Votre question

[Résolu]Win 32 trojan gen other

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Mai 2009 22:22:32

Bonsoir ^^ vous allez bien ?

voila j'ai un ptit prob avast me trouve un virus win32 trojan gen other masi ne peut pas l'effacer , est ce que vous pourriez m'aider a regler ce petit probleme :p  je vous remercie d'avance , car c asse ennuyant il ne marche que en mode sans echec :s
bonne soirée ^^

Autres pages sur : resolu win trojan gen other

a c 312 8 Sécurité
9 Mai 2009 22:23:19

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    9 Mai 2009 22:36:24

    re et merci de votre aide ^^ tenez le rapport


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-05-09 22:34:18
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 2 GB (15%) free of 15 GB
    Total RAM: 1023 MB (47% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:34:39, on 09/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    d:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe
    d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Bureau\RSIT.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qk...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "d:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKLM\..\Policies\Explorer\Run: [Lsass Service] C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{271308C6-CD83-4B7D-A0B4-B93D598918E4}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{81DF945F-FB70-4A8E-90FA-E4E6593AA7B2}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9325 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Maintenance en 1 clic.job
    C:\WINDOWS\tasks\XoftSpySE 2.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
    C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-02-27 1194496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Barre d'outils &Crawler - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-02-27 1194496]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-30 13594624]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-30 86016]
    "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-10-18 802816]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-10-18 696320]
    "SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2009-03-03 2233856]
    "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-06-01 573440]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-12 774233]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "avast!"=d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "ZoneAlarm Client"=d:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-06-21 919016]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    "Lsass Service"=C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe [2009-05-09 65024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]

    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Menu Démarrer\Programmes\Démarrage
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "MemCheckBoxInRunDlg"=1
    "NoSMBalloonTip"=1
    "NoDesktopCleanupWizard"=1
    "NoWelcomeScreen"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
    "C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Temp\IXP000.TMP\Zone Alarm Pro.exe"="C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Temp\IXP000.TMP\Zone Alarm Pro.exe:*:Enabled:C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\IXP000.TMP\Zone Alarm Pro.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0315b958-096f-11de-a2d9-0018f3004528}]
    shell\Auto\command - auto.exe
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d43d830-1620-11de-a302-d1c3ec9559e9}]
    shell\AutoRun\command - WDSetup.exe


    ======List of files/folders created in the last 1 months======

    2009-05-09 22:34:18 ----D---- C:\rsit
    2009-05-09 21:07:34 ----D---- C:\WINDOWS\CSC
    2009-05-09 21:07:22 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-05-09 18:50:32 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-09 16:47:16 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll
    2009-05-09 16:47:06 ----A---- C:\WINDOWS\system32\vsregexp.dll
    2009-05-09 16:47:06 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
    2009-05-09 16:46:55 ----A---- C:\WINDOWS\system32\zlcommdb.dll
    2009-05-09 16:46:55 ----A---- C:\WINDOWS\system32\zlcomm.dll
    2009-05-09 16:46:47 ----A---- C:\WINDOWS\system32\vswmi.dll
    2009-05-09 16:46:39 ----A---- C:\WINDOWS\system32\zpeng24.dll
    2009-05-09 16:46:37 ----A---- C:\WINDOWS\system32\vsxml.dll
    2009-05-09 16:46:31 ----A---- C:\WINDOWS\system32\vspubapi.dll
    2009-05-09 16:46:29 ----A---- C:\WINDOWS\system32\vsmonapi.dll
    2009-05-09 16:45:38 ----A---- C:\WINDOWS\system32\vsutil.dll
    2009-05-09 16:45:38 ----A---- C:\WINDOWS\system32\vsinit.dll
    2009-05-09 16:45:38 ----A---- C:\WINDOWS\system32\vsdata.dll
    2009-05-09 15:56:50 ----A---- C:\WINDOWS\system32\MSVCP71.dll
    2009-05-09 15:56:50 ----A---- C:\WINDOWS\system32\MFC71.dll
    2009-05-09 15:56:50 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-05-09 15:26:15 ----A---- C:\WINDOWS\system32\gxvxchcenwjdkjsnapltdotxeupawuvxednta.dll
    2009-05-09 15:25:42 ----A---- C:\WINDOWS\system32\SYS32DLL.exe
    2009-05-09 15:25:42 ----A---- C:\SYS32DLL.bat
    2009-05-09 15:25:41 ----A---- C:\WINDOWS\st_1241885842.exe
    2009-05-09 15:25:40 ----D---- C:\WINDOWS\system32\796525
    2009-05-08 14:09:49 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Media Player Classic
    2009-05-08 10:30:15 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-08 10:30:15 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-08 10:30:15 ----A---- C:\WINDOWS\system32\java.exe
    2009-04-22 18:26:42 ----D---- C:\WINDOWS\system32\AGEIA
    2009-04-22 18:26:40 ----D---- C:\Program Files\AGEIA Technologies
    2009-04-22 18:23:23 ----D---- C:\NVIDIA
    2009-04-21 12:36:00 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
    2009-04-21 12:36:00 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
    2009-04-21 12:35:57 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
    2009-04-21 12:35:56 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
    2009-04-21 12:35:56 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
    2009-04-21 12:35:55 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
    2009-04-21 12:35:54 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
    2009-04-21 12:35:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
    2009-04-21 12:35:52 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
    2009-04-21 12:35:49 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
    2009-04-21 12:35:48 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
    2009-04-21 12:35:48 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
    2009-04-21 12:35:47 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
    2009-04-21 12:35:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
    2009-04-21 12:35:45 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
    2009-04-21 12:35:45 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
    2009-04-21 12:35:44 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2009-04-21 12:35:42 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2009-04-21 12:35:42 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2009-04-21 12:35:40 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
    2009-04-21 12:35:39 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-04-21 12:35:38 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-04-21 12:35:37 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-04-21 12:35:36 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2009-04-21 12:35:34 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2009-04-21 12:35:34 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2009-04-21 12:35:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2009-04-17 18:52:05 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\LG Electronics
    2009-04-17 15:18:53 ----D---- C:\Program Files\LG Electronics
    2009-04-17 15:17:39 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\InstallShield

    ======List of files/folders modified in the last 1 months======

    2009-05-09 22:34:09 ----D---- C:\WINDOWS\Temp
    2009-05-09 22:29:27 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-09 22:28:50 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\OpenOffice.org2
    2009-05-09 22:02:28 ----D---- C:\WINDOWS\Internet Logs
    2009-05-09 21:53:52 ----D---- C:\WINDOWS
    2009-05-09 21:53:52 ----AD---- C:\WINDOWS\system32
    2009-05-09 21:41:25 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2009-05-09 20:56:55 ----D---- C:\WINDOWS\system32\drivers
    2009-05-09 19:48:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-05-09 18:12:27 ----D---- C:\Program Files\Spyware Terminator
    2009-05-09 17:54:58 ----D---- C:\WINDOWS\system32\config
    2009-05-09 16:47:23 ----D---- C:\WINDOWS\system32\ZoneLabs
    2009-05-09 15:25:38 ----SHD---- C:\RECYCLER
    2009-05-09 15:22:11 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Spyware Terminator
    2009-05-09 12:45:40 ----D---- C:\WINDOWS\Prefetch
    2009-05-09 12:00:54 ----SHD---- C:\WINDOWS\Installer
    2009-05-09 12:00:41 ----HD---- C:\Config.Msi
    2009-05-09 10:07:34 ----D---- C:\Program Files\BitSpirit
    2009-05-09 10:07:18 ----D---- C:\Program Files\Fichiers communs\BitSpirit
    2009-05-08 19:05:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator
    2009-05-08 14:15:49 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-08 10:30:03 ----D---- C:\Program Files\Java
    2009-05-04 20:21:23 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
    2009-05-04 14:36:08 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\dvdcss
    2009-04-28 22:47:38 ----HD---- C:\LG3G
    2009-04-28 22:36:16 ----HD---- C:\WINDOWS\inf
    2009-04-22 18:30:05 ----D---- C:\WINDOWS\nview
    2009-04-22 18:30:05 ----D---- C:\WINDOWS\Help
    2009-04-22 18:26:27 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-04-22 18:25:11 ----D---- C:\WINDOWS\system32\dllcache
    2009-04-21 12:36:02 ----D---- C:\WINDOWS\system32\DirectX
    2009-04-20 18:06:12 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-04-17 15:18:53 ----RD---- C:\Program Files
    2009-04-17 00:21:25 ----D---- C:\Program Files\WinClamAVShield
    2009-04-16 00:20:35 ----D---- C:\WINDOWS\Debug

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320]
    R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-06-21 394984]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-03 21425]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-10-19 12544]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-03-31 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2007-03-18 14080]
    R3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-18 5632]
    R3 NETw3x32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-10-17 1711104]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-03-31 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-30 6250848]
    R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-07-14 28544]
    R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
    R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-07-14 307968]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2006-03-02 67584]
    R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-06-01 894336]
    R3 SynMini;USB2.0 VGA WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
    R3 SynScan;USB2.0 VGA WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-12 193056]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-03-18 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-03-18 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-03-18 20480]
    S3 a9bx11dd;a9bx11dd; C:\WINDOWS\system32\drivers\a9bx11dd.sys []
    S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-21 142848]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2007-03-18 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-03-18 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-03-18 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2007-03-18 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2007-03-18 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2007-03-18 10880]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2007-03-18 20992]
    S3 SaiHA503;SaiHA503; C:\WINDOWS\system32\DRIVERS\SaiHA503.sys [2007-05-01 132232]
    S3 SaiLA503;SaiLA503; C:\WINDOWS\system32\DRIVERS\SaiLA503.sys [2007-05-01 15488]
    S3 SaiUA503;SaiUA503; C:\WINDOWS\system32\DRIVERS\SaiUA503.sys [2007-05-01 28416]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2007-03-18 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2007-03-18 15360]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-03-18 26496]
    S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2007-03-18 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-18 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-18 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2006-03-02 73600]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; d:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-10-18 434176]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-30 168004]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-10-18 327680]
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-10-18 946176]
    R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-03-03 540672]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-06-21 75304]
    R3 avast! Mail Scanner;avast! Mail Scanner; d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; d:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------
    Contenus similaires
    a c 312 8 Sécurité
    9 Mai 2009 22:42:45

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    9 Mai 2009 23:04:14

    re voici le rapport
    ComboFix 09-05-08.03 - Administrateur 09/05/2009 22:48.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.492 [GMT 2:00]
    Lancé depuis: c:\documents and settings\Administrateur.WINXPCRA-B3127B\Bureau\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe
    c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    c:\recycler\S-9-7-19-100008889-100012520-100020595-3776.com
    c:\windows\system32\gxvxchcenwjdkjsnapltdotxeupawuvxednta.dll
    c:\windows\system32\SYS32DLL.exe
    d:\recycler\S-9-7-19-100008889-100012520-100020595-3776.com

    ----- BITS: Il y a peut-être des sites infectés -----

    hxxp://updateserver.info
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-09 au 2009-05-09 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-09 20:34 . 2009-05-09 20:34 -------- d-----w C:\rsit
    2009-05-09 14:47 . 2009-05-09 20:29 4212 ---h--w c:\windows\system32\zllictbl.dat
    2009-05-09 14:47 . 2007-06-21 19:55 54672 ----a-w c:\windows\system32\vsutil_loc040c.dll
    2009-05-09 14:46 . 2007-06-21 19:54 1086952 ----a-w c:\windows\system32\zpeng24.dll
    2009-05-09 13:56 . 2003-03-18 19:20 1060864 ----a-w c:\windows\system32\MFC71.dll
    2009-05-09 13:56 . 2003-03-18 18:14 499712 ----a-w c:\windows\system32\MSVCP71.dll
    2009-05-09 13:25 . 2009-05-09 13:25 -------- d-----r c:\documents and settings\LocalService.AUTORITE NT.000\Favoris
    2009-05-09 13:25 . 2009-05-09 13:25 1199 ----a-w C:\SYS32DLL.bat
    2009-05-09 13:25 . 2009-05-09 13:25 17408 ----a-w c:\windows\st_1241885842.exe
    2009-05-09 13:25 . 2009-05-09 15:30 -------- d-----w c:\windows\system32\796525
    2009-05-08 12:09 . 2009-05-08 12:09 -------- d-----w c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\Media Player Classic
    2009-04-22 16:26 . 2009-04-22 16:26 -------- d-----w c:\windows\system32\AGEIA
    2009-04-22 16:26 . 2009-04-22 16:26 -------- d-----w c:\program files\AGEIA Technologies
    2009-04-22 16:23 . 2009-04-22 16:23 -------- d-----w C:\NVIDIA
    2009-04-21 10:50 . 2009-04-21 10:50 -------- d-----w c:\documents and settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Funcom
    2009-04-21 10:36 . 2009-03-09 13:27 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll
    2009-04-21 10:36 . 2009-03-09 13:27 453456 ----a-w c:\windows\system32\d3dx10_41.dll
    2009-04-17 16:52 . 2009-04-17 16:52 -------- d-----w c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\LG Electronics
    2009-04-17 13:18 . 2007-07-11 08:45 21632 ----a-w c:\windows\system32\drivers\lgusbmodem.sys
    2009-04-17 13:18 . 2007-07-11 13:51 19840 ----a-w c:\windows\system32\drivers\lgusbdiag.sys
    2009-04-17 13:18 . 2007-07-11 08:40 12416 ----a-w c:\windows\system32\drivers\lgusbbus.sys
    2009-04-17 13:18 . 2009-04-17 13:18 -------- d-----w c:\program files\LG Electronics
    2009-04-17 13:17 . 2009-04-17 13:17 -------- d-----w c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\InstallShield

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-09 19:00 . 2009-05-09 20:02 2035200 ----a-w c:\windows\Internet Logs\xDB1.tmp
    2009-05-09 17:39 . 2009-05-09 17:39 165094 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_05_09_18_56_22_small.dmp.zip
    2009-05-09 16:12 . 2008-04-16 08:43 -------- d-----w c:\program files\Spyware Terminator
    2009-05-09 10:45 . 2009-03-03 12:23 12680 ----a-w c:\documents and settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-05-09 08:07 . 2009-03-03 22:24 -------- d-----w c:\program files\BitSpirit
    2009-05-09 08:07 . 2009-03-03 22:24 -------- d-----w c:\program files\Fichiers communs\BitSpirit
    2009-05-08 08:30 . 2006-11-13 16:47 -------- d-----w c:\program files\Java
    2009-04-22 16:26 . 2006-11-12 17:23 -------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
    2009-04-20 16:06 . 2006-11-19 15:36 -------- d--h--w c:\program files\InstallShield Installation Information
    2009-04-16 22:21 . 2008-05-21 09:37 -------- d-----w c:\program files\WinClamAVShield
    2009-04-01 09:55 . 2006-03-02 10:00 11973 ----a-w c:\windows\system32\drivers\secdrv.sys
    2009-04-01 08:57 . 2009-04-01 08:57 -------- d-----w c:\program files\Ahead
    2009-03-30 19:47 . 2006-03-02 10:00 83484 ----a-w c:\windows\system32\perfc00C.dat
    2009-03-30 19:47 . 2006-03-02 10:00 505148 ----a-w c:\windows\system32\perfh00C.dat
    2009-03-16 12:18 . 2009-04-21 10:35 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll
    2009-03-16 12:18 . 2009-04-21 10:35 517448 ----a-w c:\windows\system32\XAudio2_4.dll
    2009-03-16 12:18 . 2009-04-21 10:35 235352 ----a-w c:\windows\system32\xactengine3_4.dll
    2009-03-16 12:18 . 2009-04-21 10:35 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll
    2009-03-11 12:03 . 2009-03-11 12:03 -------- d-----w c:\program files\TeaTimer (Spybot - Search & Destroy)
    2009-03-09 13:27 . 2009-04-21 10:35 4178264 ----a-w c:\windows\system32\D3DX9_41.dll
    2009-03-09 03:19 . 2009-03-16 18:33 410984 ----a-w c:\windows\system32\deploytk.dll
    2009-03-05 10:39 . 2009-03-05 10:42 90112 ----a-w c:\windows\system32\p5dll.dll
    2009-03-05 10:37 . 2009-03-05 10:37 4096 ----a-w c:\windows\d3dx.dat
    2009-03-05 10:16 . 2009-03-05 10:08 717296 ----a-w c:\windows\system32\drivers\sptd.sys
    2009-03-03 16:58 . 2009-03-03 16:58 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
    2009-03-03 12:30 . 2009-03-03 12:30 319488 ----a-w c:\windows\system32\AegisI5Installer.exe
    2009-03-03 12:30 . 2009-03-03 12:30 21425 ----a-w c:\windows\system32\drivers\AegisP.sys
    2009-03-03 12:30 . 2009-03-03 10:50 86331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-03-03 11:48 . 2009-03-03 11:48 0 ----a-w c:\windows\nsreg.dat
    2009-03-03 11:39 . 2009-03-03 11:39 153 ----a-w c:\documents and settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\fusioncache.dat
    2009-03-03 11:38 . 2009-03-03 11:38 2272 ----a-w c:\documents and settings\LocalService.AUTORITE NT.000\Local Settings\Application Data\FontCache3.0.0.0.dat
    2009-03-03 10:50 . 2006-03-02 10:00 67 --sha-w c:\windows\Fonts\desktop.ini
    2009-03-03 10:47 . 2009-03-03 10:47 21892 ----a-w c:\windows\system32\emptyregdb.dat
    2009-02-21 16:03 . 2007-04-21 16:19 26512 ----a-w c:\documents and settings\MaxXx\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-02-09 18:56 . 2009-03-04 11:15 67584 ----a-w c:\windows\system32\ff_vfw.dll
    2007-01-10 14:24 . 2007-01-10 14:24 278528 ----a-w c:\program files\Fichiers communs\FDEUnInstaller.exe
    2006-12-29 22:33 . 2007-04-02 12:48 4704 ----a-w c:\program files\satsukidecodersettings.ini
    2003-06-09 05:38 . 2007-02-28 11:01 106496 ----a-w c:\program files\mozilla firefox\plugins\cdrPeops.dll
    2003-07-31 21:20 . 2007-02-28 11:01 385024 ----a-w c:\program files\mozilla firefox\plugins\gpuPeteD3D.dll
    2003-07-31 21:21 . 2007-02-28 11:01 401408 ----a-w c:\program files\mozilla firefox\plugins\gpuPeteDX6D3D.dll
    2003-07-31 21:19 . 2007-02-28 11:01 397312 ----a-w c:\program files\mozilla firefox\plugins\gpuPeteOpenGL.dll
    2003-06-09 05:38 . 2007-02-28 11:01 77824 ----a-w c:\program files\mozilla firefox\plugins\spuPeopsDSound.dll
    .

    ------- Sigcheck -------

    [-] 2007-03-18 14:31 360576 C7BE59B07C6EB74BEA6FD67C1B164015 c:\windows\system32\drivers\tcpip.sys

    [-] 2007-03-20 21:36 2140672 7322182EF6E0BC440380AF9B59133DE6 c:\windows\system32\ntoskrnl.exe

    [-] 2007-04-09 09:50 2691584 5284B332F274BE2B576B2D3FB619FF37 c:\windows\explorer.exe
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 86016]
    "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-10-18 802816]
    "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-10-18 696320]
    "SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2009-03-03 2233856]
    "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-06-01 573440]
    "HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-12 774233]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
    "avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
    "ZoneAlarm Client"="d:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 919016]
    "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-01-30 1657376]
    "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-03-18 12451]
    "ShowDesktop"="shell32.dll" - c:\windows\system32\shell32.dll [2007-04-04 18590720]
    "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2006-03-02 101888]

    c:\documents and settings\Administrateur.WINXPCRA-B3127B\Menu D‚marrer\Programmes\D‚marrage\
    OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "MemCheckBoxInRunDlg"= 1 (0x1)
    "NoSMBalloonTip"= 1 (0x1)
    "NoWelcomeScreen"= 1 (0x1)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "MemCheckBoxInRunDlg"= 1 (0x1)
    "NoSMBalloonTip"= 1 (0x1)
    "NoWelcomeScreen"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Hotfix-KB5504305 REG_SZ c:\windows\system32\rundll83.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    "DisablePagingExecutive"=dword:00000001
    "SecondLevelDataCache"=dword:00000200

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\BitSpirit\\BitSpirit.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "4008:TCP"= 4008:TCP:*:D isabled:SolidNetworkManager
    "4008:UDP"= 4008:UDP:*:D isabled:SolidNetworkManager

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [09/05/2009 15:57 114768]
    R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [03/03/2009 18:58 142592]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/05/2009 15:57 20560]
    R3 SynMini;USB2.0 VGA WebCam;c:\windows\system32\drivers\SynMini.sys [12/11/2006 18:40 1056512]
    R3 SynScan;USB2.0 VGA WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [12/11/2006 18:40 8064]
    S3 SaiHA503;SaiHA503;c:\windows\system32\drivers\SaiHA503.sys [01/05/2007 15:44 132232]
    S3 SaiLA503;SaiLA503;c:\windows\system32\drivers\SaiLA503.sys [01/05/2007 15:44 15488]
    S3 SaiUA503;SaiUA503;c:\windows\system32\drivers\SaiUA503.sys [01/05/2007 15:44 28416]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0315b958-096f-11de-a2d9-0018f3004528}]
    \Shell\Auto\command - auto.exe
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d43d830-1620-11de-a302-d1c3ec9559e9}]
    \Shell\AutoRun\command - WDSetup.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2009-05-08 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-11-10 22:03]

    2009-05-09 c:\windows\Tasks\XoftSpySE 2.job
    - c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 12:44]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Explorer_Run-Lsass Service - c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe


    .
    ------- Examen supplémentaire -------
    .
    uStart Page =
    mStart Page =
    uInternet Connection Wizard,ShellNext = hxxp://www.google.fr/
    uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
    IE: Crawler Search - tbr:iemenu
    IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
    IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm
    IE: ÓñÈÌؾ«ÁéÏÂÔØ(&B)
    TCP: {271308C6-CD83-4B7D-A0B4-B93D598918E4} = 208.67.220.220,208.67.222.222
    TCP: {81DF945F-FB70-4A8E-90FA-E4E6593AA7B2} = 208.67.220.220,208.67.222.222
    Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
    FF - ProfilePath - c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\
    FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
    FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
    FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
    FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
    FF - plugin: c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\extensions\SolidStateION@solidstatenetworks.com\plugins\npssn.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: d:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll

    ---- PARAMETRES FIREFOX ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: content.max.tokenizing.time - 200000
    FF - user.js: content.notify.interval - 100000
    FF - user.js: content.switch.threshold - 650000
    FF - user.js: nglayout.initialpaint.delay - 300
    FF - user.js: yahoo.homepage.dontask - true.

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-09 22:51
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    Lsass Service = c:\documents and settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe??????????????????????????

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2009-05-09 22:53
    ComboFix-quarantined-files.txt 2009-05-09 20:53
    ComboFix2.txt 2008-10-03 08:04
    ComboFix3.txt 2008-09-23 09:00
    ComboFix4.txt 2007-05-20 17:46

    Avant-CF: 2 276 147 200 octets libres
    Après-CF: 2 311 684 096 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

    233
    a c 312 8 Sécurité
    9 Mai 2009 23:07:59

  • Télécharge UsbFix (de C_XX & Chiquitine29) sur ton Bureau.
  • Lance l'installation avec les paramètres par défaut.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix sur ton Bureau.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

    9 Mai 2009 23:12:06

    voili voilou , mais pour le moment il ya plus de soucis :o  je poste le rapport ( et merci encore! )
    ############################## [ UsbFix V3.017 # Scan ]

    # User : Administrateur (Administrateurs) # WINXPCRA-B3127B
    # Update on 06/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 23:09:24 | 09/05/2009

    # Genuine Intel(R) CPU T2050 @ 1.60GHz
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled

    # C:\ # Disque fixe local # 15,02 Go (2,17 Go free) # NTFS
    # D:\ # Disque fixe local # 78,14 Go (19,93 Go free) [Nouveau nom] # NTFS
    # E:\ # Disque CD-ROM # 530,06 Mo (0 Mo free) [DISK2] # CDFS
    # F:\ # Disque amovible # 941,92 Mo (342,79 Mo free) # FAT32
    # G:\ # Disque CD-ROM
    # H:\ # Disque amovible # 60,93 Mo (52,62 Mo free) [Carte mÚm] # FAT

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    d:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe
    d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## [ Registre # Startup ]

    HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    HKCU_Main: "Start Page"=""
    HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    HKLM_logon: "DefaultUserName"="Administrateur"
    HKLM_logon: "AltDefaultUserName"="Administrateur"
    HKLM_logon: "LegalNoticeCaption"=""
    HKLM_logon: "LegalNoticeText"=""
    HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    HKLM_Run: nwiz=nwiz.exe /install
    HKLM_Run: NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    HKLM_Run: Raccourci vers la page des propriétés de High Definition Audio=HDAShCut.exe
    HKLM_Run: IntelZeroConfig="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    HKLM_Run: IntelWireless="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    HKLM_Run: SpywareTerminator="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
    HKLM_Run: SMSERIAL=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    HKLM_Run: HControl=C:\WINDOWS\ATK0100\HControl.exe
    HKLM_Run: SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    HKLM_Run: NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
    HKLM_Run: Adobe Reader Speed Launcher="D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
    HKLM_Run: avast!=d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    HKLM_Run: ZoneAlarm Client="d:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    HKCU_Run: DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    ################## [ Informations ]


    ################## [ Fichiers # Dossiers infectieux ]

    Found ! "C:\WINDOWS\system32\796525"
    H:\autorun.inf # -> fichier appelé : "H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorun.exe" ( absent ! )
    Found ! H:\autorun.inf
    Found ! H:\recycler\S-9-7-19-100008889-100012520-100020595-3776.com

    ################## [ Registre # Clés Run infectieuses ]

    Found ! HKLM\software\microsoft\security center\\ "AntiVirusDisableNotify"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
    Found ! HKLM\software\microsoft\security center\\ "AntiVirusOverride"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
    Found ! HKLM\software\microsoft\security center\\ "FirewallOverride"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
    Found ! HKLM\software\microsoft\security center\\ "UpdatesDisableNotify"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
    Found ! HKLM\SYSTEM\CurrentControlSet\Services\GXVXCSERV.SYS
    Found ! HKLM\SYSTEM\ControlSet001\Services\GXVXCSERV.SYS

    ################## [ Registre # Mountpoints2 ]

    HKCU\Software\Microsoft\....\MountPoints2\{0315b958-096f-11de-a2d9-0018f3004528}\Shell\Auto\command
    HKCU\Software\Microsoft\....\MountPoints2\{0315b958-096f-11de-a2d9-0018f3004528}\Shell\AutoRun\command
    HKCU\Software\Microsoft\....\MountPoints2\{4d43d830-1620-11de-a302-d1c3ec9559e9}\Shell\AutoRun\command

    ################## [ ! Fin du rapport # UsbFix V3.017 ! ]

    a c 312 8 Sécurité
    9 Mai 2009 23:19:11

    Citation :
    mais pour le moment il ya plus de soucis

    ---> Ton disque H est infecté.

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau .

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    9 Mai 2009 23:37:25

    revoici le rapport ^^

    ############################## [ UsbFix V3.017 # Cleaning ]

    # User : Administrateur (Administrateurs) # WINXPCRA-B3127B
    # Update on 06/05/09 by Chiquitine29, C_XX & Chimay8
    # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
    # Start at: 23:29:33 | 09/05/2009

    # Genuine Intel(R) CPU T2050 @ 1.60GHz
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    # Internet Explorer 6.0.2900.2180
    # Windows Firewall Status : Disabled

    # C:\ # Disque fixe local # 15,02 Go (2,17 Go free) # NTFS
    # D:\ # Disque fixe local # 78,14 Go (19,93 Go free) [Nouveau nom] # NTFS
    # E:\ # Disque CD-ROM # 530,06 Mo (0 Mo free) [DISK2] # CDFS
    # G:\ # Disque CD-ROM
    # H:\ # Disque amovible # 60,93 Mo (52,62 Mo free) [Carte mÚm] # FAT

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    d:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe
    d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe

    ################## [ Fichiers # Dossiers infectieux ]

    Deleted ! "C:\WINDOWS\system32\796525"
    H:\autorun.inf # -> fichier appelé : "H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorun.exe" ( absent ! )
    Deleted ! H:\autorun.inf
    Deleted ! H:\recycler\S-9-7-19-100008889-100012520-100020595-3776.com

    ################## [ Registre # Clés Run infectieuses ]

    # HKLM\software\microsoft\security center\\ "AntiVirusDisableNotify"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
    # HKLM\software\microsoft\security center\\ "AntiVirusOverride"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
    # HKLM\software\microsoft\security center\\ "FirewallOverride"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
    # HKLM\software\microsoft\security center\\ "UpdatesDisableNotify"
    # -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
    Deleted ! HKLM\SYSTEM\CurrentControlSet\Services\GXVXCSERV.SYS
    Deleted ! HKLM\SYSTEM\ControlSet002\Services\GXVXCSERV.SYS

    ################## [ Registre # Mountpoints2 ]

    Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{0315b958-096f-11de-a2d9-0018f3004528}\Shell\Auto\command
    Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{4d43d830-1620-11de-a302-d1c3ec9559e9}\Shell\AutoRun\command

    ################## [ Listing des fichiers présent ]

    [12/11/2006 17:43|--a------|0] - C:\AUTOEXEC.BAT
    [03/03/2009 12:45|--a------|327] - C:\Boot.bak
    [09/05/2009 22:48|-rahs----|397] - C:\boot.ini
    [02/03/2006 12:00|-rahs----|4952] - C:\Bootfont.bin
    [03/08/2004 23:00|--a------|263488] - C:\cmldr
    [09/05/2009 22:53|--a------|16757] - C:\ComboFix.txt
    [12/11/2006 17:43|--a------|0] - C:\CONFIG.SYS
    [03/03/2009 20:36|--a------|4128] - C:\INFCACHE.1
    [12/11/2006 17:43|-rahs----|0] - C:\IO.SYS
    [12/11/2006 17:43|-rahs----|0] - C:\MSDOS.SYS
    [02/03/2006 12:00|-rahs----|47564] - C:\NTDETECT.COM
    [02/03/2006 12:00|-rahs----|251712] - C:\ntldr
    [?|?|?] - C:\pagefile.sys
    [09/05/2009 15:25|--a------|1199] - C:\SYS32DLL.bat
    [28/04/2009 22:37|--a------|0] - C:\Tech_Vista.log
    [09/05/2009 23:33|--a------|3948] - C:\UsbFix.txt
    [06/05/2009 14:01|--a------|129] - D:\Lecteur CD.lnk
    [29/07/2004 11:40|-r-------|4693129] - E:\Data11.cab
    [29/07/2004 12:28|-r-------|490943766] - E:\Data2.cab
    [29/07/2004 12:30|-r-------|59801544] - E:\Ryzom.msi
    [27/12/2002 18:44|--ah-----|703] - F:\SETTINGS.DAT
    [22/06/2007 20:41|--a------|877936] - F:\AutoTransfer.exe
    [27/12/2002 18:44|--ah-----|4194304] - F:\STDBSTR.DAT
    [27/12/2002 18:44|--ah-----|1200] - F:\STDBSTR.IDX
    [27/12/2002 18:44|--ah-----|1931264] - F:\STDBDATA.DAT
    [27/12/2002 18:44|--ah-----|116] - F:\STDBDATA.IDX
    [27/12/2002 18:44|--ah-----|505985] - F:\RAMLIST.DAT
    [14/03/2009 00:56|--a------|3240] - F:\BOOTEX.LOG
    [02/04/2008 23:32|--a------|7061900] - F:\04 Loose Ends.mp3
    [15/06/2006 19:05|--a------|4770858] - F:\Samurai Champloo - YOU.mp3
    [27/01/2008 01:45|--a------|8163265] - F:\01 Let Go.mp3
    [16/01/2009 21:00|--a------|296] - F:\WMPInfo.xml
    [21/07/2007 23:23|--a------|6896667] - F:\05 no man's land - sufjan stevens.mp3
    [18/10/2007 16:57|--a------|3697988] - F:\ironic.mp3
    [19/06/2008 00:15|--a------|4821610] - F:\02-korn-hollow_life.mp3
    [15/06/2006 19:00|--a------|5922275] - F:\Samurai Champloo - Fly.mp3
    [12/11/2008 14:01|--a------|15176] - F:\cvmoi.odt
    [15/06/2006 19:02|--a------|4134871] - F:\Noir - Kirei Na Kanjou.mp3
    [15/06/2006 19:06|--a------|4762506] - F:\Samurai Champloo - Who's Theme.mp3
    [16/03/2006 15:47|--a------|5007488] - F:\03 Boa - Duvet (Acoustic Version).mp3
    [12/05/2008 15:54|--a------|9109632] - F:\Orbital -Hackers Soundtrack- Halcyon And On And On.mp3
    [21/07/2007 23:22|--a------|4440321] - F:\01 the winner is - mychael danna & devotchka.mp3
    [21/07/2007 23:26|--a------|8832027] - F:\08 chicago - sufjan stevens.mp3
    [15/06/2006 19:29|--a------|3128842] - F:\Samurai champloo - Sneak chamber.mp3
    [15/06/2006 18:49|--a------|4513541] - F:\Samurai champloo - the space between two worlds.mp3
    [15/06/2006 18:49|--a------|4802769] - F:\Samurai champloo - Shiki no Uta.mp3
    [27/01/2008 01:45|--a------|8933970] - F:\02 Breathe In.mp3
    [02/04/2008 23:32|--a------|10042015] - F:\08 The Walk.mp3
    [10/12/2007 19:47|--a------|9547904] - F:\40 - Banjiya Blues.mp3
    [27/01/2008 01:45|--a------|7803380] - F:\04 Must Be Dreaming.mp3
    [02/04/2008 23:32|--a------|5768485] - F:\09 Just for Now.mp3
    [15/06/2006 18:52|--a------|4915200] - F:\Kurau phantom memory - Natsukashii Umi.mp3
    [15/06/2006 19:28|--a------|3131350] - F:\Samurai champloo - New dimension.mp3
    [15/06/2006 19:25|--a------|7412911] - F:\Samurai Champloo - How You Feel.mp3
    [04/03/2007 01:37|--a------|7996598] - F:\10-korn-make_me_bad_-_in_between_days_feat._the_cure.mp3
    [15/06/2006 19:30|--a------|5943115] - F:\Samurai Champloo - Funkin.mp3
    [10/08/2008 00:04|--a------|6483636] - F:\03 - Je suis une feuille.mp3
    [15/06/2006 18:49|--a------|3235422] - F:\Samurai champloo - battlecry.mp3
    [03/04/2009 00:03|--a------|6537893] - F:\03. Korn - Chi.mp3
    [15/06/2006 18:47|--a------|4009482] - F:\Samurai champloo - aruarian dance.mp3
    [03/04/2009 00:07|--a------|6539044] - F:\05. Korn - Got The Life.mp3
    [27/01/2008 01:45|--a------|8989915] - F:\03 It's Good to Be in Love.mp3
    [03/04/2009 00:07|--a------|8358341] - F:\06. Korn - All In The Family.mp3
    [03/04/2009 00:05|--a------|7882792] - F:\07. Korn - Beg For Me.mp3
    [27/01/2008 01:46|--a------|8357820] - F:\08 Hear Me Out.mp3
    [10/12/2007 19:47|--a------|5337216] - F:\31 - Jinsei wa Belt Conveyor no Youni Nagareru.mp3
    [27/01/2008 01:47|--a------|7028500] - F:\09 Maddening Shroud.mp3
    [27/01/2008 01:45|--a------|7684810] - F:\10 Flicks.mp3
    [27/01/2008 01:45|--a------|9969370] - F:\12 Old Piano.mp3
    [27/01/2008 01:45|--a------|8369510] - F:\15 Close Up.mp3
    [03/04/2009 00:07|--a------|7738885] - F:\09. Korn - Somebody Someone.mp3
    [27/04/2009 23:41|--a------|9671738] - F:\02 Rhinoceros.mp3
    [30/04/2009 14:03|--a------|14167] - F:\lettre motiv.odt
    [03/04/2009 00:07|--a------|6126905] - F:\12. Korn - Play Me (Feat. Nas).mp3
    [05/04/2009 16:27|--a------|7797763] - F:\03. You Found Me.mp3
    [05/04/2009 16:27|--a------|9721211] - F:\04. Say When.mp3
    [05/04/2009 16:27|--a------|8284267] - F:\05. Never Say Never.mp3
    [05/04/2009 16:27|--a------|7582096] - F:\06. Where The Story Ends.mp3
    [27/04/2009 23:54|--a------|7435980] - F:\03 Drown.mp3
    [21/12/2007 18:23|--a------|11599872] - F:\RIP SLYME - 13 - Matahou Nichi Made.mp3
    [03/05/2009 23:37|--a------|12951150] - F:\12 Remember (Rip Slyme with MONGOL800).mp3
    [03/05/2009 23:39|--a------|11591836] - F:\13 ___.mp3
    [02/04/2008 23:32|--a------|6931640] - F:\01 Headlock.mp3
    [02/04/2008 23:32|--a------|7425960] - F:\02 Goodnight and Go.mp3
    [02/04/2008 23:32|--a------|8026325] - F:\03 Have You Got It in You-.mp3
    [03/05/2009 23:22|--a------|3155274] - F:\01 Introduction.mp3
    [28/04/2009 00:12|--a------|5648449] - F:\05 Today.mp3
    [28/04/2009 00:14|--a------|5272410] - F:\06 Disarm.mp3
    [28/04/2009 00:26|--a------|5092419] - F:\07 Landslide.mp3
    [28/04/2009 00:20|--a------|7092367] - F:\09 1979.mp3
    [28/04/2009 00:19|--a------|7102470] - F:\08 Bullet With Butterfly Wings.mp3
    [28/04/2009 00:26|--a------|7000612] - F:\11 Tonight, Tonight.mp3
    [28/04/2009 00:26|--a------|8053608] - F:\12 Eye.mp3
    [28/04/2009 00:26|--a------|5600816] - F:\14 Perfect.mp3
    [28/04/2009 00:22|--a------|7274641] - F:\15 The Everlasting Gaze.mp3
    [28/04/2009 00:24|--a------|7382287] - F:\16 Stand Inside Your Love.mp3
    [28/04/2009 00:26|--a------|6949824] - F:\18 [Untitled] [#].mp3
    [21/12/2007 17:52|--a------|10917888] - F:\RIP SLYME - 07 - BLUE BE-BOP.mp3
    [21/12/2007 18:12|--a------|12877824] - F:\RIP SLYME - 11 - GALAXY.mp3
    [21/12/2007 18:18|--a------|13527040] - F:\RIP SLYME - 12 - Tasogare Surround.mp3
    [21/12/2007 18:29|--a------|9808260] - F:\RIP SLYME - 06 - Tokyo Classic.mp3
    [08/07/2008 15:11|--a------|3977216] - F:\01 - EPOCH -intro-.mp3
    [08/07/2008 16:28|--a------|13766656] - F:\01 - Shizuku Ippai no Kioku.mp3
    [30/11/2006 09:50|--a------|12589056] - F:\04 - burou.mp3
    [30/11/2006 09:49|--a------|9592960] - F:\09 - Break Beats ERA.mp3
    [08/07/2008 16:54|--a------|11020288] - F:\11 - LOVE.mp3
    [08/07/2008 16:15|--a------|11413632] - F:\12 - Present.mp3
    [08/07/2008 16:16|--a------|2476160] - F:\13 - LINDA.mp3
    [30/11/2006 09:49|--a------|11509888] - F:\14 - Wonderful.mp3
    [03/05/2009 23:38|--a------|8494293] - F:\06 _____.mp3
    [03/05/2009 23:21|--a------|1934836] - F:\07 concourse1.mp3
    [03/05/2009 23:39|--a------|11640910] - F:\10 I·N·G.mp3
    [03/05/2009 23:22|--a------|2337821] - F:\11 concourse2.mp3
    [22/10/2008 16:31|--a------|57670] - H:\MeBoyBuilder.jar
    [16/06/2000 17:27|-ra------|1048576] - H:\WWW.POKEBASE.NET_Pokemon_jaune.gb
    [13/11/2007 17:01|--a------|34876] - H:\13112007.3gp
    [27/11/2008 20:22|--a------|798422] - H:\27112008.3gp
    [24/04/2008 20:56|--a------|5672164] - H:\04 - Leave Me Alone.mp3
    [09/05/2009 15:25|-rahs----|246] - H:\aautorun.inf
    [09/05/2009 16:51|-rahs----|246] - H:\aautorun.infapaapaapaapaaautorun.infa1

    ################## [ Vaccination ]

    # C:\autorun.inf -> Folder created by UsbFix.
    # D:\autorun.inf -> Folder created by UsbFix.
    # F:\autorun.inf -> Folder created by UsbFix.
    # H:\autorun.inf -> Folder created by UsbFix.

    ################## [ Cracks / Keygens / Serials ]

    # -> Nothing found !

    ################## [ ! Fin du rapport # UsbFix V3.017 ! ]

    a c 312 8 Sécurité
    9 Mai 2009 23:58:49

    Citation :
    [09/05/2009 15:25|-rahs----|246] - H:\aautorun.inf
    [09/05/2009 16:51|-rahs----|246] - H:\aautorun.infapaapaapaapaaautorun.infa1

    ---> Ça te dit quelque chose ?
    10 Mai 2009 00:06:37

    non jamais touche c l'ancienne carte memoire de mon telephone portable je men suis servi uniquemtn pour transferer des photos ou videos, et comme j'ai change de telephone j'ai jamais retire la carte memoire du pc mais bon c le bon jour pour je pense lol
    10 Mai 2009 00:10:31

    et des musiques et une fois une tentative d'emulateur pour telephnoe mais ce truc aautorun aucune idee
    a c 312 8 Sécurité
    10 Mai 2009 00:12:29

  • Désinstalle UsbFix.

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    c:\windows\st_1241885842.exe
    C:\SYS32DLL.bat
    H:\aautorun.inf
    H:\aautorun.infapaapaapaapaaautorun.infa1

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    10 Mai 2009 00:28:11

    alors voici le rapport mmh par contre j'ai mon bureau et ma barre et le menu demarrer qui ont disparue mtn :/ 
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    c:\windows\st_1241885842.exe moved successfully.
    C:\SYS32DLL.bat moved successfully.
    H:\aautorun.inf moved successfully.
    H:\aautorun.infapaapaapaapaaautorun.infa1 moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\etilqs_35lIxcXZ11zmfvNAOTM3 scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\~DF57CF.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_110.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_264.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\ZLT0334f.TMP scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\ZLT03eac.TMP scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05102009_002432
    a c 312 8 Sécurité
    10 Mai 2009 00:34:39

    Citation :
    alors voici le rapport mmh par contre j'ai mon bureau et ma barre et le menu demarrer qui ont disparue mtn :/ 

    ---> Redémarre ton PC et ça s'arrangera.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    10 Mai 2009 00:42:02

    En redemarrant j'ai eu droit a un nouveau rapport je le post au cas ou , et je vais faire ce que tu m'as dis avec malwayr byte"s



    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    c:\windows\st_1241885842.exe moved successfully.
    C:\SYS32DLL.bat moved successfully.
    H:\aautorun.inf moved successfully.
    H:\aautorun.infapaapaapaapaaautorun.infa1 moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\etilqs_35lIxcXZ11zmfvNAOTM3 scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\~DF57CF.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_110.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_264.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\ZLT0334f.TMP scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\ZLT03eac.TMP scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05102009_002432

    Files moved on Reboot...
    File C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\etilqs_35lIxcXZ11zmfvNAOTM3 not found!
    File C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\~DF57CF.tmp not found!
    File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
    C:\WINDOWS\temp\Perflib_Perfdata_110.dat moved successfully.
    File C:\WINDOWS\temp\Perflib_Perfdata_264.dat not found!
    File C:\WINDOWS\temp\ZLT0334f.TMP not found!
    File C:\WINDOWS\temp\ZLT03eac.TMP not found!
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Application Data\Mozilla\Firefox\Profiles\0movmxuh.default\XUL.mfl moved successfully.
    10 Mai 2009 00:51:37

    et voici le rapport mbm ^^

    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 2102
    Windows 5.1.2600 Service Pack 2

    10/05/2009 00:50:24
    mbam-log-2009-05-10 (00-50-24).txt

    Type de recherche: Examen rapide
    Eléments examinés: 105322
    Temps écoulé: 6 minute(s), 51 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\control\lsa\Hotfix-KB5504305 (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    10 Mai 2009 00:53:23

    hey au fait merci de me filer un coup de main surtout a cette heure ci :D  !
    a c 312 8 Sécurité
    10 Mai 2009 01:02:11

    Bien, tu peux me poster le rapport info situé dans C:\rsit ?
    10 Mai 2009 01:04:20

    voila
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-05-09 22:34:18
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 2 GB (15%) free of 15 GB
    Total RAM: 1023 MB (47% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:34:39, on 09/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    d:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe
    d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Bureau\RSIT.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qk...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "d:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKLM\..\Policies\Explorer\Run: [Lsass Service] C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDesktop] regsvr32 /s /i:U /n shell32.dll (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{271308C6-CD83-4B7D-A0B4-B93D598918E4}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{81DF945F-FB70-4A8E-90FA-E4E6593AA7B2}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9325 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Maintenance en 1 clic.job
    C:\WINDOWS\tasks\XoftSpySE 2.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
    C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-02-27 1194496]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Barre d'outils &Crawler - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-02-27 1194496]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-30 13594624]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-30 86016]
    "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-10-18 802816]
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-10-18 696320]
    "SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2009-03-03 2233856]
    "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-06-01 573440]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-12 774233]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "avast!"=d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "ZoneAlarm Client"=d:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-06-21 919016]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    "Lsass Service"=C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Microsoft\Windows\lsass.exe [2009-05-09 65024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]

    C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Menu Démarrer\Programmes\Démarrage
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "MemCheckBoxInRunDlg"=1
    "NoSMBalloonTip"=1
    "NoDesktopCleanupWizard"=1
    "NoWelcomeScreen"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
    "C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Temp\IXP000.TMP\Zone Alarm Pro.exe"="C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Local Settings\Temp\IXP000.TMP\Zone Alarm Pro.exe:*:Enabled:C:\DOCUME~1\ADMINI~1.WIN\LOCALS~1\Temp\IXP000.TMP\Zone Alarm Pro.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0315b958-096f-11de-a2d9-0018f3004528}]
    shell\Auto\command - auto.exe
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d43d830-1620-11de-a302-d1c3ec9559e9}]
    shell\AutoRun\command - WDSetup.exe


    ======List of files/folders created in the last 1 months======

    2009-05-09 22:34:18 ----D---- C:\rsit
    2009-05-09 21:07:34 ----D---- C:\WINDOWS\CSC
    2009-05-09 21:07:22 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-05-09 18:50:32 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-09 16:47:16 ----A---- C:\WINDOWS\system32\vsutil_loc040c.dll
    2009-05-09 16:47:06 ----A---- C:\WINDOWS\system32\vsregexp.dll
    2009-05-09 16:47:06 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
    2009-05-09 16:46:55 ----A---- C:\WINDOWS\system32\zlcommdb.dll
    2009-05-09 16:46:55 ----A---- C:\WINDOWS\system32\zlcomm.dll
    2009-05-09 16:46:47 ----A---- C:\WINDOWS\system32\vswmi.dll
    2009-05-09 16:46:39 ----A---- C:\WINDOWS\system32\zpeng24.dll
    2009-05-09 16:46:37 ----A---- C:\WINDOWS\system32\vsxml.dll
    2009-05-09 16:46:31 ----A---- C:\WINDOWS\system32\vspubapi.dll
    2009-05-09 16:46:29 ----A---- C:\WINDOWS\system32\vsmonapi.dll
    2009-05-09 16:45:38 ----A---- C:\WINDOWS\system32\vsutil.dll
    2009-05-09 16:45:38 ----A---- C:\WINDOWS\system32\vsinit.dll
    2009-05-09 16:45:38 ----A---- C:\WINDOWS\system32\vsdata.dll
    2009-05-09 15:56:50 ----A---- C:\WINDOWS\system32\MSVCP71.dll
    2009-05-09 15:56:50 ----A---- C:\WINDOWS\system32\MFC71.dll
    2009-05-09 15:56:50 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-05-09 15:26:15 ----A---- C:\WINDOWS\system32\gxvxchcenwjdkjsnapltdotxeupawuvxednta.dll
    2009-05-09 15:25:42 ----A---- C:\WINDOWS\system32\SYS32DLL.exe
    2009-05-09 15:25:42 ----A---- C:\SYS32DLL.bat
    2009-05-09 15:25:41 ----A---- C:\WINDOWS\st_1241885842.exe
    2009-05-09 15:25:40 ----D---- C:\WINDOWS\system32\796525
    2009-05-08 14:09:49 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Media Player Classic
    2009-05-08 10:30:15 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-05-08 10:30:15 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-05-08 10:30:15 ----A---- C:\WINDOWS\system32\java.exe
    2009-04-22 18:26:42 ----D---- C:\WINDOWS\system32\AGEIA
    2009-04-22 18:26:40 ----D---- C:\Program Files\AGEIA Technologies
    2009-04-22 18:23:23 ----D---- C:\NVIDIA
    2009-04-21 12:36:00 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
    2009-04-21 12:36:00 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
    2009-04-21 12:35:57 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
    2009-04-21 12:35:56 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
    2009-04-21 12:35:56 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
    2009-04-21 12:35:55 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
    2009-04-21 12:35:54 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
    2009-04-21 12:35:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
    2009-04-21 12:35:52 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
    2009-04-21 12:35:49 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
    2009-04-21 12:35:48 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
    2009-04-21 12:35:48 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
    2009-04-21 12:35:47 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
    2009-04-21 12:35:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
    2009-04-21 12:35:45 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
    2009-04-21 12:35:45 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
    2009-04-21 12:35:44 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2009-04-21 12:35:42 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2009-04-21 12:35:42 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2009-04-21 12:35:40 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
    2009-04-21 12:35:39 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-04-21 12:35:38 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-04-21 12:35:37 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-04-21 12:35:36 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2009-04-21 12:35:34 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2009-04-21 12:35:34 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2009-04-21 12:35:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2009-04-17 18:52:05 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\LG Electronics
    2009-04-17 15:18:53 ----D---- C:\Program Files\LG Electronics
    2009-04-17 15:17:39 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\InstallShield

    ======List of files/folders modified in the last 1 months======

    2009-05-09 22:34:09 ----D---- C:\WINDOWS\Temp
    2009-05-09 22:29:27 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-09 22:28:50 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\OpenOffice.org2
    2009-05-09 22:02:28 ----D---- C:\WINDOWS\Internet Logs
    2009-05-09 21:53:52 ----D---- C:\WINDOWS
    2009-05-09 21:53:52 ----AD---- C:\WINDOWS\system32
    2009-05-09 21:41:25 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2009-05-09 20:56:55 ----D---- C:\WINDOWS\system32\drivers
    2009-05-09 19:48:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-05-09 18:12:27 ----D---- C:\Program Files\Spyware Terminator
    2009-05-09 17:54:58 ----D---- C:\WINDOWS\system32\config
    2009-05-09 16:47:23 ----D---- C:\WINDOWS\system32\ZoneLabs
    2009-05-09 15:25:38 ----SHD---- C:\RECYCLER
    2009-05-09 15:22:11 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\Spyware Terminator
    2009-05-09 12:45:40 ----D---- C:\WINDOWS\Prefetch
    2009-05-09 12:00:54 ----SHD---- C:\WINDOWS\Installer
    2009-05-09 12:00:41 ----HD---- C:\Config.Msi
    2009-05-09 10:07:34 ----D---- C:\Program Files\BitSpirit
    2009-05-09 10:07:18 ----D---- C:\Program Files\Fichiers communs\BitSpirit
    2009-05-08 19:05:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator
    2009-05-08 14:15:49 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-08 10:30:03 ----D---- C:\Program Files\Java
    2009-05-04 20:21:23 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
    2009-05-04 14:36:08 ----D---- C:\Documents and Settings\Administrateur.WINXPCRA-B3127B\Application Data\dvdcss
    2009-04-28 22:47:38 ----HD---- C:\LG3G
    2009-04-28 22:36:16 ----HD---- C:\WINDOWS\inf
    2009-04-22 18:30:05 ----D---- C:\WINDOWS\nview
    2009-04-22 18:30:05 ----D---- C:\WINDOWS\Help
    2009-04-22 18:26:27 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-04-22 18:25:11 ----D---- C:\WINDOWS\system32\dllcache
    2009-04-21 12:36:02 ----D---- C:\WINDOWS\system32\DirectX
    2009-04-20 18:06:12 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-04-17 15:18:53 ----RD---- C:\Program Files
    2009-04-17 00:21:25 ----D---- C:\Program Files\WinClamAVShield
    2009-04-16 00:20:35 ----D---- C:\WINDOWS\Debug

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320]
    R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-06-21 394984]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-03 21425]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-10-19 12544]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-03-31 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2007-03-18 14080]
    R3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-18 5632]
    R3 NETw3x32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-10-17 1711104]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-03-31 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-30 6250848]
    R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-07-14 28544]
    R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
    R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-07-14 307968]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2006-03-02 67584]
    R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-06-01 894336]
    R3 SynMini;USB2.0 VGA WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-07-03 1056512]
    R3 SynScan;USB2.0 VGA WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-06-30 8064]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-12 193056]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-03-18 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-03-18 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-03-18 20480]
    S3 a9bx11dd;a9bx11dd; C:\WINDOWS\system32\drivers\a9bx11dd.sys []
    S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-21 142848]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2007-03-18 17024]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-03-18 9600]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-03-18 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2007-03-18 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2007-03-18 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2007-03-18 10880]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2007-03-18 20992]
    S3 SaiHA503;SaiHA503; C:\WINDOWS\system32\DRIVERS\SaiHA503.sys [2007-05-01 132232]
    S3 SaiLA503;SaiLA503; C:\WINDOWS\system32\DRIVERS\SaiLA503.sys [2007-05-01 15488]
    S3 SaiUA503;SaiUA503; C:\WINDOWS\system32\DRIVERS\SaiUA503.sys [2007-05-01 28416]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2007-03-18 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2007-03-18 15360]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-03-18 26496]
    S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2007-03-18 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-18 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-18 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2006-03-02 73600]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; d:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-10-18 434176]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-30 168004]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-10-18 327680]
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-10-18 946176]
    R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-03-03 540672]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-06-21 75304]
    R3 avast! Mail Scanner;avast! Mail Scanner; d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; d:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------
    a c 312 8 Sécurité
    10 Mai 2009 01:07:05

    C'est le rapport log que tu as posté.
    10 Mai 2009 01:08:37

    oups sorry voici le bon


    info.txt logfile of random's system information tool 1.06 2009-05-09 22:34:43

    ======Uninstall list======

    -->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
    avast! Antivirus-->d:\Program Files\Alwil Software\Avast4\aswRunDll.exe "d:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BitSpirit v3.5.0.236 Stable-->"C:\Program Files\BitSpirit\unins000.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
    Crawler Toolbar with Web Security Guard-->C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    K-Lite Codec Pack 4.7.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LCD-Test-->"C:\Program Files\LCD-Test\unins000.exe"
    LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly
    LG USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
    Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
    mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
    mDrWiFi-->MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    Motorola SM56 Data Fax Modem-->rundll32.exe sm56coin.dll,SM56UnInstaller
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
    Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Ryzom-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{0869FBF1-8E72-4D1E-BDA4-B76DEF156D45} /l1036
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    SP2 de compatibilité descendante du client Windows Rights Management-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
    Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    TuneUp Utilities 2006-->MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
    USB2.0 VGA WebCam-->C:\WINDOWS\StkUnist.exe
    VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
    Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
    Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    ZoneAlarm Pro-->d:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    Securitycenter WMI appears to be broken

    ======System event log======

    Computer Name: WINXPCRA-B3127B
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

    Record Number: 1424
    Source Name: Service Control Manager
    Time Written: 20090324112259.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: WINXPCRA-B3127B
    Event Code: 7036
    Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.

    Record Number: 1423
    Source Name: Service Control Manager
    Time Written: 20090324112259.000000+060
    Event Type: Informations
    User:

    Computer Name: WINXPCRA-B3127B
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.

    Record Number: 1422
    Source Name: Service Control Manager
    Time Written: 20090324112259.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: WINXPCRA-B3127B
    Event Code: 7036
    Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

    Record Number: 1421
    Source Name: Service Control Manager
    Time Written: 20090324112259.000000+060
    Event Type: Informations
    User:

    Computer Name: WINXPCRA-B3127B
    Event Code: 7036
    Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.

    Record Number: 1420
    Source Name: Service Control Manager
    Time Written: 20090324112259.000000+060
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: WINXPCRA-B3127B
    Event Code: 11309
    Message: Produit : Vampire - The Masquerade Bloodlines -- Erreur 1309. Erreur lors de la lecture du fichier E:\Setup\Data\Vampire\sound\area\special\taxi\automobile.mp3. Erreur système 3. Vérifiez que ce fichier existe et que vous êtes autorisé à y accéder.

    Record Number: 970
    Source Name: MsiInstaller
    Time Written: 20090401100320.000000+120
    Event Type: erreur
    User: WINXPCRA-B3127B\Administrateur

    Computer Name: WINXPCRA-B3127B
    Event Code: 11309
    Message: Produit : Vampire - The Masquerade Bloodlines -- Erreur 1309. Erreur lors de la lecture du fichier E:\Setup\Data\Vampire\sound\area\santa_monica\santa monica main bg.mp3. Erreur système 3. Vérifiez que ce fichier existe et que vous êtes autorisé à y accéder.

    Record Number: 969
    Source Name: MsiInstaller
    Time Written: 20090401100319.000000+120
    Event Type: erreur
    User: WINXPCRA-B3127B\Administrateur

    Computer Name: WINXPCRA-B3127B
    Event Code: 11309
    Message: Produit : Vampire - The Masquerade Bloodlines -- Erreur 1309. Erreur lors de la lecture du fichier E:\Setup\Data\Vampire\sound\area\santa_monica\santa monica main bg.mp3. Erreur système 3. Vérifiez que ce fichier existe et que vous êtes autorisé à y accéder.

    Record Number: 968
    Source Name: MsiInstaller
    Time Written: 20090401100317.000000+120
    Event Type: erreur
    User: WINXPCRA-B3127B\Administrateur

    Computer Name: WINXPCRA-B3127B
    Event Code: 11309
    Message: Produit : Vampire - The Masquerade Bloodlines -- Erreur 1309. Erreur lors de la lecture du fichier E:\Setup\Data\Vampire\sound\area\santa_monica\santa monica main bg.mp3. Erreur système 3. Vérifiez que ce fichier existe et que vous êtes autorisé à y accéder.

    Record Number: 967
    Source Name: MsiInstaller
    Time Written: 20090401100316.000000+120
    Event Type: erreur
    User: WINXPCRA-B3127B\Administrateur

    Computer Name: WINXPCRA-B3127B
    Event Code: 11309
    Message: Produit : Vampire - The Masquerade Bloodlines -- Erreur 1309. Erreur lors de la lecture du fichier E:\Setup\Data\Vampire\sound\area\santa_monica\santa monica main bg.mp3. Erreur système 3. Vérifiez que ce fichier existe et que vous êtes autorisé à y accéder.

    Record Number: 966
    Source Name: MsiInstaller
    Time Written: 20090401100316.000000+120
    Event Type: erreur
    User: WINXPCRA-B3127B\Administrateur

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0e08
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "tvdumpflags"=8

    -----------------EOF-----------------
    a c 312 8 Sécurité
    10 Mai 2009 01:24:01

  • Désinstalle J2SE Runtime Environment 5.0 Update 11.

    Le PC va bien ?
    10 Mai 2009 01:27:18

    beh ecoutes il tourne normalement oui j'ai plus aucun soucis ! :D  merci a toi ô grand magicien du laptop !
    a c 312 8 Sécurité
    10 Mai 2009 01:33:43

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Je te conseille de remplacer Avast par Antivir.

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Néanmoins, mets à jour Internet Explorer : Lien

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    6 Juillet 2009 19:51:33

    Destrio5 a dit :
    Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.



  • Encore merci pour le conseil, c'est la 1ère fois que je passe par un forum, j'attends ta réponse.



    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Lor at 2009-07-06 19:33:25
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 5 GB (17%) free of 30 GB
    Total RAM: 2047 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:33:44, on 06/07/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\AvidSDMService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\mgabg.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Lor\Bureau\RSIT.exe
    C:\Program Files\trend micro\Lor.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix /autoclose
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [rgcg8fj0e10r] C:\WINDOWS\system32\qgcn8fj0e10r.exe
    O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-21-436374069-1580818891-854245398-500\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Administrateur')
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
    O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 9561 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-09 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-11 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-11 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-09 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-20 142104]
    "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-20 162584]
    "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
    "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-12-11 267048]
    "SpybotSnD"=C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-05-11 8429568]
    "rgcg8fj0e10r"=C:\WINDOWS\system32\qgcn8fj0e10r.exe [2009-05-11 80191]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "TaskSwitchXP"=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe [2006-08-05 62976]
    "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-09-22 1871872]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
    "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-07-10 397312]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-10 68856]
    "msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
    C:\WINDOWS\system32\antiwpa.dll [2007-10-04 60416]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2007-04-16 204800]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "MaxRecentDocs"=5

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.0"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:D isabled:Messenger"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:D isabled:LimeWire swarmed installer"
    "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:D isabled:@xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7aa6f178-fecb-11d5-95a9-806d6172696f}]
    shell\AutoRun\command - E:\.\Bin\Assetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c05f7d03-3579-11dd-84ed-001bfcdb1ec3}]
    shell\Auto\command - cmd /C launch.bat
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat


    ======List of files/folders created in the last 1 months======

    2009-07-06 19:33:26 ----D---- C:\Program Files\trend micro
    2009-07-06 19:33:25 ----D---- C:\rsit
    2009-07-03 13:02:04 ----D---- C:\Documents and Settings\Lor\Application Data\Allume Systems
    2009-07-03 13:01:35 ----D---- C:\Program Files\Allume Systems
    2009-06-07 17:25:28 ----D---- C:\Documents and Settings\Lor\Application Data\IDS_COMPANY

    ======List of files/folders modified in the last 1 months======

    2009-07-06 19:33:30 ----D---- C:\WINDOWS\Prefetch
    2009-07-06 19:33:26 ----RD---- C:\Program Files
    2009-07-06 19:04:16 ----D---- C:\Program Files\Mozilla Firefox
    2009-07-06 18:56:41 ----D---- C:\WINDOWS\Temp
    2009-07-06 18:53:37 ----D---- C:\WINDOWS\system32
    2009-07-06 18:53:10 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-06 18:44:03 ----A---- C:\WINDOWS\system32\AvidStartupLog.txt
    2009-07-03 15:49:40 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-03 13:01:51 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-07-03 13:01:48 ----SHD---- C:\WINDOWS\Installer
    2009-07-03 13:01:48 ----SHD---- C:\Config.Msi
    2009-07-01 18:45:03 ----D---- C:\WINDOWS
    2009-06-23 18:52:56 ----D---- C:\WINDOWS\system32\Restore
    2009-06-21 18:12:34 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2009-06-21 18:12:32 ----D---- C:\Documents and Settings\Lor\Application Data\ZoomBrowser EX
    2009-06-11 22:41:45 ----D---- C:\Program Files\eMule

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
    R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
    R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2007-06-15 25244]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
    R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
    R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-09-26 76288]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-10 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
    R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-07-03 39424]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2004-08-10 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
    R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-07-23 13440]
    R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-07-23 26112]
    R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-07-23 68864]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2004-08-10 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-10 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-05-11 6738432]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2004-08-10 46720]
    S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-05-31 12416]
    S3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
    S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
    S3 G400;G400; C:\WINDOWS\System32\DRIVERS\G400m.sys [2001-08-23 322560]
    S3 G400DH;G400DH; C:\WINDOWS\System32\DRIVERS\g400dhm.sys [2004-09-14 348800]
    S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
    S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-16 5760096]
    S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-07-23 55040]
    S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2004-09-13 49611]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-10 10880]
    S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
    S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
    S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
    S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
    S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-10 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-10 15360]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 Video3D;ASUS Video3D Service; C:\WINDOWS\system32\drivers\Video3D.sys []
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\System32\DRIVERS\sr.sys [2004-08-19 73600]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
    R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2007-06-15 49152]
    R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 MGABGEXE;MGABGEXE; C:\WINDOWS\System32\mgabg.exe [2002-01-16 81920]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-05-11 163908]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
    R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-12-11 504104]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2007-06-15 1536000]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-11 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------


    info.txt logfile of random's system information tool 1.06 2009-07-06 19:33:46

    ======Uninstall list======

    -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Adibou et l'Ombre Verte V.1.00 on C-->"C:\coktel\Adibou et l'Ombre Verte\Uninst.exe"
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe After Effects 6.5-->MsiExec.exe /I{61CEB2D7-8D3B-4247-B75E-A95F6699B90A}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Photoshop 6.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
    Advanced WindowsCare 2.57 Personal-->"C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
    Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\Setup.exe" -l0x40c -uninst
    ArcSoft PhotoStudio 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}\Setup.exe" -l0x40c -uninst
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\Setup.exe" -l0x9 -removeonly
    Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Avid Core Runtime-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94EACECB-3D7C-4F31-99FD-39B95B9BA158}\Setup.exe" -l0x9 -removeonly
    Avid DIO Runtime-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6823E209-3E0C-45A6-9B6C-BCEC0B7AB145}\Setup.exe" -l0x9 -removeonly
    Avid Xpress Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FBFE41B-D08F-4A84-ACB6-16E78D7D58ED}\SETUP.exe" -l0x9 -removeonly
    BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
    Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
    Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
    Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
    Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
    Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
    CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
    Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
    Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
    Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
    Canon Utilities Digital Photo Professional 2.2-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
    Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
    Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
    Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
    Cap b2i-->MsiExec.exe /I{CB022D24-0445-4136-B636-5F40DC51E956}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB921411)-->"C:\WINDOWS\$NtUninstallKB921411$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    EDL Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57A9303E-2FF7-4AEE-BEAB-9BADF6FBAC67}\setup.exe" -l0x9
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EVEREST Home Edition v1.51-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
    iPod for Windows 2005-02-22-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B6ACFF51-248A-4290-B50B-E50C81F25B97} /l1036
    iTunes-->MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
    IZArc 3.5 beta 3-->"C:\Program Files\IZArc\unins000.exe"
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
    MadOnion.com/3DMark2001 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91B323B5-A79C-4D23-BD6D-046C565F9BCF}\Setup.exe" -l0x9 uninstall -uninst
    Matrox - Logiciel graphique (désinstaller uniquement)-->C:\WINDOWS\System32\PDesk\PDUninst.exe
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
    Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
    Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB925876)-->"C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
    Moorhuhn 2 V1.1-->C:\WINDOWS\IsUn0407.exe -fe:\games\moor\m2\Uninst.isu
    Moorhuhn 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6473724-A851-11D5-986D-00500443CF9F}\Setup.exe"
    Moorhuhn Kart XXL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49E766E4-4B3F-40F7-B987-89F2DF6D524C}\Setup.exe" -l0x7
    Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MP Manager-->MsiExec.exe /X{F5ABDD2A-122C-4B61-8074-22E84D0F4B39}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    Open Season-->C:\Program Files\InstallShield Installation Information\{545D8F61-EA1E-425F-8BC2-CE37B22320AE}\Setup.exe -runfromtemp -l0x040c -removeonly
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
    PC Probe II-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    QuickTime-->MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Sentinel System Driver 5.41.0 (32-bit)-->MsiExec.exe /I{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}
    Sony Ericsson Media Manager 1.0-->MsiExec.exe /X{37F8E751-D19B-4445-8007-831CA42A9F9E}
    Sony Ericsson PC Suite 4.010.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x040c -removeonly
    SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    StuffIt Standard-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{40ABF1E0-8B6F-4D32-B343-E19FA2F04B3C}
    TaskSwitchXP-->C:\Program Files\TaskSwitchXP\uninst.exe
    TuneUp Utilities 2003-->MsiExec.exe /I{9665B325-3F96-11D6-A1FA-000374890932}
    Tux Paint 0.9.20b-->"C:\Program Files\TuxPaint\unins000.exe"
    Tux Paint Stamps 2008.06.30-->"C:\Program Files\TuxPaint\unins001.exe"
    Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
    Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
    Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
    Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    XPize 4.6 BETA 1-->C:\WINDOWS\XPize\uninst.exe
    XviD MPEG-4 Video Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Hosts File======

    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com

    ======Security center information======

    AV: avast! antivirus 4.8.1296 [VPS 090705-0]

    ======System event log======

    Computer Name: GOODBYELOR1
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

    Record Number: 28208
    Source Name: Service Control Manager
    Time Written: 20090425094303.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: GOODBYELOR1
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 28207
    Source Name: Service Control Manager
    Time Written: 20090425094303.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: GOODBYELOR1
    Event Code: 7036
    Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

    Record Number: 28206
    Source Name: Service Control Manager
    Time Written: 20090425094303.000000+120
    Event Type: Informations
    User:

    Computer Name: GOODBYELOR1
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

    Record Number: 28205
    Source Name: Service Control Manager
    Time Written: 20090425094302.000000+120
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: GOODBYELOR1
    Event Code: 7036
    Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

    Record Number: 28204
    Source Name: Service Control Manager
    Time Written: 20090425094302.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: GOODBYELOR1
    Event Code: 302
    Message: msnmsgr (3528) \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

    Record Number: 9091
    Source Name: ESENT
    Time Written: 20090108181311.000000+060
    Event Type: Informations
    User:

    Computer Name: GOODBYELOR1
    Event Code: 301
    Message: msnmsgr (3528) \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\fsr.log.

    Record Number: 9090
    Source Name: ESENT
    Time Written: 20090108181308.000000+060
    Event Type: Informations
    User:

    Computer Name: GOODBYELOR1
    Event Code: 301
    Message: msnmsgr (3528) \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\fsr0073C.log.

    Record Number: 9089
    Source Name: ESENT
    Time Written: 20090108181308.000000+060
    Event Type: Informations
    User:

    Computer Name: GOODBYELOR1
    Event Code: 301
    Message: msnmsgr (3528) \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\fsr0073B.log.

    Record Number: 9088
    Source Name: ESENT
    Time Written: 20090108181308.000000+060
    Event Type: Informations
    User:

    Computer Name: GOODBYELOR1
    Event Code: 301
    Message: msnmsgr (3528) \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\Lor\Local Settings\Application Data\Microsoft\Messenger\lorfourcade@hotmail.fr\SharingMetadata\Working\database_A274_9045_7490_1E5B\fsr0073A.log.

    Record Number: 9087
    Source Name: ESENT
    Time Written: 20090108181308.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Avid
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

    -----------------EOF-----------------

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS