58-2083-11db-b0bf-00038a000015}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{b3e007a8-5b8c-11dc-b3cf-0010dcfa1c72}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{b3e007a9-5b8c-11dc-b3cf-0010dcfa1c72}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{b6a0308e-f5c0-11dd-b6c1-4d6564696130}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{c521dd62-6dfc-11dd-b5ed-4d6564696130}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{dbd51ea1-b66d-11da-af98-00038a000015}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ddd72f84-0f92-11dc-b327-4d6564696130}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ff8a72f5-808c-11dc-b425-4d6564696130}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [12/05/2009 19:38|--a--c---|417820] C:\019-Field02.mp3
    [12/05/2009 19:43|--a--c---|417851] C:\021-Field04.mp3
    [12/05/2009 19:45|--a--c---|393802] C:\026-Town04.mp3
    [12/05/2009 19:48|--a--c---|414365] C:\027-Town05.mp3
    [23/02/2005 17:35|--a--c---|28] C:\AUTOEXEC.BAT
    [15/11/2004 12:00|---hsc---|212] C:\boot.ini
    [07/09/2002 02:00|-rahsc---|4952] C:\Bootfont.bin
    [04/10/2009 21:25|--a--c---|646] C:\cleannavi.txt
    [15/11/2004 12:07|--a--c---|0] C:\CONFIG.SYS
    [08/09/2009 19:30|--a--c---|368] C:\content_update_notification.xml
    [?|?|?] C:\hiberfil.sys
    [15/11/2004 12:07|-rahsc---|0] C:\IO.SYS
    [15/11/2004 12:07|-rahsc---|0] C:\MSDOS.SYS
    [03/08/2004 22:38|-rahs----|47564] C:\NTDETECT.COM
    [11/02/2009 15:05|-rahs----|252240] C:\ntldr
    [15/07/2007 18:49|--ah-c---|464] C:\os466477.bin
    [?|?|?] C:\pagefile.sys
    [14/04/2005 19:18|--ahsc---|28672] C:\Thumbs.db
    [07/10/2009 14:44|--a--c---|4042] C:\UsbFix.txt

    ################## | Vaccination |

    # C:\autorun.inf -> Folder created by UsbFix.

    ################## | ! Fin du rapport # UsbFix V6.038 ! |

    a c 292 8 Sécurité
    9 Octobre 2009 19:06:59

    Ok.

  • Télécharge Lop S&D (par Eric_71) sur ton Bureau.
  • Puis double-clique sur Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    9 Octobre 2009 20:14:02


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.53GHz )
    BIOS : Version 1.00
    USER : Caroline ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:74 Go (Free:23 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 09/10/2009|20:05 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [14/04/2008|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [25/02/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [24/10/2005|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
    [26/06/2009|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [26/08/2006|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
    [06/02/2006|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [25/08/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [14/02/2009|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
    [18/07/2007|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [15/05/2007|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great hold shim plan
    [25/11/2006|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GRETECH
    [02/05/2008|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [04/10/2009|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [14/02/2009|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
    [10/09/2009|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [16/02/2009|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [21/02/2005|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
    [06/01/2006|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [26/06/2009|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [06/07/2007|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [18/06/2008|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
    [06/07/2007|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/05/2005|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [28/11/2007|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [24/11/2004|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [05/11/2005|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [08/09/2006|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [31/01/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [03/11/2006|12:22] C:\DOCUME~1\Caroline\APPLIC~1\ABSOLUTIST.com
    [18/02/2009|12:16] C:\DOCUME~1\Caroline\APPLIC~1\Adobe
    [04/01/2007|21:58] C:\DOCUME~1\Caroline\APPLIC~1\AdobeUM
    [02/03/2006|17:00] C:\DOCUME~1\Caroline\APPLIC~1\Ambient Design
    [11/02/2005|15:40] C:\DOCUME~1\Caroline\APPLIC~1\ArcSoft
    [26/06/2009|09:20] C:\DOCUME~1\Caroline\APPLIC~1\AVG7
    [26/08/2006|18:57] C:\DOCUME~1\Caroline\APPLIC~1\Babylon
    [20/06/2008|20:46] C:\DOCUME~1\Caroline\APPLIC~1\ConvertTemp
    [22/07/2009|20:22] C:\DOCUME~1\Caroline\APPLIC~1\DivX
    [09/10/2009|19:57] C:\DOCUME~1\Caroline\APPLIC~1\DNA
    [14/02/2009|13:29] C:\DOCUME~1\Caroline\APPLIC~1\EmailNotifier
    [22/08/2006|18:14] C:\DOCUME~1\Caroline\APPLIC~1\FotoWire
    [18/07/2007|15:48] C:\DOCUME~1\Caroline\APPLIC~1\Google
    [25/11/2006|22:55] C:\DOCUME~1\Caroline\APPLIC~1\GRETECH
    [11/02/2005|14:39] C:\DOCUME~1\Caroline\APPLIC~1\Help
    [15/11/2004|12:23] C:\DOCUME~1\Caroline\APPLIC~1\Identities
    [19/07/2009|15:11] C:\DOCUME~1\Caroline\APPLIC~1\InstallShield
    [07/04/2006|16:35] C:\DOCUME~1\Caroline\APPLIC~1\Interactive Agents
    [07/01/2005|20:32] C:\DOCUME~1\Caroline\APPLIC~1\InterTrust
    [07/01/2005|12:55] C:\DOCUME~1\Caroline\APPLIC~1\InterVideo
    [19/05/2007|08:44] C:\DOCUME~1\Caroline\APPLIC~1\Jugs Download More
    [03/06/2008|20:23] C:\DOCUME~1\Caroline\APPLIC~1\Lavasoft
    [09/07/2007|18:49] C:\DOCUME~1\Caroline\APPLIC~1\Leadertech
    [18/07/2007|19:25] C:\DOCUME~1\Caroline\APPLIC~1\Learn2.com
    [30/09/2009|14:50] C:\DOCUME~1\Caroline\APPLIC~1\LimeWire
    [01/03/2006|16:49] C:\DOCUME~1\Caroline\APPLIC~1\Macromedia
    [04/10/2009|19:06] C:\DOCUME~1\Caroline\APPLIC~1\Malwarebytes
    [14/02/2009|13:31] C:\DOCUME~1\Caroline\APPLIC~1\Megaupload
    [15/03/2009|22:21] C:\DOCUME~1\Caroline\APPLIC~1\Microsoft
    [26/08/2008|09:55] C:\DOCUME~1\Caroline\APPLIC~1\Mozilla
    [18/12/2007|20:50] C:\DOCUME~1\Caroline\APPLIC~1\OpenArena
    [02/10/2009|19:10] C:\DOCUME~1\Caroline\APPLIC~1\Real
    [08/07/2007|13:29] C:\DOCUME~1\Caroline\APPLIC~1\Samsung
    [30/03/2007|19:27] C:\DOCUME~1\Caroline\APPLIC~1\Screenshot Sender
    [12/06/2009|19:50] C:\DOCUME~1\Caroline\APPLIC~1\skypePM
    [12/11/2006|22:17] C:\DOCUME~1\Caroline\APPLIC~1\Sun
    [02/02/2007|22:12] C:\DOCUME~1\Caroline\APPLIC~1\Talkback
    [06/07/2007|17:12] C:\DOCUME~1\Caroline\APPLIC~1\Teleca
    [17/07/2008|22:19] C:\DOCUME~1\Caroline\APPLIC~1\Temporary
    [23/01/2009|20:07] C:\DOCUME~1\Caroline\APPLIC~1\TransRender
    [16/09/2009|17:28] C:\DOCUME~1\Caroline\APPLIC~1\U3
    [03/12/2007|22:05] C:\DOCUME~1\Caroline\APPLIC~1\Ulead Systems


    [27/02/2008|21:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [15/11/2004|12:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [04/01/2007|13:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [03/12/2005|00:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [25/05/2005|21:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
    [26/06/2009|09:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [19/08/2006|21:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
    [19/07/2007|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Talkback

    [26/06/2009|09:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [09/10/2009 20:00][--ah-----] C:\WINDOWS\tasks\AD8DF27C918A7100.job
    [09/10/2009 18:56][--a------] C:\WINDOWS\tasks\music-.job
    [09/10/2009 18:56][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [07/09/2002 02:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( AD8DF27C918A7100.job )=( c:\docume~1\caroline\applic~1\jugsdo~1\Newrectmode.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [14/04/2008|12:09] C:\Program Files\Adobe
    [02/03/2006|12:18] C:\Program Files\Ambient Design
    [26/10/2005|15:04] C:\Program Files\ArcSoft
    [21/07/2008|07:26] C:\Program Files\CamStudio
    [02/05/2008|14:22] C:\Program Files\Common Files
    [18/07/2007|16:31] C:\Program Files\DAP
    [26/12/2008|10:58] C:\Program Files\Digital Photo Navigator 1.0
    [07/03/2006|22:52] C:\Program Files\directx
    [19/07/2009|11:30] C:\Program Files\DivX
    [28/08/2006|09:58] C:\Program Files\DivX_311alpha
    [28/08/2006|09:59] C:\Program Files\DivXCodec
    [09/10/2009|18:57] C:\Program Files\DNA
    [03/10/2009|13:33] C:\Program Files\Dofus
    [26/09/2009|18:47] C:\Program Files\DofusBeta
    [20/09/2009|10:58] C:\Program Files\eMule
    [26/10/2008|10:46] C:\Program Files\epson
    [15/03/2009|22:27] C:\Program Files\Fake Webcam
    [28/08/2006|09:59] C:\Program Files\ffdshow
    [19/07/2009|11:25] C:\Program Files\Fichiers communs
    [16/03/2009|18:27] C:\Program Files\Google
    [03/10/2009|17:29] C:\Program Files\Gpotato.eu
    [25/11/2006|22:55] C:\Program Files\GRETECH
    [26/06/2009|09:19] C:\Program Files\Grisoft
    [16/03/2009|18:27] C:\Program Files\ID3man
    [19/07/2009|15:12] C:\Program Files\InstallShield Installation Information
    [11/02/2009|15:45] C:\Program Files\Internet Explorer
    [27/12/2005|14:17] C:\Program Files\InterVideo
    [28/08/2009|13:34] C:\Program Files\IObit
    [15/03/2009|22:24] C:\Program Files\IrfanView
    [09/08/2009|10:09] C:\Program Files\Java
    [03/06/2008|20:23] C:\Program Files\Lavasoft
    [24/08/2009|14:34] C:\Program Files\LimeWire
    [06/01/2006|18:54] C:\Program Files\Logitech
    [04/10/2009|19:06] C:\Program Files\Malwarebytes' Anti-Malware
    [14/03/2009|21:45] C:\Program Files\ManyCam 2.3
    [11/02/2009|16:46] C:\Program Files\Messenger
    [09/09/2009|16:56] C:\Program Files\Messenger Plus! Live
    [18/07/2008|16:33] C:\Program Files\Metin2_France
    [23/08/2005|10:58] C:\Program Files\Micro Application
    [16/02/2009|20:15] C:\Program Files\Microsoft
    [09/05/2007|17:57] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [15/11/2004|12:53] C:\Program Files\microsoft frontpage
    [26/03/2006|19:41] C:\Program Files\Microsoft Office
    [16/02/2009|20:17] C:\Program Files\Microsoft Sync Framework
    [26/10/2005|15:10] C:\Program Files\Microsoft Visual Studio
    [12/05/2009|19:34] C:\Program Files\midi2mp3
    [17/10/2005|18:08] C:\Program Files\mobile PhoneTools
    [16/11/2006|19:05] C:\Program Files\MoodLogic
    [11/02/2009|15:45] C:\Program Files\Movie Maker
    [09/10/2009|20:02] C:\Program Files\Mozilla Firefox
    [18/10/2007|20:27] C:\Program Files\mozilla.org
    [15/03/2009|22:26] C:\Program Files\MP3
    [26/10/2008|10:47] C:\Program Files\MP3 Player Utilities
    [31/08/2009|09:17] C:\Program Files\MSBuild
    [16/11/2004|19:53] C:\Program Files\MSN
    [15/11/2004|12:03] C:\Program Files\MSN Gaming Zone
    [16/02/2009|20:17] C:\Program Files\MSN Messenger
    [31/08/2007|16:53] C:\Program Files\MSXML 4.0
    [16/11/2006|19:03] C:\Program Files\MUSICMATCH
    [04/10/2009|21:25] C:\Program Files\Navilog1
    [11/02/2009|15:30] C:\Program Files\NetMeeting
    [13/09/2005|20:02] C:\Program Files\OLYMPUS
    [20/08/2009|22:40] C:\Program Files\Outlook Express
    [03/02/2008|12:31] C:\Program Files\Paintown
    [15/03/2009|22:29] C:\Program Files\PIXELA
    [09/09/2006|10:11] C:\Program Files\Plus!
    [24/11/2004|16:50] C:\Program Files\QuickTime
    [31/03/2006|19:59] C:\Program Files\Real
    [31/08/2009|09:16] C:\Program Files\Reference Assemblies
    [28/08/2007|11:13] C:\Program Files\SAGEM
    [11/05/2007|17:14] C:\Program Files\Samsung
    [16/08/2007|11:04] C:\Program Files\Securitoo
    [15/11/2004|12:05] C:\Program Files\Services en ligne
    [30/03/2005|14:41] C:\Program Files\SigmaTel
    [26/01/2008|10:30] C:\Program Files\Slayers Online
    [21/04/2008|10:31] C:\Program Files\Smart Panel
    [06/07/2007|17:01] C:\Program Files\Sony Ericsson
    [06/02/2006|17:58] C:\Program Files\Symantec
    [16/11/2006|18:57] C:\Program Files\Thomson
    [04/10/2009|11:12] C:\Program Files\Trend Micro
    [28/11/2007|19:49] C:\Program Files\Ulead Systems
    [16/04/2006|17:35] C:\Program Files\ViaVoice
    [26/09/2009|18:48] C:\Program Files\Wakfu
    [09/10/2009|18:59] C:\Program Files\Wanadoo
    [16/02/2009|20:18] C:\Program Files\Windows Live
    [11/02/2009|15:20] C:\Program Files\Windows Live Safety Center
    [20/09/2009|11:09] C:\Program Files\Windows Live SkyDrive
    [16/02/2009|20:18] C:\Program Files\Windows Live Toolbar
    [20/05/2007|11:19] C:\Program Files\Windows Media Connect 2
    [11/02/2009|15:29] C:\Program Files\Windows Media Player
    [11/02/2009|15:29] C:\Program Files\Windows NT
    [22/11/2006|23:06] C:\Program Files\WinRAR
    [21/08/2005|22:01] C:\Program Files\xerox
    [28/08/2006|11:09] C:\Program Files\XviD
    [15/03/2009|22:18] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [14/04/2008|12:10] C:\Program Files\Fichiers communs\Adobe
    [04/01/2005|20:19] C:\Program Files\Fichiers communs\Designer
    [26/10/2008|11:03] C:\Program Files\Fichiers communs\DirectX
    [19/07/2009|11:27] C:\Program Files\Fichiers communs\DivX Shared
    [06/01/2006|18:54] C:\Program Files\Fichiers communs\FotoWire
    [18/12/2007|20:20] C:\Program Files\Fichiers communs\i4j_jres
    [02/05/2008|17:04] C:\Program Files\Fichiers communs\InstallShield
    [14/01/2007|19:57] C:\Program Files\Fichiers communs\Java
    [06/01/2006|18:53] C:\Program Files\Fichiers communs\Logitech
    [15/03/2009|22:24] C:\Program Files\Fichiers communs\Microsoft Shared
    [18/10/2007|20:27] C:\Program Files\Fichiers communs\mozilla.org
    [15/11/2004|12:04] C:\Program Files\Fichiers communs\MSSoap
    [24/11/2004|16:50] C:\Program Files\Fichiers communs\Nullsoft
    [14/05/2005|21:32] C:\Program Files\Fichiers communs\Real
    [18/11/2005|19:11] C:\Program Files\Fichiers communs\Scanner
    [26/08/2005|21:38] C:\Program Files\Fichiers communs\SpeechEngines
    [11/02/2009|15:29] C:\Program Files\Fichiers communs\System
    [06/07/2007|17:03] C:\Program Files\Fichiers communs\Teleca Shared
    [28/11/2007|19:46] C:\Program Files\Fichiers communs\Ulead Systems
    [16/02/2009|19:51] C:\Program Files\Fichiers communs\Windows Live
    [12/06/2008|13:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 45 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\Caroline\APPLIC~1\JUGSDO~1

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Caroline\APPLIC~1\jugsdo~1
    C:\WINDOWS\Tasks\AD8DF27C918A7100.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\admin pop great]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\Caroline\\APPLIC~1\\JUGSDO~1\\Cast show.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-09 20:07:18
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 3030

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:290][D:12]-> C:\DOCUME~1\Caroline\LOCALS~1\Temp
    [F:13][D:0]-> C:\DOCUME~1\Caroline\Cookies
    [F:679][D:4]-> C:\DOCUME~1\Caroline\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 09/10/2009|20:13 - Option : [1]

    --------------------\\ Fin du rapport a 20:13:30
    a c 292 8 Sécurité
    9 Octobre 2009 21:49:11

    Ok, tu peux faire l'option 2 de Lop S&D puis poster le rapport.
    9 Octobre 2009 22:31:44

    prend Antivir personal puis scan ton pc
    a c 292 8 Sécurité
    9 Octobre 2009 22:33:46

    Citation :
    prend Antivir personal puis scan ton pc

    --> On n'en est pas encore là.
    10 Octobre 2009 10:53:40


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.53GHz )
    BIOS : Version 1.00
    USER : Caroline ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:74 Go (Free:23 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 10/10/2009|10:40 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\WINDOWS\Tasks\AD8DF27C918A7100.job
    Supprime! - C:\DOCUME~1\Caroline\APPLIC~1\jugsdo~1
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [14/04/2008|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [25/02/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [24/10/2005|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
    [26/06/2009|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [26/08/2006|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
    [06/02/2006|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [25/08/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [14/02/2009|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
    [18/07/2007|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [15/05/2007|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great hold shim plan
    [25/11/2006|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GRETECH
    [02/05/2008|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [04/10/2009|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [14/02/2009|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
    [10/09/2009|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [16/02/2009|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [21/02/2005|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
    [06/01/2006|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [26/06/2009|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [06/07/2007|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [18/06/2008|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
    [06/07/2007|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [19/05/2005|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [28/11/2007|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [05/11/2005|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [08/09/2006|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [31/01/2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [03/11/2006|12:22] C:\DOCUME~1\Caroline\APPLIC~1\ABSOLUTIST.com
    [18/02/2009|12:16] C:\DOCUME~1\Caroline\APPLIC~1\Adobe
    [04/01/2007|21:58] C:\DOCUME~1\Caroline\APPLIC~1\AdobeUM
    [02/03/2006|17:00] C:\DOCUME~1\Caroline\APPLIC~1\Ambient Design
    [11/02/2005|15:40] C:\DOCUME~1\Caroline\APPLIC~1\ArcSoft
    [26/06/2009|09:20] C:\DOCUME~1\Caroline\APPLIC~1\AVG7
    [26/08/2006|18:57] C:\DOCUME~1\Caroline\APPLIC~1\Babylon
    [20/06/2008|20:46] C:\DOCUME~1\Caroline\APPLIC~1\ConvertTemp
    [22/07/2009|20:22] C:\DOCUME~1\Caroline\APPLIC~1\DivX
    [10/10/2009|10:36] C:\DOCUME~1\Caroline\APPLIC~1\DNA
    [14/02/2009|13:29] C:\DOCUME~1\Caroline\APPLIC~1\EmailNotifier
    [22/08/2006|18:14] C:\DOCUME~1\Caroline\APPLIC~1\FotoWire
    [18/07/2007|15:48] C:\DOCUME~1\Caroline\APPLIC~1\Google
    [25/11/2006|22:55] C:\DOCUME~1\Caroline\APPLIC~1\GRETECH
    [11/02/2005|14:39] C:\DOCUME~1\Caroline\APPLIC~1\Help
    [15/11/2004|12:23] C:\DOCUME~1\Caroline\APPLIC~1\Identities
    [19/07/2009|15:11] C:\DOCUME~1\Caroline\APPLIC~1\InstallShield
    [07/04/2006|16:35] C:\DOCUME~1\Caroline\APPLIC~1\Interactive Agents
    [07/01/2005|20:32] C:\DOCUME~1\Caroline\APPLIC~1\InterTrust
    [07/01/2005|12:55] C:\DOCUME~1\Caroline\APPLIC~1\InterVideo
    [03/06/2008|20:23] C:\DOCUME~1\Caroline\APPLIC~1\Lavasoft
    [09/07/2007|18:49] C:\DOCUME~1\Caroline\APPLIC~1\Leadertech
    [18/07/2007|19:25] C:\DOCUME~1\Caroline\APPLIC~1\Learn2.com
    [30/09/2009|14:50] C:\DOCUME~1\Caroline\APPLIC~1\LimeWire
    [01/03/2006|16:49] C:\DOCUME~1\Caroline\APPLIC~1\Macromedia
    [04/10/2009|19:06] C:\DOCUME~1\Caroline\APPLIC~1\Malwarebytes
    [14/02/2009|13:31] C:\DOCUME~1\Caroline\APPLIC~1\Megaupload
    [15/03/2009|22:21] C:\DOCUME~1\Caroline\APPLIC~1\Microsoft
    [26/08/2008|09:55] C:\DOCUME~1\Caroline\APPLIC~1\Mozilla
    [18/12/2007|20:50] C:\DOCUME~1\Caroline\APPLIC~1\OpenArena
    [02/10/2009|19:10] C:\DOCUME~1\Caroline\APPLIC~1\Real
    [08/07/2007|13:29] C:\DOCUME~1\Caroline\APPLIC~1\Samsung
    [30/03/2007|19:27] C:\DOCUME~1\Caroline\APPLIC~1\Screenshot Sender
    [12/06/2009|19:50] C:\DOCUME~1\Caroline\APPLIC~1\skypePM
    [12/11/2006|22:17] C:\DOCUME~1\Caroline\APPLIC~1\Sun
    [02/02/2007|22:12] C:\DOCUME~1\Caroline\APPLIC~1\Talkback
    [06/07/2007|17:12] C:\DOCUME~1\Caroline\APPLIC~1\Teleca
    [17/07/2008|22:19] C:\DOCUME~1\Caroline\APPLIC~1\Temporary
    [23/01/2009|20:07] C:\DOCUME~1\Caroline\APPLIC~1\TransRender
    [16/09/2009|17:28] C:\DOCUME~1\Caroline\APPLIC~1\U3
    [03/12/2007|22:05] C:\DOCUME~1\Caroline\APPLIC~1\Ulead Systems


    [27/02/2008|21:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [15/11/2004|12:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [04/01/2007|13:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
    [03/12/2005|00:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [25/05/2005|21:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
    [26/06/2009|09:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [19/08/2006|21:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
    [19/07/2007|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Talkback

    [26/06/2009|09:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [10/10/2009 10:35][--a------] C:\WINDOWS\tasks\music-.job
    [10/10/2009 10:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [07/09/2002 02:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [14/04/2008|12:09] C:\Program Files\Adobe
    [02/03/2006|12:18] C:\Program Files\Ambient Design
    [26/10/2005|15:04] C:\Program Files\ArcSoft
    [21/07/2008|07:26] C:\Program Files\CamStudio
    [02/05/2008|14:22] C:\Program Files\Common Files
    [18/07/2007|16:31] C:\Program Files\DAP
    [26/12/2008|10:58] C:\Program Files\Digital Photo Navigator 1.0
    [07/03/2006|22:52] C:\Program Files\directx
    [19/07/2009|11:30] C:\Program Files\DivX
    [28/08/2006|09:58] C:\Program Files\DivX_311alpha
    [28/08/2006|09:59] C:\Program Files\DivXCodec
    [10/10/2009|10:36] C:\Program Files\DNA
    [03/10/2009|13:33] C:\Program Files\Dofus
    [26/09/2009|18:47] C:\Program Files\DofusBeta
    [20/09/2009|10:58] C:\Program Files\eMule
    [26/10/2008|10:46] C:\Program Files\epson
    [15/03/2009|22:27] C:\Program Files\Fake Webcam
    [28/08/2006|09:59] C:\Program Files\ffdshow
    [19/07/2009|11:25] C:\Program Files\Fichiers communs
    [16/03/2009|18:27] C:\Program Files\Google
    [03/10/2009|17:29] C:\Program Files\Gpotato.eu
    [25/11/2006|22:55] C:\Program Files\GRETECH
    [26/06/2009|09:19] C:\Program Files\Grisoft
    [16/03/2009|18:27] C:\Program Files\ID3man
    [19/07/2009|15:12] C:\Program Files\InstallShield Installation Information
    [11/02/2009|15:45] C:\Program Files\Internet Explorer
    [27/12/2005|14:17] C:\Program Files\InterVideo
    [28/08/2009|13:34] C:\Program Files\IObit
    [15/03/2009|22:24] C:\Program Files\IrfanView
    [09/08/2009|10:09] C:\Program Files\Java
    [03/06/2008|20:23] C:\Program Files\Lavasoft
    [24/08/2009|14:34] C:\Program Files\LimeWire
    [06/01/2006|18:54] C:\Program Files\Logitech
    [04/10/2009|19:06] C:\Program Files\Malwarebytes' Anti-Malware
    [14/03/2009|21:45] C:\Program Files\ManyCam 2.3
    [11/02/2009|16:46] C:\Program Files\Messenger
    [09/09/2009|16:56] C:\Program Files\Messenger Plus! Live
    [18/07/2008|16:33] C:\Program Files\Metin2_France
    [23/08/2005|10:58] C:\Program Files\Micro Application
    [16/02/2009|20:15] C:\Program Files\Microsoft
    [09/05/2007|17:57] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [15/11/2004|12:53] C:\Program Files\microsoft frontpage
    [26/03/2006|19:41] C:\Program Files\Microsoft Office
    [16/02/2009|20:17] C:\Program Files\Microsoft Sync Framework
    [26/10/2005|15:10] C:\Program Files\Microsoft Visual Studio
    [12/05/2009|19:34] C:\Program Files\midi2mp3
    [17/10/2005|18:08] C:\Program Files\mobile PhoneTools
    [16/11/2006|19:05] C:\Program Files\MoodLogic
    [11/02/2009|15:45] C:\Program Files\Movie Maker
    [10/10/2009|10:38] C:\Program Files\Mozilla Firefox
    [18/10/2007|20:27] C:\Program Files\mozilla.org
    [15/03/2009|22:26] C:\Program Files\MP3
    [26/10/2008|10:47] C:\Program Files\MP3 Player Utilities
    [31/08/2009|09:17] C:\Program Files\MSBuild
    [16/11/2004|19:53] C:\Program Files\MSN
    [15/11/2004|12:03] C:\Program Files\MSN Gaming Zone
    [16/02/2009|20:17] C:\Program Files\MSN Messenger
    [31/08/2007|16:53] C:\Program Files\MSXML 4.0
    [16/11/2006|19:03] C:\Program Files\MUSICMATCH
    [04/10/2009|21:25] C:\Program Files\Navilog1
    [11/02/2009|15:30] C:\Program Files\NetMeeting
    [13/09/2005|20:02] C:\Program Files\OLYMPUS
    [20/08/2009|22:40] C:\Program Files\Outlook Express
    [03/02/2008|12:31] C:\Program Files\Paintown
    [15/03/2009|22:29] C:\Program Files\PIXELA
    [09/09/2006|10:11] C:\Program Files\Plus!
    [24/11/2004|16:50] C:\Program Files\QuickTime
    [31/03/2006|19:59] C:\Program Files\Real
    [31/08/2009|09:16] C:\Program Files\Reference Assemblies
    [28/08/2007|11:13] C:\Program Files\SAGEM
    [11/05/2007|17:14] C:\Program Files\Samsung
    [16/08/2007|11:04] C:\Program Files\Securitoo
    [15/11/2004|12:05] C:\Program Files\Services en ligne
    [30/03/2005|14:41] C:\Program Files\SigmaTel
    [26/01/2008|10:30] C:\Program Files\Slayers Online
    [21/04/2008|10:31] C:\Program Files\Smart Panel
    [06/07/2007|17:01] C:\Program Files\Sony Ericsson
    [06/02/2006|17:58] C:\Program Files\Symantec
    [16/11/2006|18:57] C:\Program Files\Thomson
    [04/10/2009|11:12] C:\Program Files\Trend Micro
    [28/11/2007|19:49] C:\Program Files\Ulead Systems
    [16/04/2006|17:35] C:\Program Files\ViaVoice
    [26/09/2009|18:48] C:\Program Files\Wakfu
    [10/10/2009|10:38] C:\Program Files\Wanadoo
    [16/02/2009|20:18] C:\Program Files\Windows Live
    [11/02/2009|15:20] C:\Program Files\Windows Live Safety Center
    [20/09/2009|11:09] C:\Program Files\Windows Live SkyDrive
    [16/02/2009|20:18] C:\Program Files\Windows Live Toolbar
    [20/05/2007|11:19] C:\Program Files\Windows Media Connect 2
    [11/02/2009|15:29] C:\Program Files\Windows Media Player
    [11/02/2009|15:29] C:\Program Files\Windows NT
    [22/11/2006|23:06] C:\Program Files\WinRAR
    [21/08/2005|22:01] C:\Program Files\xerox
    [28/08/2006|11:09] C:\Program Files\XviD
    [15/03/2009|22:18] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [14/04/2008|12:10] C:\Program Files\Fichiers communs\Adobe
    [04/01/2005|20:19] C:\Program Files\Fichiers communs\Designer
    [26/10/2008|11:03] C:\Program Files\Fichiers communs\DirectX
    [19/07/2009|11:27] C:\Program Files\Fichiers communs\DivX Shared
    [06/01/2006|18:54] C:\Program Files\Fichiers communs\FotoWire
    [18/12/2007|20:20] C:\Program Files\Fichiers communs\i4j_jres
    [02/05/2008|17:04] C:\Program Files\Fichiers communs\InstallShield
    [14/01/2007|19:57] C:\Program Files\Fichiers communs\Java
    [06/01/2006|18:53] C:\Program Files\Fichiers communs\Logitech
    [15/03/2009|22:24] C:\Program Files\Fichiers communs\Microsoft Shared
    [18/10/2007|20:27] C:\Program Files\Fichiers communs\mozilla.org
    [15/11/2004|12:04] C:\Program Files\Fichiers communs\MSSoap
    [24/11/2004|16:50] C:\Program Files\Fichiers communs\Nullsoft
    [14/05/2005|21:32] C:\Program Files\Fichiers communs\Real
    [18/11/2005|19:11] C:\Program Files\Fichiers communs\Scanner
    [26/08/2005|21:38] C:\Program Files\Fichiers communs\SpeechEngines
    [11/02/2009|15:29] C:\Program Files\Fichiers communs\System
    [06/07/2007|17:03] C:\Program Files\Fichiers communs\Teleca Shared
    [28/11/2007|19:46] C:\Program Files\Fichiers communs\Ulead Systems
    [16/02/2009|19:51] C:\Program Files\Fichiers communs\Windows Live
    [12/06/2008|13:27] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 44 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-10 10:43:00
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 3030

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:295][D:13]-> C:\DOCUME~1\Caroline\LOCALS~1\Temp
    [F:13][D:0]-> C:\DOCUME~1\Caroline\Cookies
    [F:657][D:4]-> C:\DOCUME~1\Caroline\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 09/10/2009|20:13 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 10/10/2009|10:52 - Option : [2]

    --------------------\\ Fin du rapport a 10:52:55
    a c 292 8 Sécurité
    10 Octobre 2009 11:54:14

    Ne t'inquiète pas pour les petits programmes que je te fais télécharger, on les supprimera à la fin avec ToolsCleaner.

  • Refais un scan RSIT et poste le rapport log.
    10 Octobre 2009 12:11:14

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Caroline at 2009-10-10 12:07:34
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 24 GB (31%) free of 76 GB
    Total RAM: 255 MB (11% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:08:38, on 10/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Documents and Settings\Caroline\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Caroline.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [{20-00-00-04-ZN}] C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002
    O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Documents and Settings\Caroline\Bureau\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk762YY...
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O17 - HKLM\System\CCS\Services\Tcpip\..\{719BC170-A104-4689-85DB-91D76A8689A8}: NameServer = 81.253.149.1 80.10.246.3
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 12236 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\music-.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
    {4982D40A-C53B-4615-B15B-B5B5E98D167C} - AOL Toolbar - C:\Program Files\AOL Toolbar\toolbar.dll []
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-05 57344]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2004-11-24 98304]
    "HotKey"=C:\WINDOWS\Twain_32\FlatBed\HotKey.exe [2002-12-10 602112]
    "SpySpotter System Defender"=C:\Program Files\SpySpotter3\Defender.exe -startup []
    "WinFixer 2005"=C:\Program Files\WinFixer 2005\wfx5.exe []
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]
    ""= []
    "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
    "{20-00-00-04-ZN}"=C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002 []
    "Controleur de calendrier pour Ulead Photo Express"=C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe [2004-01-12 69632]
    "Ulead AutoDetector"=C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [2003-11-19 45056]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-12 185632]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-27 67128]
    "WOOKIT"=C:\Program Files\Wanadoo\GestMaj.exe [2004-10-14 32768]
    "Registry Cleaner"=C:\Program Files\Registry Cleaner Trial\Regclean.exe -startminimize []
    "WINSOS VERIFY"=C:\Program Files\WINSOS\WINSOS.EXE MINI []
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "MSMSGS"=C:\Documents and Settings\Caroline\Bureau\msmsgs.exe [2004-10-13 1694208]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-03-15 342848]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\df_kmd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\df_kmd.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=255
    "NoDriveAutoRun"=FFFFFFFF
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:D isabled:SPeechCube"
    "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:D isabled:Microsoft DirectPlay Helper"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\Raven\SOF PLATINUM\SoF.exe"="C:\Program Files\Raven\SOF PLATINUM\SoF.exe:*:Enabled:SoF"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:D isabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
    "C:\Program Files\3DO\Heroes of Might and Magic IV\heroes4f.exe"="C:\Program Files\3DO\Heroes of Might and Magic IV\heroes4f.exe:*:Enabled:Heroes of Might and Magic® IV"
    "C:\Program Files\Vendetta\Vendetta.exe"="C:\Program Files\Vendetta\Vendetta.exe:*:Enabled:Vendetta"
    "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:D isabled:@xpsp2res.dll,-22019"
    "C:\Games\Shogo\Client.exe"="C:\Games\Shogo\Client.exe:*:D isabled:Client"
    "C:\Program Files\Diablo II\Game.exe"="C:\Program Files\Diablo II\Game.exe:*:D isabled:D iablo II"
    "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:D isabled:D ownload Accelerator Plus (DAP)"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:D isabled:eMule"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "C:\Program Files\Duelfield\df.exe"="C:\Program Files\Duelfield\df.exe:*:Enabled:D f"
    "E:\games\hexxagon\Hexxagon.exe"="E:\games\hexxagon\Hexxagon.exe:*:Enabled:Hexxagon"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "E:\TTS\SpeechCube.exe"="E:\TTS\SpeechCube.exe:*:D isabled:SPeechCube"
    "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
    "C:\Program Files\Controle Parental\bin\optproxy.exe"="C:\Program Files\Controle Parental\bin\optproxy.exe:*:D isabled:Contrôle Parental"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\Warez\Warez.exe"="C:\Program Files\Warez\Warez.exe:*:Enabled:Warez3"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\WINSOS\winsos.exe"="C:\Program Files\WINSOS\winsos.exe:*:Enabled:Winsos"
    "C:\Program Files\WINSOS\help.exe"="C:\Program Files\WINSOS\help.exe:*:Enabled:Winsos Help"
    "C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:D isabled:NAVBrowser"
    "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Program Files\Dofus-Arena beta 2\DofusArena.exe"="C:\Program Files\Dofus-Arena beta 2\DofusArena.exe:*:Enabled:D ofus Arena Client"
    "C:\Program Files\Ankama Games\Dofus\Dofus.exe"="C:\Program Files\Ankama Games\Dofus\Dofus.exe:*:Enabled:D ofus Client"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Metin2_France\metin2.bin"="C:\Program Files\Metin2_France\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Caroline\metin2.bin"="C:\Documents and Settings\Caroline\metin2.bin:*:D isabled:metin2"
    "C:\Documents and Settings\Caroline\Bureau\eMule0.49a\eMule0.49a\emule.exe"="C:\Documents and Settings\Caroline\Bureau\eMule0.49a\eMule0.49a\emule.exe:*:Enabled:eMule"
    "C:\Documents and Settings\Caroline\Bureau\eMule\emule.exe"="C:\Documents and Settings\Caroline\Bureau\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
    "C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL 9.0a"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-10-09 20:05:29 ----AC---- C:\lopR.txt
    2009-10-09 20:05:12 ----DC---- C:\Lop SD
    2009-10-07 14:44:25 ----RASHDC---- C:\autorun.inf
    2009-10-07 14:40:17 ----AC---- C:\UsbFix.txt
    2009-10-06 20:33:08 ----DC---- C:\UsbFix
    2009-10-06 19:23:01 ----DC---- C:\rsit
    2009-10-06 19:11:16 ----SHDC---- C:\Config.Msi
    2009-10-04 20:40:02 ----AC---- C:\cleannavi.txt
    2009-10-04 20:39:05 ----D---- C:\Program Files\Navilog1
    2009-10-04 19:06:28 ----D---- C:\Documents and Settings\Caroline\Application Data\Malwarebytes
    2009-10-04 19:06:02 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-04 19:06:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-04 11:12:23 ----D---- C:\Program Files\Trend Micro
    2009-09-26 11:56:39 ----D---- C:\Program Files\Wakfu
    2009-09-20 18:12:49 ----D---- C:\Program Files\DofusBeta
    2009-09-20 11:09:22 ----D---- C:\Program Files\Windows Live SkyDrive

    ======List of files/folders modified in the last 1 months======

    2009-10-10 12:07:23 ----D---- C:\WINDOWS\Prefetch
    2009-10-10 12:06:57 ----D---- C:\Documents and Settings\Caroline\Application Data\DNA
    2009-10-10 10:42:43 ----D---- C:\WINDOWS\Temp
    2009-10-10 10:40:55 ----SD---- C:\WINDOWS\Tasks
    2009-10-10 10:38:20 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-10 10:38:10 ----D---- C:\Program Files\Wanadoo
    2009-10-10 10:36:30 ----D---- C:\Program Files\DNA
    2009-10-07 22:01:09 ----A---- C:\WINDOWS\ulead32.ini
    2009-10-07 14:44:21 ----SHD---- C:\RECYCLER
    2009-10-07 14:40:08 ----AD---- C:\WINDOWS
    2009-10-07 14:38:58 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-10-07 14:19:04 ----D---- C:\WINDOWS\system32
    2009-10-07 14:18:54 ----HD---- C:\WINDOWS\inf
    2009-10-07 14:15:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-10-07 14:15:31 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-10-06 19:16:08 ----SHD---- C:\WINDOWS\Installer
    2009-10-06 19:16:05 ----AD---- C:\Program Files
    2009-10-06 18:59:04 ----D---- C:\WINDOWS\Help
    2009-10-04 19:06:04 ----D---- C:\WINDOWS\system32\drivers
    2009-10-03 17:29:50 ----D---- C:\Program Files\Gpotato.eu
    2009-10-03 13:33:02 ----D---- C:\Program Files\Dofus
    2009-10-02 19:10:23 ----D---- C:\Documents and Settings\Caroline\Application Data\Real
    2009-09-30 14:50:40 ----D---- C:\Documents and Settings\Caroline\Application Data\LimeWire
    2009-09-20 10:58:31 ----D---- C:\Program Files\eMule
    2009-09-16 17:28:44 ----D---- C:\Documents and Settings\Caroline\Application Data\U3

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2007-07-08 5632]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
    R2 GenPort;GenPort; C:\WINDOWS\system32\drivers\GenPort.sys [1997-10-08 4832]
    R2 MapMem;MapMem; C:\WINDOWS\system32\drivers\MapMem.sys [1997-10-08 6816]
    R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
    R2 NTRemap;NTRemap; C:\WINDOWS\system32\drivers\NTRemap.sys [1997-10-08 6336]
    R2 Vcs;Vcs support; \??\C:\WINDOWS\system32\Drivers\Vcs.sys []
    R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-07 404608]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-05 460864]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-04 126686]
    R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2009-09-20 28276]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-04 404990]
    R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-04 13240]
    R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S1 df_kmd;df_kmd; \??\C:\WINDOWS\system32\drivers\df_kmd.sys []
    S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
    S3 catchme;catchme; \??\C:\DOCUME~1\Caroline\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DVDACCSS;DVDACCSS; \??\C:\PROGRA~1\DVDACC~1\DVDAX.SYS []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 hidgame;Activateur de port HID à manette de jeu Microsoft; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
    S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288]
    S3 MR97310_VGA_DUAL_CAMERA;VGA Dual Camera; C:\WINDOWS\system32\DRIVERS\mr97310v.sys [2004-03-17 114105]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-04 1309184]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-04 180360]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2004-10-08 211712]
    S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2002-09-28 32000]
    S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2002-11-28 21081]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-04 95424]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
    S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
    S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
    S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
    S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
    S2 AOLService;AOL Spyware Protection Service; C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe []
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-09-03 3347280]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 292 8 Sécurité
    10 Octobre 2009 12:23:12

    1/

  • Lance ce fichier : C:\Program Files\Trend Micro\HijackThis\Caroline.exe
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)

    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup

    O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe

    O4 - HKLM\..\Run: [{20-00-00-04-ZN}] C:\DOCUME~1\Caroline\LOCALS~1\Temp\BundleDownloader\27.ex_ P2D002

    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] xmk762YYFR

    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)

    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)

    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)

    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)

    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)

    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)

    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.


    2/

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :services
    df_kmd.sys
    AOLService
    Boonty Games

    :files
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\great hold shim plan
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    10 Octobre 2009 14:00:40

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== SERVICES/DRIVERS ==========
    Service\Driver df_kmd.sys not found.
    Service\Driver df_kmd.sys not found.
    Service\Driver df_kmd.sys not found.
    Service\Driver AOLService deleted successfully.
    Service\Driver df_kmd.sys not found.
    Service\Driver Boonty Games deleted successfully.
    ========== FILES ==========
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\great hold shim plan moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Toolbars\Internet Explorer\cache moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Toolbars\Internet Explorer moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Toolbars moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\data\contentdb moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\data moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\yama_kaki14@hotmail.fr moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\powa_du_14@hotmail.fr moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\nrjchris@hotmail.fr moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\missgirl_14@msn.com moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\cagoline21@hotmail.com moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\bouchon14@hotmail.fr moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users\alexmareau2@hotmail.com moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf\users moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger\conf moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM\Messenger moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Caroline
    ->Temp folder emptied: 79317187 bytes
    File delete failed. C:\Documents and Settings\Caroline\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 12502710 bytes
    ->Java cache emptied: 35522272 bytes
    ->FireFox cache emptied: 55014980 bytes

    User: Christine
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 4538861 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 32902 bytes
    ->FireFox cache emptied: 2490272 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    C:\WG09E.TMP folder deleted successfully.
    %systemdrive% .tmp files removed: 1731736 bytes
    %systemroot% .tmp files removed: 2133582 bytes
    %systemroot%\System32 .tmp files removed: 3614208 bytes
    Windows Temp folder emptied: 33207 bytes
    RecycleBin emptied: 672186139 bytes

    Total Files Cleaned = 828,89 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 10102009_135336

    Files moved on Reboot...

    Registry entries deleted on Reboot...
    a c 292 8 Sécurité
    10 Octobre 2009 19:52:58

  • Désinstalle les programmes suivants :
    - J2SE Runtime Environment 5.0 Update 10
    - Java 6 Update 15
    - Java 6 Update 3
    - Java 6 Update 5
    - Java SE Runtime Environment 6 Update 1

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Mets à jour Internet Explorer.

  • Refais un scan RSIT et poste le rapport log.
    11 Octobre 2009 11:30:06

    J'ai réussit à faire la Maj de Java et Internet Explorer, mais pas celle d'Adobe, qui me marque "error"


    Voici le Log.


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Caroline at 2009-10-11 11:22:37
    Microsoft Windows XP Professionnel Service Pack 3
    System drive C: has 24 GB (31%) free of 76 GB
    Total RAM: 255 MB (11% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:27:07, on 11/10/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\Caroline\Bureau\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Documents and Settings\Caroline\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Caroline.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Documents and Settings\Caroline\Bureau\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fc00d2ae8b184d8eb6e48dc636464721
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - (no file)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O17 - HKLM\System\CCS\Services\Tcpip\..\{719BC170-A104-4689-85DB-91D76A8689A8}: NameServer = 81.253.149.1 80.10.246.3
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

    --
    End of file - 11359 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\music-.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-10 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-10 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-05 57344]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2004-11-24 98304]
    "HotKey"=C:\WINDOWS\Twain_32\FlatBed\HotKey.exe [2002-12-10 602112]
    "SpySpotter System Defender"=C:\Program Files\SpySpotter3\Defender.exe -startup []
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]
    ""= []
    "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
    "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]
    "WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]
    "WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]
    "Controleur de calendrier pour Ulead Photo Express"=C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe [2004-01-12 69632]
    "Ulead AutoDetector"=C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [2003-11-19 45056]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-12 185632]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-10 149280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-27 67128]
    "WOOKIT"=C:\Program Files\Wanadoo\GestMaj.exe [2004-10-14 32768]
    "Registry Cleaner"=C:\Program Files\Registry Cleaner Trial\Regclean.exe -startminimize []
    "WINSOS VERIFY"=C:\Program Files\WINSOS\WINSOS.EXE MINI []
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "MSMSGS"=C:\Documents and Settings\Caroline\Bureau\msmsgs.exe [2004-10-13 1694208]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-03-15 342848]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\df_kmd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\df_kmd.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=255
    "NoDriveAutoRun"=FFFFFFFF
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:D isabled:SPeechCube"
    "C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:D isabled:Microsoft DirectPlay Helper"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\Raven\SOF PLATINUM\SoF.exe"="C:\Program Files\Raven\SOF PLATINUM\SoF.exe:*:Enabled:SoF"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:D isabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
    "C:\Program Files\3DO\Heroes of Might and Magic IV\heroes4f.exe"="C:\Program Files\3DO\Heroes of Might and Magic IV\heroes4f.exe:*:Enabled:Heroes of Might and Magic® IV"
    "C:\Program Files\Vendetta\Vendetta.exe"="C:\Program Files\Vendetta\Vendetta.exe:*:Enabled:Vendetta"
    "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:D isabled:@xpsp2res.dll,-22019"
    "C:\Games\Shogo\Client.exe"="C:\Games\Shogo\Client.exe:*:D isabled:Client"
    "C:\Program Files\Diablo II\Game.exe"="C:\Program Files\Diablo II\Game.exe:*:D isabled:D iablo II"
    "C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:D isabled:D ownload Accelerator Plus (DAP)"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:D isabled:eMule"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "C:\Program Files\Duelfield\df.exe"="C:\Program Files\Duelfield\df.exe:*:Enabled:D f"
    "E:\games\hexxagon\Hexxagon.exe"="E:\games\hexxagon\Hexxagon.exe:*:Enabled:Hexxagon"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "E:\TTS\SpeechCube.exe"="E:\TTS\SpeechCube.exe:*:D isabled:SPeechCube"
    "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
    "C:\Program Files\Controle Parental\bin\optproxy.exe"="C:\Program Files\Controle Parental\bin\optproxy.exe:*:D isabled:Contrôle Parental"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\Warez\Warez.exe"="C:\Program Files\Warez\Warez.exe:*:Enabled:Warez3"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "C:\Program Files\WINSOS\winsos.exe"="C:\Program Files\WINSOS\winsos.exe:*:Enabled:Winsos"
    "C:\Program Files\WINSOS\help.exe"="C:\Program Files\WINSOS\help.exe:*:Enabled:Winsos Help"
    "C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:D isabled:NAVBrowser"
    "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Program Files\Dofus-Arena beta 2\DofusArena.exe"="C:\Program Files\Dofus-Arena beta 2\DofusArena.exe:*:Enabled:D ofus Arena Client"
    "C:\Program Files\Ankama Games\Dofus\Dofus.exe"="C:\Program Files\Ankama Games\Dofus\Dofus.exe:*:Enabled:D ofus Client"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Metin2_France\metin2.bin"="C:\Program Files\Metin2_France\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Caroline\metin2.bin"="C:\Documents and Settings\Caroline\metin2.bin:*:D isabled:metin2"
    "C:\Documents and Settings\Caroline\Bureau\eMule0.49a\eMule0.49a\emule.exe"="C:\Documents and Settings\Caroline\Bureau\eMule0.49a\eMule0.49a\emule.exe:*:Enabled:eMule"
    "C:\Documents and Settings\Caroline\Bureau\eMule\emule.exe"="C:\Documents and Settings\Caroline\Bureau\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
    "C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL 9.0a"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
    "C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-10-11 11:12:51 ----HD---- C:\Program Files\Uninstall Information
    2009-10-11 10:38:55 ----D---- C:\WINDOWS\ie8updates
    2009-10-11 10:26:22 ----D---- C:\WINDOWS\WBEM
    2009-10-11 10:19:20 ----HDC---- C:\WINDOWS\ie8
    2009-10-10 20:40:09 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-10-10 20:40:09 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-10-10 20:40:09 ----A---- C:\WINDOWS\system32\java.exe
    2009-10-10 20:38:28 ----D---- C:\Program Files\Java
    2009-10-10 13:53:36 ----DC---- C:\_OTM
    2009-10-10 13:46:10 ----SHD---- C:\found.004
    2009-10-09 20:05:29 ----AC---- C:\lopR.txt
    2009-10-09 20:05:12 ----DC---- C:\Lop SD
    2009-10-07 14:44:25 ----RASHDC---- C:\autorun.inf
    2009-10-07 14:40:17 ----AC---- C:\UsbFix.txt
    2009-10-06 20:33:08 ----DC---- C:\UsbFix
    2009-10-06 19:23:01 ----DC---- C:\rsit
    2009-10-04 20:40:02 ----AC---- C:\cleannavi.txt
    2009-10-04 20:39:05 ----D---- C:\Program Files\Navilog1
    2009-10-04 19:06:28 ----D---- C:\Documents and Settings\Caroline\Application Data\Malwarebytes
    2009-10-04 19:06:02 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-04 19:06:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-04 11:12:23 ----D---- C:\Program Files\Trend Micro
    2009-09-26 11:56:39 ----D---- C:\Program Files\Wakfu
    2009-09-20 18:12:49 ----D---- C:\Program Files\DofusBeta
    2009-09-20 11:09:22 ----D---- C:\Program Files\Windows Live SkyDrive

    ======List of files/folders modified in the last 1 months======

    2009-10-11 11:24:01 ----D---- C:\Documents and Settings\Caroline\Application Data\DNA
    2009-10-11 11:15:49 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-11 11:15:33 ----D---- C:\Program Files\Wanadoo
    2009-10-11 11:13:35 ----D---- C:\Program Files\DNA
    2009-10-11 11:13:07 ----D---- C:\WINDOWS\Temp
    2009-10-11 11:12:51 ----AD---- C:\Program Files
    2009-10-11 11:12:47 ----D---- C:\WINDOWS\system32
    2009-10-11 11:12:43 ----AD---- C:\WINDOWS
    2009-10-11 11:12:40 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-10-11 11:12:27 ----HD---- C:\WINDOWS\inf
    2009-10-11 11:12:27 ----D---- C:\WINDOWS\system32\fr-fr
    2009-10-11 11:12:27 ----D---- C:\WINDOWS\Help
    2009-10-11 11:12:27 ----D---- C:\Program Files\Internet Explorer
    2009-10-11 11:12:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-10-11 10:43:35 ----HD---- C:\WINDOWS\$hf_mig$
    2009-10-11 10:42:32 ----D---- C:\WINDOWS\Prefetch
    2009-10-11 10:41:32 ----A---- C:\WINDOWS\imsins.BAK
    2009-10-11 10:41:31 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-10-11 10:27:28 ----D---- C:\WINDOWS\system32\config
    2009-10-11 10:25:05 ----D---- C:\WINDOWS\Media
    2009-10-11 10:19:10 ----D---- C:\WINDOWS\system32\CatRoot
    2009-10-10 20:41:10 ----SHD---- C:\WINDOWS\Installer
    2009-10-10 20:38:40 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-10-10 20:33:02 ----D---- C:\Program Files\Fichiers communs
    2009-10-10 13:52:24 ----A---- C:\WINDOWS\ulead32.ini
    2009-10-10 10:40:55 ----SD---- C:\WINDOWS\Tasks
    2009-10-07 14:44:21 ----SHD---- C:\RECYCLER
    2009-10-04 19:06:04 ----D---- C:\WINDOWS\system32\drivers
    2009-10-03 17:29:50 ----D---- C:\Program Files\Gpotato.eu
    2009-10-03 13:33:02 ----D---- C:\Program Files\Dofus
    2009-10-02 19:10:23 ----D---- C:\Documents and Settings\Caroline\Application Data\Real
    2009-09-30 14:50:40 ----D---- C:\Documents and Settings\Caroline\Application Data\LimeWire
    2009-09-20 10:58:31 ----D---- C:\Program Files\eMule
    2009-09-16 17:28:44 ----D---- C:\Documents and Settings\Caroline\Application Data\U3

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2007-07-08 5632]
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
    R2 GenPort;GenPort; C:\WINDOWS\system32\drivers\GenPort.sys [1997-10-08 4832]
    R2 MapMem;MapMem; C:\WINDOWS\system32\drivers\MapMem.sys [1997-10-08 6816]
    R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
    R2 NTRemap;NTRemap; C:\WINDOWS\system32\drivers\NTRemap.sys [1997-10-08 6336]
    R2 Vcs;Vcs support; \??\C:\WINDOWS\system32\Drivers\Vcs.sys []
    R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-07 404608]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-05 460864]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
    R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 114616]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
    R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-04 126686]
    R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2009-09-20 28276]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-04 404990]
    R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-04 13240]
    R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S1 df_kmd;df_kmd; \??\C:\WINDOWS\system32\drivers\df_kmd.sys []
    S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2006-03-02 63555]
    S3 catchme;catchme; \??\C:\DOCUME~1\Caroline\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DVDACCSS;DVDACCSS; \??\C:\PROGRA~1\DVDACC~1\DVDAX.SYS []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 hidgame;Activateur de port HID à manette de jeu Microsoft; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
    S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288]
    S3 MR97310_VGA_DUAL_CAMERA;VGA Dual Camera; C:\WINDOWS\system32\DRIVERS\mr97310v.sys [2004-03-17 114105]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-04 1309184]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-04 180360]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2004-10-08 211712]
    S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2002-09-28 32000]
    S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2002-11-28 21081]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-04 95424]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
    S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
    S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
    S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
    S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-10 153376]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-09-03 3347280]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 292 8 Sécurité
    11 Octobre 2009 16:31:47

    Pourquoi ce PC n'a pas d'antivirus ?
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS