Se connecter / S'enregistrer
Votre question

[Résolu] Cheval de troie : comment le supprimer ?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Juillet 2009 12:38:43

Bonjour, j'ai un cheval de Troie qui s'est installé dans mon pc et je ne sais comment le supprimer. Mon anti-virus (AVG) ne semble pas vouloir le supprimer de lui-même... Il me dit que ce cheval de Troie s'appelle PSW.OnlineGames3.JIE, et me dit ou il est C:\Documents and Settings\hp\LocalSettings\Temp\443735001820mmx.dll Comment puis-je le supprimer svp ? Merci de m'aider.

Autres pages sur : resolu cheval troie supprimer

a c 267 8 Sécurité
24 Juillet 2009 16:04:30

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    24 Juillet 2009 16:12:50

    Merci Destrio5 de m'aider, c'est très sympa.

    Voici les deux textes. Y'a surement d'autres "merdes" là-dedans, mais je n'y connais pas grand chose en informatique...

    log.txt :


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by hp at 2009-07-24 16:07:48
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 30 GB (52%) free of 57 GB
    Total RAM: 2014 MB (69% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:08:13, on 24/07/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\VeriSign\NAVI\naviagent.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\HPQ\SHARED\HPQWMI.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\documents and settings\hp\local settings\application data\kkask.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\hp\Bureau\RSIT.exe
    C:\Program Files\trend micro\hp.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: C:\WINDOWS\system32\ghaf8jkdfd.dll - {A36D2A01-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\system32\ghaf8jkdfd.dll (file missing)
    O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [NI.UERSV_0001_N68M0602] "JRPC:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\SXYNK1QJ\ErrorSafeScannerInstall_fr[1].exe" -nag
    O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\system32\spoolsv32.exe
    O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\system32\dllhost32.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
    O4 - HKLM\..\Run: [NI.UERSV_0001_LP] "JRPC:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\7H9O7QM5\ErrorSafeScannerInstall_fr[1].exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HPWPTOOLBOX] C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe "-i"
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [kkask] "c:\documents and settings\hp\local settings\application data\kkask.exe" kkask
    O4 - HKCU\..\Run: [mswindows restore service] C:\DOCUME~1\hp\LOCALS~1\Temp\dk1dla793.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-594981481-3022658624-4292412156-1010\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'compte 2')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
    O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
    O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
    O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
    O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.canalplay.com
    O15 - Trusted Zone: *.canalplay.com (HKLM)
    O15 - Trusted Zone: *.canalplusactive.com (HKLM)
    O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.3/GarminAxContro...
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--1...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.canalblog.com/sharedDocs/misc/uploader/Image...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://accoue.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--1...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/hp/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v10.cab
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
    O16 - DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} (CPlayFirstParkingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--1...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F20414-7C5C-4A7E-8482-92B6E8A1CC51}: NameServer = 212.27.54.252,212.27.53.252
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: ,C:\DOCUME~1\hp\LOCALS~1\Temp\443735001820mmx.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O22 - SharedTaskScheduler: kjhsf87fhjdsfn93rjkndfdf - {A36D2A01-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\system32\ghaf8jkdfd.dll (file missing)
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing)

    --
    End of file - 15622 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004UA.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{0A7DCAF4-880A-48AB-9834-2A080B3F0EC3}.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{FE70D0CE-6FC9-4D41-A6E3-B6F5D062CD73}.job
    C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
    C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A36D2A01-00F3-42BD-F434-00BBC39C8953}]
    C:\WINDOWS\system32\ghaf8jkdfd.dll - C:\WINDOWS\system32\ghaf8jkdfd.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE000992-A58C-4441-8938-744CD72AB27F}]
    i-Nav IDN Resolver - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll [2005-05-02 446464]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-12-16 429816]
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-27 1008896]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NI.UERSV_0001_N68M0602"=JRPC:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\SXYNK1QJ\ErrorSafeScannerInstall_fr[1].exe -nag []
    "Windows Spooler"=C:\WINDOWS\system32\spoolsv32.exe []
    "Windows DLL Host"=C:\WINDOWS\system32\dllhost32.exe []
    "UpdateManager"=C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-27 98304]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-27 536576]
    "SpySpotter System Defender"=C:\Program Files\SpySpotter3\Defender.exe -startup []
    "NI.UERSV_0001_LP"=JRPC:\Documents and Settings\hp\Local Settings\Temporary Internet Files\Content.IE5\7H9O7QM5\ErrorSafeScannerInstall_fr[1].exe []
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
    "IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2004-06-17 155648]
    "HPWPTOOLBOX"=C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe [2004-10-21 327680]
    "HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2004-06-17 118784]
    "eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-05-27 278528]
    "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
    "FTP Server"= []
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-07-22 1948440]
    "NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [2007-09-07 3100672]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
    "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= []
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
    "LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1 []
    "Google Update"=C:\Documents and Settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-14 133104]
    "kkask"=c:\documents and settings\hp\local settings\application data\kkask.exe [2009-07-16 290816]
    "mswindows restore service"=C:\DOCUME~1\hp\LOCALS~1\Temp\dk1dla793.exe []
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Accélérateur de démarrage AutoCAD.lnk - C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage
    MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=",C:\DOCUME~1\hp\LOCALS~1\Temp\443735001820mmx.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-04-24 11952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2004-06-17 344064]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-19 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    kjhsf87fhjdsfn93rjkndfdf - {A36D2A01-00F3-42BD-F434-00BBC39C8953} - C:\WINDOWS\system32\ghaf8jkdfd.dll []

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe"="C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe:*:D isabled:Toolbox for HP Printing System for Windows"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:Microsoft Office Excel"
    "C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe:*:Enabled:Lecteur CANALPLAY"
    "C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
    "C:\TYPSoft FTP Server\ftpserv.exe"="C:\TYPSoft FTP Server\ftpserv.exe:*:Enabled:TYPSoft FTP Server"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:D isabled:LimeWire"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:D isabled:Windows Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
    shell\AutoRun\command - Z:\Setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e2a6451-8568-11dd-a7ac-00c09f7a7c5c}]
    shell\AutoRun\command - G:\LaunchU3.exe -a


    ======File associations======

    .scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2098-06-18 00:00:00 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
    2009-07-24 16:07:49 ----D---- C:\Program Files\trend micro
    2009-07-24 16:07:48 ----D---- C:\rsit
    2009-07-22 12:52:19 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    2009-07-21 20:12:01 ----D---- C:\Program Files\iTunes
    2009-07-20 18:37:00 ----D---- C:\WINDOWS\ie8updates
    2009-07-20 18:35:08 ----A---- C:\WINDOWS\imsins.BAK
    2009-07-20 18:31:48 ----HDC---- C:\WINDOWS\ie8
    2009-07-18 22:33:26 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-07-18 10:23:35 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-07-18 10:23:19 ----A---- C:\rapport.txt
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\WS2Fix.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\VCCLSID.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\VACFix.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\swxcacls.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\swsc.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\swreg.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\SrchSTS.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\Process.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\dumphive.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
    2009-07-18 10:22:48 ----A---- C:\WINDOWS\system32\404Fix.exe
    2009-07-18 09:40:32 ----D---- C:\Program Files\Enigma Software Group
    2009-07-18 00:32:18 ----D---- C:\Documents and Settings\All Users\Application Data\14313434
    2009-07-18 00:32:05 ----A---- C:\vyowk.exe
    2009-07-18 00:31:52 ----A---- C:\p2hhr.bat
    2009-07-18 00:30:59 ----A---- C:\WINDOWS\system32\uacinit.dll
    2009-07-18 00:30:21 ----A---- C:\WINDOWS\system32\geyekrlncrxiuc.dll
    2009-07-18 00:30:18 ----A---- C:\WINDOWS\system32\geyekrbnsyjsao.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\px.dll
    2009-07-16 20:25:38 ----D---- C:\WINDOWS\system32\IOSUBSYS
    2009-07-15 15:07:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-07-15 15:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-07-15 15:02:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
    2009-06-29 22:16:54 ----D---- C:\Program Files\Fichiers communs\DivX Shared

    ======List of files/folders modified in the last 1 months======

    2009-07-24 16:07:49 ----D---- C:\WINDOWS\Prefetch
    2009-07-24 16:07:49 ----D---- C:\Program Files
    2009-07-24 15:31:54 ----D---- C:\WINDOWS\Temp
    2009-07-24 15:30:07 ----HD---- C:\$AVG8.VAULT$
    2009-07-24 15:30:07 ----D---- C:\WINDOWS\system32
    2009-07-24 14:25:24 ----RSD---- C:\WINDOWS\Fonts
    2009-07-24 13:57:58 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-24 13:54:35 ----D---- C:\WINDOWS
    2009-07-24 11:18:56 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-07-24 02:06:14 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-22 19:10:54 ----D---- C:\Program Files\Microsoft Silverlight
    2009-07-22 17:42:50 ----D---- C:\Documents and Settings\hp\Application Data\Adobe
    2009-07-22 17:42:50 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-07-22 15:02:20 ----SHD---- C:\WINDOWS\Installer
    2009-07-22 13:00:08 ----SD---- C:\WINDOWS\Tasks
    2009-07-22 12:53:18 ----D---- C:\Documents and Settings
    2009-07-22 12:53:16 ----D---- C:\WINDOWS\system32\drivers
    2009-07-22 12:53:06 ----HD---- C:\WINDOWS\inf
    2009-07-22 00:22:08 ----D---- C:\Documents and Settings\hp\Application Data\dvdcss
    2009-07-21 20:12:08 ----D---- C:\Program Files\iPod
    2009-07-21 20:12:05 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-07-20 19:06:02 ----D---- C:\WINDOWS\system32\fr-fr
    2009-07-20 19:06:01 ----D---- C:\WINDOWS\Media
    2009-07-20 19:06:01 ----D---- C:\Program Files\Internet Explorer
    2009-07-20 19:06:00 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-07-20 19:06:00 ----D---- C:\WINDOWS\Help
    2009-07-20 18:37:40 ----HD---- C:\WINDOWS\$hf_mig$
    2009-07-20 18:28:27 ----D---- C:\WINDOWS\Debug
    2009-07-18 22:33:26 ----D---- C:\Program Files\Fichiers communs\System
    2009-07-18 20:31:42 ----D---- C:\WINDOWS\Minidump
    2009-07-18 11:00:53 ----RASH---- C:\boot.ini
    2009-07-18 11:00:53 ----A---- C:\WINDOWS\win.ini
    2009-07-18 11:00:53 ----A---- C:\WINDOWS\system.ini
    2009-07-16 20:25:23 ----D---- C:\Program Files\Google
    2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-07-06 18:58:14 ----D---- C:\Garmin
    2009-06-29 22:17:11 ----D---- C:\Program Files\DivX
    2009-06-29 22:16:54 ----D---- C:\Program Files\Fichiers communs
    2009-06-29 16:33:31 ----D---- C:\WINDOWS\system32\wbem
    2009-06-29 16:33:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-06-29 12:41:01 ----D---- C:\Program Files\Movies2iPhone

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-22 335752]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-22 27784]
    R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-24 108552]
    R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\System32\drivers\EABFiltr.sys []
    R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]
    R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-18 10384]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
    R2 Ndismeetro;Meetro NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\ndismeetro.sys [2005-06-10 34688]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 BCM43XX;Pilote pour carte réseau BCM 802.11b; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2003-09-25 285056]
    R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-29 292352]
    R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-29 274688]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2006-03-20 45056]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
    R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
    R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-06-17 708989]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-05-27 7136]
    R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-05-27 913280]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-24 5888]
    R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2004-04-26 69504]
    R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 SPLITCAM;Splitcam, WDM Camera Stream Splitter; C:\WINDOWS\system32\DRIVERS\splitcam.sys [2006-05-01 13824]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2004-05-27 182720]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
    R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230]
    R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-04-22 98048]
    R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]
    R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-04-22 52608]
    R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
    R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
    S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
    S3 BDA7700;DiBcom DIB7700 DVB-T; C:\WINDOWS\System32\Drivers\bda7700.sys [2006-03-31 74880]
    S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
    S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 79248]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
    S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys []
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2005-02-01 348640]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851]
    S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-05-29 39424]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []
    S4 Shscdisichrs;Shscdisichrs; C:\WINDOWS\system32\drivers\Shscdisichrs.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
    R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-22 907032]
    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-24 298776]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 navi;VeriSign Updater; C:\Program Files\VeriSign\NAVI\naviagent.exe [2004-10-22 40960]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-05-17 94208]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
    S2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe SVC []
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-15 68096]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-08-02 77944]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2009-02-19 121360]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------


    info.txt

    info.txt logfile of random's system information tool 1.06 2009-07-24 16:08:33

    ======Uninstall list======

    -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
    -->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
    -->C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Advertisement Service-->C:\WINDOWS\system32\net.net Uninstall
    Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    AutoCAD 2006 - Français-->MsiExec.exe /I{5783F2D7-4001-040C-0002-0060B0CE6BBA}
    AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
    AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
    AVS Video Editor 4-->"C:\Program Files\AVS4YOU\AVSVideoEditor4\unins000.exe"
    AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
    Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
    CCleaner (remove only)-->"F:\PROGRAMMES + LAISSER L+ OU NON\CCleaner\uninst.exe"
    CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Conexant AC-Link Audio-->CIAunwdm.exe
    Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]-->C:\WINDOWS\$NtUninstallKB885492$\spuninst\spuninst.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Dassault Systemes Software Prerequisites x86-->MsiExec.exe /X{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Favorit-->"c:\documents and settings\hp\local settings\application data\kkask.exe" -uninstall
    FBrowsingAdvisor-->"C:\Program Files\FBrowsingAdvisor\unins000.exe"
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    Garmin City Navigator Europe NT 2008-->MsiExec.exe /X{EEC8205A-E3DE-4C00-B60C-48E3B9B58B13}
    Garmin POI Loader-->MsiExec.exe /X{DFA1E2C8-A9DE-4B99-8B3C-866664B5F67C}
    Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD}
    Garmin WebUpdater-->MsiExec.exe /X{E0783143-EAE2-4047-A8D6-E155523C594C}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Business Inkjet 2800 series-->C:\Program Files\Hewlett-Packard\hp business inkjet 2800 series\Installer\setup.exe /x
    HP Business Inkjet 2800-->msiexec /x{4C136A31-7338-45CD-8B1E-09627C0B9BF0}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
    InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    iPod for Windows 2006-06-28-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BD57EA4D-026E-4F08-9B93-080E282B81FE} /l1036
    iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LeechFTP -->C:\WINDOWS\eraser.exe KILL "C:\Program Files\LeechFTP\uninstall.uif"
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
    MediaBar-->C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    mIRC-->"C:\Program Files\CCS\CCScript 2.0e\CCScript V2.exe" -uninstall
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour pour Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}
    Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre_web[1].exe /LANG="1036"
    Nokia PC Suite-->MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
    Nokia Software Launcher-->MsiExec.exe /I{A8C856AD-63CD-4613-AA29-E6C85607EA06}
    Nokia Software Updater-->MsiExec.exe /X{EF4F620F-F295-41D7-92C0-6B635709C850}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
    PC Connectivity Solution-->MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    Quick Launch Buttons 5.00 A6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x40c -uninst
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    SequoiaView-->F:\PROGRAMMES + LAISSER L+ OU NON\Uninstal.exe
    SketchUp 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B357C4B4-9024-4B64-9B3F-A6729031C3DD}\setup.exe" -l0x9
    SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_3080103C\HXFSETUP.EXE -U -Ihpm30805.inf
    Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
    SplitCam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00718491-55BF-46C6-83EF-4B3B95AC807A}\setup.exe" -l0x9 -removeonly
    Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Symantec Technical Support Web Controls-->MsiExec.exe /X{C4868E88-F5B5-4E45-9592-C7062BD97441}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Texas Instruments PCIxx21 SD Host Controller Driver-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{0044FCA6-7E16-4FF6-AF8A-186AF19435D7}
    Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C9D90376-50C8-4907-AFA2-CA77364A8D51}
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
    VeriSign i-Nav and Components-->C:\Program Files\VeriSign\NAVI\naviagent.exe uninstall=i-nav uimode=uninstall
    VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WahOO-->"C:\Program Files\WahOO\unins000.exe"
    Windows Driver Package - Garmin (grmnusb) GARMIN D
    Contenus similaires
    a c 267 8 Sécurité
    24 Juillet 2009 16:22:07

    Tu as plusieurs infections.

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Puis double-clique sur Navilog1 présent sur le Bureau.
    (Sous Vista, clique droit sur le raccourci de Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    24 Juillet 2009 17:04:09

    Voici la suite :

    Fix Navipromo version 4.0.1 commencé le 24/07/2009 16:24:59,21

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 18.07.2009 à 11h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) M processor 1.30GHz )
    BIOS : Phoenix NoteBIOS 4.0 Release 6.0
    USER : hp ( Administrator )
    BOOT : Normal boot

    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    Firewall : Norton Internet Worm Protection 2006 (Not Activated)

    C:\ (Local Disk) - NTFS - Total:55 Go (Free:29 Go)
    D:\ (CD or DVD)
    F:\ (Local Disk) - FAT32 - Total:279 Go (Free:205 Go)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\WINDOWS\prefetch\kkask*.pf supprimé !
    C:\Documents and Settings\hp\locals~1\applic~1\kkask.exe supprimé !
    C:\Documents and Settings\hp\locals~1\applic~1\kkask.dat supprimé !
    C:\Documents and Settings\hp\locals~1\applic~1\kkask_nav.dat supprimé !
    C:\Documents and Settings\hp\locals~1\applic~1\kkask_navps.dat supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\hp\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok

    Certificat Electronic-Group supprimé !
    Certificat OOO-Favorit supprimé !




    *** Scan terminé 24/07/2009 17:01:26,14 ***


    a c 267 8 Sécurité
    24 Juillet 2009 17:13:21

    Infection Navipromo supprimée, désinstalle Navilog1.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    24 Juillet 2009 17:38:10

    En effet, il y avait beaucoup d'infections...

    Malwarebytes' Anti-Malware 1.39
    Version de la base de données: 2493
    Windows 5.1.2600 Service Pack 3

    24/07/2009 17:37:35
    mbam-log-2009-07-24 (17-37-35).txt

    Type de recherche: Examen rapide
    Eléments examinés: 104089
    Temps écoulé: 19 minute(s), 23 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 22
    Valeur(s) du Registre infectée(s): 6
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 13

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\Documents and Settings\hp\Local Settings\Temp\443735001820mmx.dll (Spyware.OnlineGames) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\winapp.winsafe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\winapp.winsafe.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31a59636-0fa3-4a56-954d-db7ad02840d8} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8fcdf9d9-a28b-480f-8c3d-581f119a8ab8} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{deceaaa2-370a-49bb-9362-68c3a58ddc62} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{a36d2a01-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msWindows restore service (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\hp\Local Settings\Temp\443735001820mmx.dll (Spyware.OnlineGames) -> Delete on reboot.
    c:\program files\fbrowsingadvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    c:\program files\fbrowsingadvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    c:\program files\fbrowsingadvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    c:\program files\fbrowsingadvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    c:\program files\fbrowsingadvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
    C:\WINDOWS\Fonts\services.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\comsa32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\hp\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\hp\Application Data\wiaservg.log (Malware.Trace) -> Quarantined and deleted successfully.
    24 Juillet 2009 17:46:04

    J'ai redémarrer l'ordi pour supprimer le dernier fichier infecté, comme il le demandait.

    C:\Documents and Settings\hp\Local Settings\Temp\443735001820mmx.dll (Spyware.OnlineGames) -> Delete on reboot.
    a c 267 8 Sécurité
    24 Juillet 2009 17:54:41

    On va utiliser un outil plus puissant vu les infections rootkitées.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    24 Juillet 2009 18:31:58

    ComboFix 09-07-23.04 - hp 24/07/2009 18:05.1.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2014.1347 [GMT 2:00]
    Running from: c:\documents and settings\hp\Bureau\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\p2hhr.bat
    c:\recycler\S-1-5-21-2052111302-1500820517-839522115-1004
    C:\vyowk.exe
    c:\windows\Downloaded Program Files\popcaploader.dll
    c:\windows\Downloaded Program Files\popcaploader.inf
    c:\windows\Installer\10f8036.msp
    c:\windows\Installer\1327a8e.msi
    c:\windows\Installer\18504d.msp
    c:\windows\Installer\2140227.msp
    c:\windows\Installer\21402d1.msp
    c:\windows\Installer\25bd43e.msp
    c:\windows\Installer\4f7d84.msp
    c:\windows\Installer\c06f61.msi
    c:\windows\patch.exe
    c:\windows\system32\404Fix.exe
    c:\windows\system32\Agent.OMZ.Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\geyekrbnsyjsao.dll
    c:\windows\system32\geyekrlncrxiuc.dll
    c:\windows\system32\geyekropnneria.dat
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\Packet.dll
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\UACejxpxdqjmbtuxpqeo.db
    c:\windows\system32\UAClmnmrybaculttaktv.dat
    c:\windows\system32\uactmp.db
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\WanPacket.dll
    c:\windows\system32\wpcap.dll
    c:\windows\system32\WS2Fix.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_OREANS32
    -------\Service_NPF
    -------\Service_oreans32


    ((((((((((((((((((((((((( Files Created from 2009-06-24 to 2009-07-24 )))))))))))))))))))))))))))))))
    .

    2098-06-17 22:00 . 2000-07-14 22:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
    2009-07-24 15:16 . 2009-07-24 15:16 -------- d-----w- c:\documents and settings\hp\Application Data\Malwarebytes
    2009-07-24 15:16 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-07-24 15:16 . 2009-07-24 15:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-07-24 15:16 . 2009-07-24 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-07-24 15:16 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-07-24 14:23 . 2009-07-24 15:01 -------- d-----w- c:\program files\Navilog1
    2009-07-24 14:07 . 2009-07-24 14:08 -------- d-----w- c:\program files\trend micro
    2009-07-24 14:07 . 2009-07-24 14:08 -------- d-----w- C:\rsit
    2009-07-22 11:34 . 2009-07-22 11:34 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
    2009-07-22 10:52 . 2009-07-22 10:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
    2009-07-21 19:06 . 2009-07-21 19:06 -------- d-sh--w- c:\documents and settings\hp\IECompatCache
    2009-07-21 18:12 . 2009-07-21 18:12 -------- d-----w- c:\program files\iTunes
    2009-07-21 17:54 . 2009-07-21 17:54 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
    2009-07-20 17:10 . 2009-07-20 17:10 -------- d-sh--w- c:\documents and settings\hp\PrivacIE
    2009-07-20 17:07 . 2009-07-20 17:07 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
    2009-07-20 17:07 . 2009-07-20 17:07 -------- d-sh--w- c:\documents and settings\hp\IETldCache
    2009-07-20 16:37 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
    2009-07-20 16:37 . 2009-07-20 16:37 -------- d-----w- c:\windows\ie8updates
    2009-07-20 16:35 . 2009-04-30 21:16 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
    2009-07-20 16:35 . 2009-04-30 21:16 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
    2009-07-20 16:31 . 2009-07-20 16:35 -------- dc-h--w- c:\windows\ie8
    2009-07-18 20:33 . 2009-07-18 20:33 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
    2009-07-18 07:58 . 2009-07-18 07:58 -------- d-----w- c:\documents and settings\hp\Local Settings\Application Data\Temp
    2009-07-18 07:40 . 2009-07-18 07:40 -------- d-----w- c:\program files\Enigma Software Group
    2009-07-17 22:32 . 2009-07-22 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\14313434
    2009-07-16 18:26 . 2008-11-20 19:19 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
    2009-07-16 18:26 . 2008-11-20 19:19 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
    2009-07-16 18:25 . 2009-07-16 18:25 -------- d-----w- c:\windows\system32\IOSUBSYS
    2009-06-29 20:16 . 2009-06-29 20:16 -------- d-----w- c:\program files\Fichiers communs\DivX Shared

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-07-24 14:58 . 2008-06-07 07:24 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
    2009-07-22 17:10 . 2009-02-21 10:05 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-07-22 10:52 . 2008-06-07 07:33 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2009-07-22 10:52 . 2008-06-07 07:33 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2009-07-21 22:22 . 2009-03-03 16:14 -------- d-----w- c:\documents and settings\hp\Application Data\dvdcss
    2009-07-21 18:12 . 2005-05-27 09:12 -------- d-----w- c:\program files\iPod
    2009-07-21 18:12 . 2007-09-13 21:19 -------- d-----w- c:\program files\Fichiers communs\Apple
    2009-07-18 20:31 . 2008-05-07 06:55 0 ----a-r- c:\documents and settings\hp\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    2009-07-16 18:25 . 2005-10-27 15:50 -------- d-----w- c:\program files\Google
    2009-06-29 20:17 . 2009-01-20 17:33 -------- d-----w- c:\program files\DivX
    2009-06-29 14:33 . 2003-04-24 19:00 77916 ----a-w- c:\windows\system32\perfc00C.dat
    2009-06-29 14:33 . 2003-04-24 19:00 477072 ----a-w- c:\windows\system32\perfh00C.dat
    2009-06-29 10:41 . 2009-06-02 10:32 -------- d-----w- c:\program files\Movies2iPhone
    2009-06-16 14:40 . 2003-04-24 19:00 81920 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-16 14:40 . 2003-04-24 19:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-10 15:56 . 2009-06-10 15:56 -------- d-----w- c:\program files\WahOO
    2009-06-06 23:10 . 2008-03-09 10:09 -------- d-----w- c:\program files\AviSynth 2.5
    2009-06-03 19:10 . 2003-04-24 19:00 1297408 ----a-w- c:\windows\system32\quartz.dll
    2009-06-03 12:18 . 2005-05-27 09:13 -------- d-----w- c:\documents and settings\hp\Application Data\Apple Computer
    2009-06-03 12:15 . 2007-09-13 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2009-06-02 11:36 . 2009-06-02 11:11 -------- d-----w- c:\program files\QuickMediaConverter
    2009-06-02 07:41 . 2009-04-22 14:32 -------- d-----w- c:\program files\Unity
    2009-06-01 20:32 . 2006-08-07 01:29 -------- d-----w- c:\program files\QuickTime
    2009-06-01 20:26 . 2009-06-01 20:26 99700 ---ha-w- c:\windows\system32\mlfcache.dat
    2009-06-01 20:14 . 2008-09-29 12:36 -------- d-----w- c:\documents and settings\hp\Application Data\Nokia Multimedia Player
    2009-05-29 11:36 . 2009-06-01 20:19 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2009-05-29 11:36 . 2009-06-01 20:19 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
    2009-05-13 05:04 . 2005-02-18 15:36 915456 ----a-w- c:\windows\system32\wininet.dll
    2009-05-07 15:33 . 2003-04-24 19:00 348672 ----a-w- c:\windows\system32\localspl.dll
    2009-05-03 14:34 . 2009-04-29 13:53 24513328 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_1.4.98EN.exe
    2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
    2009-04-29 13:52 . 2009-04-29 13:52 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe
    2009-04-29 13:52 . 2009-04-29 13:52 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe
    2009-04-29 13:52 . 2009-04-29 13:52 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe
    2005-10-30 22:38 . 2005-10-30 22:37 243512 ----a-w- c:\program files\jre-1_5_0_05-windows-i586-p-iftw.exe
    2005-10-24 16:24 . 2005-10-24 12:41 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-27 1008896]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-27 1008896]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
    "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "Google Update"="c:\documents and settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-14 133104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "UpdateManager"="c:\program files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
    "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-27 98304]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-27 536576]
    "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
    "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
    "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
    "IgfxTray"="c:\windows\System32\igfxtray.exe" [2004-06-17 155648]
    "HPWPTOOLBOX"="c:\program files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe" [2004-10-21 327680]
    "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2004-06-17 118784]
    "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-05-27 278528]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-22 1948440]
    "NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
    "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
    "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Acc‚l‚rateur de d‚marrage AutoCAD.lnk - c:\program files\Fichiers communs\Autodesk Shared\acstart16.exe [2005-3-5 10872]
    Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-5-6 487424]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-4-25 809488]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2009-02-18 22:30 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2009-04-24 07:42 11952 ----a-w- c:\windows\system32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Hewlett-Packard\\HP Business Inkjet 2800 series\\Toolbox\\HPWPTBX.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Microsoft Office\\OFFICE11\\EXCEL.EXE"=
    "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\WINDOWS\\system32\\mcoinstall.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "1234:UDP"= 1234:UDP:freeplayer udp
    "31336:UDP"= 31336:UDP:free 1
    "31337:UDP"= 31337:UDP:free 2
    "20:TCP"= 20:TCP:Serveur FTP TCP 20

    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [07/06/2008 09:33 335752]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [07/06/2008 09:33 108552]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [24/04/2009 09:42 907032]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [09/01/2009 09:42 298776]
    R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [25/04/2009 17:53 10384]
    R2 navi;VeriSign Updater;c:\program files\VeriSign\NAVI\naviagent.exe uimode=agentupdate --> c:\program files\VeriSign\NAVI\naviagent.exe uimode=agentupdate [?]
    S3 BDA7700;DiBcom DIB7700 DVB-T;c:\windows\system32\drivers\bda7700.sys [26/07/2006 13:07 74880]
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [21/10/2006 10:47 21344]
    S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [11/05/2005 14:12 52384]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [11/05/2005 14:12 6096]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [11/05/2005 14:12 87456]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [11/05/2005 14:12 79248]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [11/05/2005 14:12 77072]
    S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?]
    S4 Shscdisichrs;Shscdisichrs; [x]

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Contents of the 'Scheduled Tasks' folder

    2009-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]

    2009-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004Core.job
    - c:\documents and settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-14 18:27]

    2009-07-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004UA.job
    - c:\documents and settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-14 18:27]

    2009-07-24 c:\windows\Tasks\User_Feed_Synchronization-{0A7DCAF4-880A-48AB-9834-2A080B3F0EC3}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]

    2009-07-24 c:\windows\Tasks\User_Feed_Synchronization-{FE70D0CE-6FC9-4D41-A6E3-B6F5D062CD73}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\Shell.exe
    HKCU-Run-SuperCopier2.exe - c:\program files\SuperCopier2\SuperCopier2.exe
    HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
    HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    HKLM-Run-Windows DLL Host - c:\windows\system32\dllhost32.exe
    HKLM-Run-SpySpotter System Defender - c:\program files\SpySpotter3\Defender.exe
    HKLM-Run-FTP Server - (no file)


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.igoogle.com/
    uInternet Connection Wizard,ShellNext = iexplore
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    Trusted Zone: canalplay.com
    Trusted Zone: canalplay.com
    Trusted Zone: canalplusactive.com
    TCP: {C1F20414-7C5C-4A7E-8482-92B6E8A1CC51} = 212.27.54.252,212.27.53.252
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
    DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--cd8c8b9d-f325-4a85-90b4-29e8fbfcf1dd/online/cooking_dash/fr/cookingdashweb.1.0.0.9.cab
    DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--abba468b-bf3e-4f00-9cd9-aaaeccbde8aa/online/parking_dash/fr/parkingdash.1.0.0.15.cab
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-24 18:22
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(1064)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
    c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

    - - - - - - - > 'explorer.exe'(3248)
    c:\program files\Logitech\SetPoint\lgscroll.dll
    c:\program files\iTunes\iTunesMiniPlayer.dll
    c:\program files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll
    c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
    c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr
    c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\VeriSign\NAVI\naviagent.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\AVG\AVG8\avgrsx.exe
    c:\progra~1\AVG\AVG8\avgnsx.exe
    c:\program files\AVG\AVG8\avgcsrvx.exe
    c:\progra~1\VeriSign\NAVI\NAVICL~1.EXE
    c:\windows\system32\rundll32.exe
    c:\windows\system32\wscntfy.exe
    c:\documents and settings\hp\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    c:\program files\HPQ\shared\hpqwmi.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    c:\program files\Logitech\Video\FxSvr2.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
    c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
    .
    **************************************************************************
    .
    Completion time: 2009-07-24 18:31 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-07-24 16:30

    Pre-Run: 31 105 748 992 octets libres
    Post-Run: 31 232 675 840 octets libres

    309 --- E O F --- 2009-07-22 13:02
    a c 267 8 Sécurité
    24 Juillet 2009 18:37:00

    /!\ Seul accoue peut suivre cette procédure /!\

    Désactive toute protection résidente (Antivirus...) !

    ---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

    KillAll::

    Driver::
    Shscdisichrs

    DirLook::
    c:\documents and settings\All Users\Application Data\14313434

    ---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

    - Colle (CTRL+V) le texte dans le Bloc-notes.
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer.
    - Quitte le Bloc-notes.

    ---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît, accepte.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
  • Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

    ;) 
    24 Juillet 2009 19:01:00

    Je viens de comprendre pourquoi tu viens de redire de désactiver les antivirus... Il restait un pare-feu d'activé... Je ne l'ai désactivé que maintenant, après avoir fait l'étape que tu viens de me dire. Est-ce que je dois recommencer cette étape ?

    En tout cas voici le rapport :


    ComboFix 09-07-23.04 - hp 24/07/2009 18:40.2.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2014.1383 [GMT 2:00]
    Running from: c:\documents and settings\hp\Bureau\ComboFix.exe
    Command switches used :: c:\documents and settings\hp\Bureau\CFScript.txt
    AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_Shscdisichrs


    ((((((((((((((((((((((((( Files Created from 2009-06-24 to 2009-07-24 )))))))))))))))))))))))))))))))
    .

    2098-06-17 22:00 . 2000-07-14 22:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
    2009-07-24 15:16 . 2009-07-24 15:16 -------- d-----w- c:\documents and settings\hp\Application Data\Malwarebytes
    2009-07-24 15:16 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-07-24 15:16 . 2009-07-24 15:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-07-24 15:16 . 2009-07-24 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-07-24 15:16 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-07-24 14:23 . 2009-07-24 15:01 -------- d-----w- c:\program files\Navilog1
    2009-07-24 14:07 . 2009-07-24 14:08 -------- d-----w- c:\program files\trend micro
    2009-07-24 14:07 . 2009-07-24 14:08 -------- d-----w- C:\rsit
    2009-07-22 11:34 . 2009-07-22 11:34 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
    2009-07-22 10:52 . 2009-07-22 10:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
    2009-07-21 19:06 . 2009-07-21 19:06 -------- d-sh--w- c:\documents and settings\hp\IECompatCache
    2009-07-21 18:12 . 2009-07-21 18:12 -------- d-----w- c:\program files\iTunes
    2009-07-21 17:54 . 2009-07-21 17:54 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
    2009-07-20 17:10 . 2009-07-20 17:10 -------- d-sh--w- c:\documents and settings\hp\PrivacIE
    2009-07-20 17:07 . 2009-07-20 17:07 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
    2009-07-20 17:07 . 2009-07-20 17:07 -------- d-sh--w- c:\documents and settings\hp\IETldCache
    2009-07-20 16:37 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
    2009-07-20 16:37 . 2009-07-20 16:37 -------- d-----w- c:\windows\ie8updates
    2009-07-20 16:35 . 2009-04-30 21:16 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
    2009-07-20 16:35 . 2009-04-30 21:16 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
    2009-07-20 16:31 . 2009-07-20 16:35 -------- dc-h--w- c:\windows\ie8
    2009-07-18 20:33 . 2009-07-18 20:33 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
    2009-07-18 07:58 . 2009-07-18 07:58 -------- d-----w- c:\documents and settings\hp\Local Settings\Application Data\Temp
    2009-07-18 07:40 . 2009-07-18 07:40 -------- d-----w- c:\program files\Enigma Software Group
    2009-07-17 22:32 . 2009-07-22 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\14313434
    2009-07-16 18:26 . 2008-11-20 19:19 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
    2009-07-16 18:26 . 2008-11-20 19:19 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
    2009-07-16 18:25 . 2009-07-16 18:25 -------- d-----w- c:\windows\system32\IOSUBSYS
    2009-06-29 20:16 . 2009-06-29 20:16 -------- d-----w- c:\program files\Fichiers communs\DivX Shared

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-07-24 14:58 . 2008-06-07 07:24 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
    2009-07-22 17:10 . 2009-02-21 10:05 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-07-22 10:52 . 2008-06-07 07:33 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2009-07-22 10:52 . 2008-06-07 07:33 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2009-07-21 22:22 . 2009-03-03 16:14 -------- d-----w- c:\documents and settings\hp\Application Data\dvdcss
    2009-07-21 18:12 . 2005-05-27 09:12 -------- d-----w- c:\program files\iPod
    2009-07-21 18:12 . 2007-09-13 21:19 -------- d-----w- c:\program files\Fichiers communs\Apple
    2009-07-18 20:31 . 2008-05-07 06:55 0 ----a-r- c:\documents and settings\hp\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    2009-07-16 18:25 . 2005-10-27 15:50 -------- d-----w- c:\program files\Google
    2009-06-29 20:17 . 2009-01-20 17:33 -------- d-----w- c:\program files\DivX
    2009-06-29 14:33 . 2003-04-24 19:00 77916 ----a-w- c:\windows\system32\perfc00C.dat
    2009-06-29 14:33 . 2003-04-24 19:00 477072 ----a-w- c:\windows\system32\perfh00C.dat
    2009-06-29 10:41 . 2009-06-02 10:32 -------- d-----w- c:\program files\Movies2iPhone
    2009-06-16 14:40 . 2003-04-24 19:00 81920 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-16 14:40 . 2003-04-24 19:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-10 15:56 . 2009-06-10 15:56 -------- d-----w- c:\program files\WahOO
    2009-06-06 23:10 . 2008-03-09 10:09 -------- d-----w- c:\program files\AviSynth 2.5
    2009-06-03 19:10 . 2003-04-24 19:00 1297408 ----a-w- c:\windows\system32\quartz.dll
    2009-06-03 12:18 . 2005-05-27 09:13 -------- d-----w- c:\documents and settings\hp\Application Data\Apple Computer
    2009-06-03 12:15 . 2007-09-13 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2009-06-02 11:36 . 2009-06-02 11:11 -------- d-----w- c:\program files\QuickMediaConverter
    2009-06-02 07:41 . 2009-04-22 14:32 -------- d-----w- c:\program files\Unity
    2009-06-01 20:32 . 2006-08-07 01:29 -------- d-----w- c:\program files\QuickTime
    2009-06-01 20:26 . 2009-06-01 20:26 99700 ---ha-w- c:\windows\system32\mlfcache.dat
    2009-06-01 20:14 . 2008-09-29 12:36 -------- d-----w- c:\documents and settings\hp\Application Data\Nokia Multimedia Player
    2009-05-29 11:36 . 2009-06-01 20:19 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2009-05-29 11:36 . 2009-06-01 20:19 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
    2009-05-13 05:04 . 2005-02-18 15:36 915456 ----a-w- c:\windows\system32\wininet.dll
    2009-05-07 15:33 . 2003-04-24 19:00 348672 ----a-w- c:\windows\system32\localspl.dll
    2009-05-03 14:34 . 2009-04-29 13:53 24513328 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_1.4.98EN.exe
    2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
    2009-04-29 13:52 . 2009-04-29 13:52 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe
    2009-04-29 13:52 . 2009-04-29 13:52 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe
    2009-04-29 13:52 . 2009-04-29 13:52 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe
    2005-10-30 22:38 . 2005-10-30 22:37 243512 ----a-w- c:\program files\jre-1_5_0_05-windows-i586-p-iftw.exe
    2005-10-24 16:24 . 2005-10-24 12:41 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
    .

    (((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    ---- Directory of c:\documents and settings\All Users\Application Data\14313434 ----



    ((((((((((((((((((((((((((((( SnapShot@2009-07-24_16.24.07 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-07-24 16:48 . 2009-07-24 16:48 16384 c:\windows\temp\Perflib_Perfdata_200.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-27 1008896]

    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-27 1008896]

    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
    "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "Google Update"="c:\documents and settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-14 133104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "UpdateManager"="c:\program files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-18 110592]
    "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-27 98304]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-27 536576]
    "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
    "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
    "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
    "IgfxTray"="c:\windows\System32\igfxtray.exe" [2004-06-17 155648]
    "HPWPTOOLBOX"="c:\program files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe" [2004-10-21 327680]
    "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2004-06-17 118784]
    "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-05-27 278528]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-22 1948440]
    "NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
    "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
    "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Acc‚l‚rateur de d‚marrage AutoCAD.lnk - c:\program files\Fichiers communs\Autodesk Shared\acstart16.exe [2005-3-5 10872]
    Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-5-6 487424]
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-4-25 809488]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2009-02-18 22:30 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2009-04-24 07:42 11952 ----a-w- c:\windows\system32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Hewlett-Packard\\HP Business Inkjet 2800 series\\Toolbox\\HPWPTBX.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Microsoft Office\\OFFICE11\\EXCEL.EXE"=
    "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
    "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\WINDOWS\\system32\\mcoinstall.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "1234:UDP"= 1234:UDP:freeplayer udp
    "31336:UDP"= 31336:UDP:free 1
    "31337:UDP"= 31337:UDP:free 2
    "20:TCP"= 20:TCP:Serveur FTP TCP 20

    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [07/06/2008 09:33 335752]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [07/06/2008 09:33 108552]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [24/04/2009 09:42 907032]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [09/01/2009 09:42 298776]
    R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [25/04/2009 17:53 10384]
    R2 navi;VeriSign Updater;c:\program files\VeriSign\NAVI\naviagent.exe uimode=agentupdate --> c:\program files\VeriSign\NAVI\naviagent.exe uimode=agentupdate [?]
    S3 BDA7700;DiBcom DIB7700 DVB-T;c:\windows\system32\drivers\bda7700.sys [26/07/2006 13:07 74880]
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [21/10/2006 10:47 21344]
    S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [11/05/2005 14:12 52384]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [11/05/2005 14:12 6096]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [11/05/2005 14:12 87456]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [11/05/2005 14:12 79248]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [11/05/2005 14:12 77072]
    S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?]

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Contents of the 'Scheduled Tasks' folder

    2009-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]

    2009-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004Core.job
    - c:\documents and settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-14 18:27]

    2009-07-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004UA.job
    - c:\documents and settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-14 18:27]

    2009-07-24 c:\windows\Tasks\User_Feed_Synchronization-{0A7DCAF4-880A-48AB-9834-2A080B3F0EC3}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]

    2009-07-24 c:\windows\Tasks\User_Feed_Synchronization-{FE70D0CE-6FC9-4D41-A6E3-B6F5D062CD73}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.igoogle.com/
    uInternet Connection Wizard,ShellNext = iexplore
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    Trusted Zone: canalplay.com
    Trusted Zone: canalplay.com
    Trusted Zone: canalplusactive.com
    TCP: {C1F20414-7C5C-4A7E-8482-92B6E8A1CC51} = 212.27.54.252,212.27.53.252
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.3/GarminAxControl.CAB
    DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--cd8c8b9d-f325-4a85-90b4-29e8fbfcf1dd/online/cooking_dash/fr/cookingdashweb.1.0.0.9.cab
    DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--abba468b-bf3e-4f00-9cd9-aaaeccbde8aa/online/parking_dash/fr/parkingdash.1.0.0.15.cab
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-24 18:49
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(1068)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
    c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

    - - - - - - - > 'explorer.exe'(3860)
    c:\program files\Logitech\SetPoint\lgscroll.dll
    c:\program files\iTunes\iTunesMiniPlayer.dll
    c:\program files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll
    c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
    c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr
    c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\VeriSign\NAVI\naviagent.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\AVG\AVG8\avgrsx.exe
    c:\progra~1\AVG\AVG8\avgnsx.exe
    c:\program files\AVG\AVG8\avgcsrvx.exe
    c:\progra~1\VeriSign\NAVI\NAVICL~1.EXE
    c:\windows\system32\wscntfy.exe
    c:\windows\system32\rundll32.exe
    c:\documents and settings\hp\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    c:\program files\HPQ\shared\hpqwmi.exe
    c:\program files\Logitech\Video\FxSvr2.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
    c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
    .
    **************************************************************************
    .
    Completion time: 2009-07-24 18:58 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-07-24 16:58
    ComboFix2.txt 2009-07-24 16:31

    Pre-Run: 31 269 003 264 octets libres
    Post-Run: 31 218 356 224 octets libres

    275 --- E O F --- 2009-07-22 13:02
    a c 267 8 Sécurité
    24 Juillet 2009 19:09:52

    Pas besoin de recommencer ;) 

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Refais un scan RSIT et poste le rapport log.
    24 Juillet 2009 19:13:03

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by hp at 2009-07-24 19:12:25
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 31 GB (54%) free of 57 GB
    Total RAM: 2014 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:12:41, on 24/07/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\VeriSign\NAVI\naviagent.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\Program Files\HPQ\SHARED\HPQWMI.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\hp\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\hp\Bureau\RSIT.exe
    C:\Program Files\trend micro\hp.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HPWPTOOLBOX] C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe "-i"
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
    O4 - .DEFAULT User Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe (User 'Default user')
    O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
    O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
    O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.canalplay.com
    O15 - Trusted Zone: *.canalplay.com (HKLM)
    O15 - Trusted Zone: *.canalplusactive.com (HKLM)
    O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.3/GarminAxContro...
    O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--1...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.canalblog.com/sharedDocs/misc/uploader/Image...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://accoue.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
    O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--1...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
    O16 - DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} (CPlayFirstParkingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--1...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F20414-7C5C-4A7E-8482-92B6E8A1CC51}: NameServer = 212.27.54.252,212.27.53.252
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Unknown owner - C:\Program Files\Inventel\Gateway\wlancfg.exe (file missing)

    --
    End of file - 13801 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-594981481-3022658624-4292412156-1004UA.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{0A7DCAF4-880A-48AB-9834-2A080B3F0EC3}.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{FE70D0CE-6FC9-4D41-A6E3-B6F5D062CD73}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE000992-A58C-4441-8938-744CD72AB27F}]
    i-Nav IDN Resolver - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll [2005-05-02 446464]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-12-16 429816]
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-27 1008896]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "UpdateManager"=C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-27 98304]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-27 536576]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
    "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
    "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
    "IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2004-06-17 155648]
    "HPWPTOOLBOX"=C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe [2004-10-21 327680]
    "HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2004-06-17 118784]
    "eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-05-27 278528]
    "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-07-22 1948440]
    "NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [2007-09-07 3100672]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
    "LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "Google Update"=C:\Documents and Settings\hp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-14 133104]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Accélérateur de démarrage AutoCAD.lnk - C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Documents and Settings\hp\Menu Démarrer\Programmes\Démarrage
    MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-04-24 11952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2004-06-17 344064]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-19 72208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe"="C:\Program Files\Hewlett-Packard\HP Business Inkjet 2800 series\Toolbox\HPWPTBX.exe:*:D isabled:Toolbox for HP Printing System for Windows"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:Microsoft Office Excel"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:D isabled:Windows Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    ======File associations======

    .scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2098-06-18 00:00:00 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
    2009-07-24 19:12:03 ----SD---- C:\ComboFix
    2009-07-24 18:58:44 ----A---- C:\ComboFix.txt
    2009-07-24 18:45:49 ----D---- C:\WINDOWS\temp
    2009-07-24 17:58:28 ----D---- C:\WINDOWS\ERDNT
    2009-07-24 17:16:46 ----D---- C:\Documents and Settings\hp\Application Data\Malwarebytes
    2009-07-24 17:16:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-07-24 17:16:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-07-24 16:24:06 ----A---- C:\cleannavi.txt
    2009-07-24 16:23:38 ----D---- C:\Program Files\Navilog1
    2009-07-24 16:07:49 ----D---- C:\Program Files\trend micro
    2009-07-24 16:07:48 ----D---- C:\rsit
    2009-07-22 12:52:19 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    2009-07-21 20:12:01 ----D---- C:\Program Files\iTunes
    2009-07-20 18:37:00 ----D---- C:\WINDOWS\ie8updates
    2009-07-20 18:35:08 ----A---- C:\WINDOWS\imsins.BAK
    2009-07-20 18:31:48 ----HDC---- C:\WINDOWS\ie8
    2009-07-18 22:33:26 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-07-18 10:23:35 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-07-18 10:23:19 ----A---- C:\rapport.txt
    2009-07-18 09:40:32 ----D---- C:\Program Files\Enigma Software Group
    2009-07-18 00:32:18 ----D---- C:\Documents and Settings\All Users\Application Data\14313434
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-07-16 20:26:42 ----N---- C:\WINDOWS\system32\px.dll
    2009-07-16 20:25:38 ----D---- C:\WINDOWS\system32\IOSUBSYS
    2009-07-15 15:07:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-07-15 15:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-07-15 15:02:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
    2009-06-29 22:16:54 ----D---- C:\Program Files\Fichiers communs\DivX Shared

    ======List of files/folders modified in the last 1 months======

    2009-07-24 19:12:32 ----SHD---- C:\System Volume Information
    2009-07-24 19:12:15 ----D---- C:\WINDOWS
    2009-07-24 19:12:10 ----D---- C:\WINDOWS\system32
    2009-07-24 18:58:47 ----D---- C:\WINDOWS\system32\drivers
    2009-07-24 18:55:36 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-24 18:51:16 ----A---- C:\WINDOWS\system.ini
    2009-07-24 18:46:30 ----D---- C:\WINDOWS\system32\config
    2009-07-24 18:44:19 ----D---- C:\WINDOWS\AppPatch
    2009-07-24 18:44:11 ----D---- C:\Program Files\Fichiers communs
    2009-07-24 18:40:08 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-24 18:28:57 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-07-24 18:17:09 ----SHD---- C:\WINDOWS\Installer
    2009-07-24 18:16:41 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-07-24 17:51:27 ----D---- C:\WINDOWS\Prefetch
    2009-07-24 17:37:35 ----D---- C:\Program Files
    2009-07-24 17:37:34 ----SD---- C:\WINDOWS\Tasks
    2009-07-24 17:37:34 ----RSD---- C:\WINDOWS\Fonts
    2009-07-24 16:58:39 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2009-07-24 16:52:19 ----HD---- C:\$AVG8.VAULT$
    2009-07-22 19:10:54 ----D---- C:\Program Files\Microsoft Silverlight
    2009-07-22 17:42:50 ----D---- C:\Documents and Settings\hp\Application Data\Adobe
    2009-07-22 17:42:50 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-07-22 12:53:18 ----D---- C:\Documents and Settings
    2009-07-22 12:53:06 ----HD---- C:\WINDOWS\inf
    2009-07-22 00:22:08 ----D---- C:\Documents and Settings\hp\Application Data\dvdcss
    2009-07-21 20:12:08 ----D---- C:\Program Files\iPod
    2009-07-21 20:12:05 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-07-20 19:06:02 ----D---- C:\WINDOWS\system32\fr-fr
    2009-07-20 19:06:01 ----D---- C:\WINDOWS\Media
    2009-07-20 19:06:01 ----D---- C:\Program Files\Internet Explorer
    2009-07-20 19:06:00 ----D---- C:\WINDOWS\Help
    2009-07-20 18:37:40 ----HD---- C:\WINDOWS\$hf_mig$
    2009-07-20 18:28:27 ----D---- C:\WINDOWS\Debug
    2009-07-18 22:33:26 ----D---- C:\Program Files\Fichiers communs\System
    2009-07-18 20:31:42 ----D---- C:\WINDOWS\Minidump
    2009-07-18 11:00:53 ----RASH---- C:\boot.ini
    2009-07-18 11:00:53 ----A---- C:\WINDOWS\win.ini
    2009-07-16 20:25:23 ----D---- C:\Program Files\Google
    2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-07-06 18:58:14 ----D---- C:\Garmin
    2009-06-29 22:17:11 ----D---- C:\Program Files\DivX
    2009-06-29 16:33:31 ----D---- C:\WINDOWS\system32\wbem
    2009-06-29 16:33:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-06-29 12:41:01 ----D---- C:\Program Files\Movies2iPhone

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-22 335752]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-22 27784]
    R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-24 108552]
    R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\System32\drivers\EABFiltr.sys []
    R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]
    R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-18 10384]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
    R2 Ndismeetro;Meetro NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\ndismeetro.sys [2005-06-10 34688]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 BCM43XX;Pilote pour carte réseau BCM 802.11b; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2003-09-25 285056]
    R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-29 292352]
    R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-29 274688]
    R3 catchme;catchme; \??\C:\DOCUME~1\hp\LOCALS~1\Temp\catchme.sys []
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2006-03-20 45056]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
    R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
    R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-06-17 708989]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-05-27 7136]
    R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-05-27 913280]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-24 5888]
    R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2004-04-26 69504]
    R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 SPLITCAM;Splitcam, WDM Camera Stream Splitter; C:\WINDOWS\system32\DRIVERS\splitcam.sys [2006-05-01 13824]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2004-05-27 182720]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]
    R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230]
    R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-04-22 98048]
    R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]
    R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-04-22 52608]
    R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
    R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
    S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
    S3 BDA7700;DiBcom DIB7700 DVB-T; C:\WINDOWS\System32\Drivers\bda7700.sys [2006-03-31 74880]
    S3 Bridge;Pont MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
    S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 52384]
    S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 6096]
    S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 87456]
    S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 79248]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 77072]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2005-02-01 348640]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851]
    S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-05-29 39424]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
    R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-22 907032]
    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-24 298776]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 navi;VeriSign Updater; C:\Program Files\VeriSign\NAVI\naviagent.exe [2004-10-22 40960]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-05-17 94208]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
    S2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe SVC []
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-15 68096]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-08-02 77944]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2009-02-19 121360]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------
    a c 267 8 Sécurité
    24 Juillet 2009 19:16:38

    Plus de souci ?

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\Documents and Settings\All Users\Application Data\14313434
    C:\WINDOWS\system32\tmp.txt

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    24 Juillet 2009 19:26:15

    Voici le dernier rapport.
    Par contre, l'ordi a rebboté, et en rouvrant Google Chrome, mon navigateur internet, je me suis rendu compte que je n'avais plus aucun favoris internet...


    All processes killed
    ========== PROCESSES ==========
    Process explorer.exe killed successfully!
    ========== FILES ==========
    C:\Documents and Settings\All Users\Application Data\14313434 moved successfully.
    C:\WINDOWS\system32\tmp.txt moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: compte 2

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: hp
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 13464722 bytes
    ->Java cache emptied: 13425356 bytes
    ->Google Chrome cache emptied: 399332103 bytes
    ->Apple Safari cache emptied: 6536983 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 32835 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 1139202 bytes
    %systemroot%\System32 .tmp files removed: 3748864 bytes
    Windows Temp folder emptied: 108 bytes
    RecycleBin emptied: 3845621 bytes

    Total Files Cleaned = 421,07 mb


    OTM by OldTimer - Version 3.0.0.5 log created on 07242009_191913

    Files moved on Reboot...

    Registry entries deleted on Reboot...
    24 Juillet 2009 19:26:57

    Ils sont cependant tjs presents dans IE...
    a c 267 8 Sécurité
    24 Juillet 2009 19:29:52

    Ils ont disparu quand ?
    24 Juillet 2009 19:31:50

    Ils etaient encore là avant que l'ordi reboot.
    Heureusement que je me souvenais du nom du forum... Sinon, j'aurais eu du mal a te retrouver...
    Mais ce n'est pas très grave. Cela ne faisait pas tres longtemps que j'utilisais Google Chrome, au pire, j'ai perdu une dizaine de favoris, les autres, je peux les réimporter de IE.

    Est-ce que mon ordi est débarrassé de tous virus maintenant ?
    Autre question, Est-ce que je dois désinstallé AVG pour préférer installer celui qui est conseillé sur votre forum, AntiVir ?
    a c 267 8 Sécurité
    24 Juillet 2009 19:38:46

    C'est OTM qui a dû faire du tri, je ne sais pas exactement.

    A part ça, plus de souci ?
    24 Juillet 2009 19:40:42

    zut je viens d'editer mon message du dessus... relis le stp
    a c 267 8 Sécurité
    24 Juillet 2009 19:41:51

    A propos de l'antivirus, c'est comme tu veux.
    24 Juillet 2009 19:45:34

    Ok.

    Je te remercie énormément d'avoir passé tout ce temps à m'aider. C'est franchement sympa de tomber sur des gens qui aident sans rien demander en échange.
    Je garde ce site dans mes favoris et le conseillerais à mes amis qui ssont ou seront en difficultés.
    MERCI BEAUCOUP !!!
    a c 267 8 Sécurité
    24 Juillet 2009 19:46:38

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    24 Juillet 2009 20:08:54

    première étape
    [ Rapport ToolsCleaner version 2.3.7 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\Combofix.txt: trouvé !
    C:\cleannavi.txt: trouvé !
    C:\Combofix: trouvé !
    C:\_OTM: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\hp\Bureau\OTM.exe: trouvé !
    C:\Documents and Settings\hp\Bureau\ComboFix.exe: trouvé !
    C:\Documents and Settings\hp\Bureau\Rsit.exe: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Navilog1\Navilog1.bat: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\hp\Bureau\OTM.exe: supprimé !
    C:\Documents and Settings\hp\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
    C:\Program Files\Navilog1\Navilog1.bat: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\Combofix.txt: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\Documents and Settings\hp\Bureau\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\Combofix: supprimé !
    C:\_OTM: supprimé !
    C:\Rsit: supprimé !
    C:\Program Files\Navilog1: supprimé !
    a c 267 8 Sécurité
    24 Juillet 2009 20:25:53

    Tu peux supprimer ToolsCleaner et ComboFix.
    24 Juillet 2009 21:59:32

    Merci.
    J'ai eu du mal a reposter un message dans le forum, il me disait de m'identifier alors que je l'etais, je n'ai pas tout compris...
    J'ai marqué le topic comme étant résolu, je te remercie encore Destrio5 ;) 
    a c 267 8 Sécurité
    24 Juillet 2009 22:04:04

    Bonne soirée ;) 

    Et n'hésite pas à revenir si tu as un souci.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS