Se connecter / S'enregistrer
Votre question

Virus MSN - "HOT!HOT! http://www.isexsexsex.com/"

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Mai 2009 14:43:11

Salut, voilà mon nouveau problème, depuis ce matin j'ai mes contacts qui me disent que "je" leur envoie ce message, avec ce lien, de plus j'ai remarqué que mon PC ramait de plus en plus, et que je ne peux pas cliquer sur un résultat de recherche sur Google, ça m'envoie vers une page de pub, je dois faire copier/coller pour avoir accès au lien qui m'intéresse.
Bref voilà si quelqu'un a une solution je le remercie d'avance
Merci
++

Autres pages sur : virus msn hot hot http www isexsexsex com

a c 296 8 Sécurité
30 Mai 2009 14:43:33

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    30 Mai 2009 15:15:30

    Super merci de ton aide, donc voilà les rapports :
    log.txt :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by ETIENNE Philippe at 2009-05-30 14:42:36
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 13 GB (40%) free of 33 GB
    Total RAM: 511 MB (7% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:07:37, on 30/05/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\Norman\Npm\bin\ELOGSVC.EXE
    C:\WINDOWS\Explorer.exe
    C:\Norman\Npm\Bin\Zanda.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\dhcp\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\sopidkc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Norman\Npm\bin\NJEEVES.EXE
    C:\WINDOWS\system32\csrcs.exe
    C:\WINDOWS\system32\csrcs.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Norman\nse\bin\NSESVC.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Norman\Npm\bin\ZLH.EXE
    C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\windows\ld08.exe
    C:\windows\higeorge12.exe
    C:\windows\freddy44.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe
    C:\program Files\ThunMail\testabd.exe
    C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe
    C:\WINDOWS\system32\SYSDLL.exe
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\Norman\Nvc\bin\nvcoas.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\Norman\Nvc\bin\cclaw.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\SYSDLL.exe
    C:\Documents and Settings\ETIENNE Philippe\Bureau\RSIT.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\trend micro\ETIENNE Philippe.exe
    C:\WINDOWS\System32\svchost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
    F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
    O2 - BHO: C:\WINDOWS\system32\yhafd78auhd.dll - {c6c7b2a1-00f3-42bd-f434-00aaba2c8953} - C:\WINDOWS\system32\yhafd78auhd.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd
    O4 - HKLM\..\Run: [GameFace Messenger] C:\Program Files\GameFace Messenger\GameFace.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [adiras] adiras.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
    O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [sysldtray] C:\windows\ld08.exe
    O4 - HKLM\..\Run: [syshitray2] C:\windows\higeorge12.exe
    O4 - HKLM\..\Run: [sysfbtray] C:\windows\freddy44.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [] C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe
    O4 - HKCU\..\Run: [svc] C:\program Files\ThunMail\testabd.exe
    O4 - HKCU\..\Run: [nzdflkioezncfiunfindiuchiuenfcdc] C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe
    O4 - HKCU\..\Run: [SYSDLL] SYSDLL
    O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O20 - AppInit_DLLs: c:\progra~1\ThunMail\testabd.dll
    O22 - SharedTaskScheduler: gsf87hfunf98398jd - {C6C7B2A1-00F3-42BD-F434-00AABA2C8953} - C:\WINDOWS\system32\yhafd78auhd.dll
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Dhcp server (dhcpsrv) - Unknown owner - C:\WINDOWS\dhcp\svchost.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\

    --
    End of file - 13412 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\HPpromotions journeysoftware.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6c7b2a1-00f3-42bd-f434-00aaba2c8953}]
    C:\WINDOWS\system32\yhafd78auhd.dll - C:\WINDOWS\system32\yhafd78auhd.dll [2009-05-29 15000]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-06-10 2436160]
    {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-01-25 806912]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-01 7118848]
    "nwiz"=nwiz.exe /install []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-22 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-22 688218]
    "Zshutdown"=c:\sysprep\patch\sysprep.cmd []
    "GameFace Messenger"=C:\Program Files\GameFace Messenger\GameFace.exe []
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "adiras"=adiras.exe []
    "RemoteControl"=C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2004-11-02 32768]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
    "Norman ZANDA"=C:\Norman\Npm\bin\ZLH.EXE [2008-06-02 273520]
    "ChangeFilterMerit"=C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
    "Presto! PVR Monitor"=C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-01-15 157520]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "sysldtray"=C:\windows\ld08.exe [2009-05-29 14848]
    "syshitray2"=C:\windows\higeorge12.exe [2009-05-29 30720]
    "sysfbtray"=C:\windows\freddy44.exe [2009-05-29 44032]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-05-26 414480]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    "csrcs"=C:\WINDOWS\system32\csrcs.exe [2008-04-14 880470]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-01 68856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-05-12 321344]
    ""=C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe [2009-05-29 15001]
    "svc"=C:\program Files\ThunMail\testabd.exe [2009-05-29 61440]
    "nzdflkioezncfiunfindiuchiuenfcdc"=C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe [2009-05-29 15001]
    "SYSDLL"=SYSDLL []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    C:\Documents and Settings\ETIENNE Philippe\Menu Démarrer\Programmes\Démarrage
    OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="c:\progra~1\ThunMail\testabd.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    gsf87hfunf98398jd - {C6C7B2A1-00F3-42BD-F434-00AABA2C8953} - C:\WINDOWS\system32\yhafd78auhd.dll [2009-05-29 15000]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\System32\USMT\migwiz.exe"="C:\WINDOWS\System32\USMT\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
    "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Caplio Software\RGateLXP.exe"="C:\Program Files\Caplio Software\RGateLXP.exe:*:Enabled:RICOH Gate La for DSC"
    "C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe"="C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe:*:D isabled:LiveUpdt"
    "C:\Program Files\jade2006\jre\bin\javaw.exe"="C:\Program Files\jade2006\jre\bin\javaw.exe:*:Enabled:javaw"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
    "C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
    "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

    ======List of files/folders created in the last 1 months======

    2009-05-30 14:42:36 ----D---- C:\rsit
    2009-05-30 14:26:54 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\Malwarebytes
    2009-05-30 14:26:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-30 14:26:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-30 14:24:21 ----D---- C:\MSNCleaner
    2009-05-30 11:19:51 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\Desktopicon
    2009-05-30 11:19:45 ----D---- C:\Program Files\Unlocker
    2009-05-30 00:30:26 ----D---- C:\WINDOWS\Minidump
    2009-05-29 23:32:36 ----H---- C:\WINDOWS\higeorge12.exe
    2009-05-29 23:32:36 ----H---- C:\WINDOWS\freddy44.exe
    2009-05-29 21:32:27 ----A---- C:\WINDOWS\system32\SYSDLL.exe
    2009-05-29 21:32:25 ----D---- C:\WINDOWS\system32\sysloc
    2009-05-29 21:30:43 ----D---- C:\WINDOWS\dhcp
    2009-05-29 21:30:11 ----A---- C:\WINDOWS\system32\tpsaxyd.exe
    2009-05-29 21:29:40 ----RSHD---- C:\Program Files\ThunMail
    2009-05-29 21:29:35 ----H---- C:\WINDOWS\ld08.exe
    2009-05-29 21:29:18 ----A---- C:\yelhim.exe
    2009-05-29 21:29:18 ----A---- C:\orsxsg.exe
    2009-05-29 21:29:04 ----A---- C:\pxvv.exe
    2009-05-29 21:29:01 ----A---- C:\WINDOWS\system32\xpsvc32.exe
    2009-05-29 21:29:00 ----A---- C:\WINDOWS\system32\yhafd78auhd.dll
    2009-05-29 21:28:59 ----A---- C:\WINDOWS\system32\korn.exe
    2009-05-24 21:01:50 ----D---- C:\Sounds
    2009-05-24 20:52:35 ----D---- C:\Program Files\LG Electronics
    2009-05-24 20:48:33 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
    2009-05-24 20:47:52 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\LG Electronics
    2009-05-24 13:09:28 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\Broad Intelligence
    2009-05-23 11:10:11 ----D---- C:\ubuntu
    2009-05-21 14:41:47 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\InfraRecorder
    2009-05-21 11:47:19 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-05-20 20:22:01 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\dvdcss
    2009-05-20 13:32:08 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-20 13:31:46 ----D---- C:\Program Files\iPod
    2009-05-20 13:31:05 ----D---- C:\Program Files\iTunes
    2009-05-20 13:31:05 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-20 13:30:21 ----D---- C:\Program Files\Bonjour
    2009-05-20 13:25:30 ----D---- C:\Program Files\Apple Software Update
    2009-05-20 13:24:40 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
    2009-05-20 13:23:57 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-05-20 13:23:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2009-05-19 12:14:34 ----SHD---- C:\FOUND.006
    2009-05-12 19:15:45 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\BitTorrent
    2009-05-12 19:12:35 ----D---- C:\Program Files\DNA
    2009-05-12 19:12:34 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\DNA
    2009-05-12 19:12:19 ----D---- C:\Program Files\BitTorrent
    2009-05-12 19:10:46 ----D---- C:\Program Files\AskBarDis

    ======List of files/folders modified in the last 1 months======

    2009-05-25 21:42:24 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-13 08:47:14 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-13 08:18:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-05-12 20:40:26 ----A---- C:\WINDOWS\win.ini
    2009-05-07 09:16:30 ----A---- C:\WINDOWS\system32\MRT.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 NGS;Norman General Security Driver; \??\c:\norman\nvc\bin\ngs.sys []
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-11-24 17801]
    R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 Ndiskio;Ndiskio; \??\C:\Norman\Nse\bin\NDISKIO.SYS []
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-22 11776]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 Cam5603D;BisonCam, NB Pro; C:\WINDOWS\System32\Drivers\BisonCam.sys [2005-04-18 646656]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-08 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-01 3208800]
    R3 NvcMFlt;NvcMFlt; C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2009-01-22 19512]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-07-01 9856]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
    S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
    S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
    S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfo.sys []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
    S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 ntalme;ntalme; \??\C:\WINDOWS\system32\ntalme.sys []
    S3 nvcfsr;nvcfsr; \??\C:\Norman\Nvc\bin\nvcfsr.sys []
    S3 nvcoafl51;nvcoafl51; \??\C:\Norman\Nvc\bin\nvcoafl51.sys []
    S3 nvcoaft51;nvcoaft51; \??\C:\Norman\Nvc\bin\nvcoaft51.sys []
    S3 nvcoarc51;nvcoarc51; \??\C:\Norman\Nvc\bin\nvcoarc51.sys []
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\WINDOWS\system32\DRIVERS\SMCWGU.sys []
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-22 186240]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;6to4; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 dhcpsrv;Dhcp server; C:\WINDOWS\dhcp\svchost.exe [2009-05-29 240640]
    R2 eLoggerSvc6;Norman eLogger service 6; C:\Norman\Npm\bin\ELOGSVC.EXE [2007-08-30 150584]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 Norman ZANDA;Norman ZANDA; C:\Norman\Npm\Bin\Zanda.exe [2008-04-23 408696]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-01 127042]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 118784]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 sopidkc;sopidkc Service; C:\WINDOWS\system32\sopidkc.exe [2004-08-05 124416]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    R3 Norman NJeeves;Norman NJeeves; C:\Norman\Npm\bin\NJEEVES.EXE [2008-03-27 150584]
    R3 nsesvc;Norman Scanner Engine Service; C:\Norman\nse\bin\NSESVC.EXE [2009-05-19 310328]
    R3 nvcoas;Norman Virus Control on-access component; C:\Norman\Nvc\bin\nvcoas.exe [2009-02-05 183352]
    R3 NVCScheduler;Norman Virus Control Scheduler; C:\Norman\Nvc\BIN\NVCSCHED.EXE [2008-03-11 146488]
    S2 msncache;msncache; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-10 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------


    info.txt :

    info.txt logfile of random's system information tool 1.06 2009-05-30 15:07:58

    ======Uninstall list======

    -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNNMP.exe /UNINSTALL
    -->MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
    -->MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Photoshop Elements 3.0-->MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382}
    Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
    adsl TV-->C:\Program Files\adslTV\Uninstal.exe
    AGEIA PhysX v7.09.13-->MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
    Alcohol 120%-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
    Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    Asus ChkMail-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"
    ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x40c
    ASUS Live Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Program Files\ASUS\ASUS Live Update\Uninst.dll"
    ASUS VideoSecurity Online-->c:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{169E414A-37C7-434E-9021-27A03AE087CD}
    Asus_A6_ScreenSaver-->C:\WINDOWS\Asus_A6_ScreenSaver.scr /u
    ASUSDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
    Battlestrike - Dans la ligne de mire-->"C:\Program Files\City Interactive\Battlestrike - Dans la ligne de mire\uninstall.exe"
    BisonCam, NB Pro-->C:\WINDOWS\BisonRem.exe
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Caplio Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{80819F5D-9E5D-4D77-B3F0-36557B3086A6}\setup.exe" -l0x40c anything
    Cave à Vins 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FD1C1EA-2F8C-42C8-89BA-A1A005F8720A}\SETUP.EXE" -l0x40c
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Digital Video-->C:\Program Files\InstallShield Installation Information\{C833C7B6-1140-471D-932B-391B5CA66D7D}\setup.exe -runfromtemp -l0x040c -removeonly
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
    GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
    HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_10431966
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    ImageMixer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B07D847-8077-4242-91C7-DFA3CE5113E0}\setup.exe" -l0x40c UNINSTALL
    InfraRecorder-->D:\Program Files\InfraRecorder\uninstall.exe
    Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
    InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
    iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
    IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x040c -removeonly
    LG USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
    L'Internet ADSL de Cegetel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A16E2D86-7D92-48F4-9649-6029C96D4D8F}\Setup.exe" -l0x40c
    Macromedia Shockwave Player-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    mCore-->MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
    mDriver-->MsiExec.exe /I{28DA872A-0848-48CF-B749-19A198157A2A}
    mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    Medi@Show-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\CyberLink\MediaShow\Uninst.isu"
    MediaCoder 0.7.0.4399-->D:\Program Files\MediaCoder\uninst.exe
    mEoU.msi-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office XP Professional-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Publisher 2002-->MsiExec.exe /I{9119040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
    MicroStaff WINASPI-->C:\MWASPI\uninst.exe
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mIWCA-->MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
    mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    MonkeyJam 3_050529-->"D:\Program Files\MonkeyJam\unins000.exe"
    Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    mZConfig-->MsiExec.exe /I{7CD7A451-7224-49C8-95EF-9A1859C66607}
    NB Probe-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9
    Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall
    Norman Virus Control-->C:\Norman\NVC\BIN\DelNVC5.exe
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
    Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
    PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_7562.exe" _?=C:\Program Files\PDFCreator Toolbar
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9
    PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -uninstall
    Presto! PVR-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}\setup.exe" -l0x40c -u -removeonly
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r
    S826B-->C:\Program Files\InstallShield Installation Information\{7FF90D04-A60F-42A0-8F78-88623F99DCAC}\setup.exe -runfromtemp -l0x040c -removeonly
    SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
    Screen Lock-->C:\Program Files\Screen Lock\Uninstal.exe
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Ubuntu-->C:\ubuntu\uninstall-wubi.exe
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VideoLAN VLC media player 0.8.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
    Wireless Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
    XVID Codec Installation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{534C6D59-D6E3-48A6-AD0B-747799019960}\Setup.exe" -l0x40c

    ======Security center information======

    AV: Norman Virus Control ver. 5.99

    ======System event log======

    Computer Name: ETIENNEPHILIPPE
    Event Code: 7036
    Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

    Record Number: 539891
    Source Name: Service Control Manager
    Time Written: 20090512171744.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 7036
    Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

    Record Number: 539890
    Source Name: Service Control Manager
    Time Written: 20090512171744.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

    Record Number: 539889
    Source Name: Service Control Manager
    Time Written: 20090512171744.000000+120
    Event Type: Informations
    User: ETIENNEPHILIPPE\ETIENNE Philippe

    Computer Name: ETIENNEPHILIPPE
    Event Code: 7036
    Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

    Record Number: 539888
    Source Name: Service Control Manager
    Time Written: 20090512171737.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 7036
    Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

    Record Number: 539887
    Source Name: Service Control Manager
    Time Written: 20090512171737.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: ETIENNEPHILIPPE
    Event Code: 0
    Message:
    Record Number: 13145
    Source Name: EvtEng
    Time Written: 20080902194355.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 13144
    Source Name: SecurityCenter
    Time Written: 20080902140201.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 0
    Message:
    Record Number: 13143
    Source Name: RegSrvc
    Time Written: 20080902140119.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 0
    Message:
    Record Number: 13142
    Source Name: OwnershipProtocol
    Time Written: 20080902140119.000000+120
    Event Type: Informations
    User:

    Computer Name: ETIENNEPHILIPPE
    Event Code: 2570
    Message: Le service Adobe Active File Monitor a démarré.

    Record Number: 13141
    Source Name: Adobe Active File Monitor
    Time Written: 20080902140116.000000+120
    Event Type:
    User:

    =====Security event log=====

    Computer Name: ETIENNEPHILIPPE
    Event Code: 537
    Message: Échec de l'ouverture de session :

    Raison : Erreur lors de l'ouverture de session

    Nom de l'utilisateur : ETIENNE Philippe

    Domaine : ETIENNEPHILIPPE

    Type d'ouverture de session : 3

    Processus d'ouv. de session : î-ÄwÌúá

    Package d'authentification : NTLM

    Nom de station de travail : ETIENNEPHILIPPE

    Code du statut : 0xC000006D

    Code du sous-statut : 0xE1F9F4

    Record Number: 179797
    Source Name: Security
    Time Written: 20090530141731.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SYSTEM

    Computer Name: ETIENNEPHILIPPE
    Event Code: 537
    Message: Échec de l'ouverture de session :

    Raison : Erreur lors de l'ouverture de session

    Nom de l'utilisateur : ETIENNE Philippe

    Domaine : ETIENNEPHILIPPE

    Type d'ouverture de session : 3

    Processus d'ouv. de session : î-ÄwÌúá

    Package d'authentification : NTLM

    Nom de station de travail : ETIENNEPHILIPPE

    Code du statut : 0xC000006D

    Code du sous-statut : 0xE1F9F4

    Record Number: 179796
    Source Name: Security
    Time Written: 20090530141730.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SYSTEM

    Computer Name: ETIENNEPHILIPPE
    Event Code: 537
    Message: Échec de l'ouverture de session :

    Raison : Erreur lors de l'ouverture de session

    Nom de l'utilisateur : ETIENNE Philippe

    Domaine : ETIENNEPHILIPPE

    Type d'ouverture de session : 3

    Processus d'ouv. de session : î-ÄwÌúá

    Package d'authentification : NTLM

    Nom de station de travail : ETIENNEPHILIPPE

    Code du statut : 0xC000006D

    Code du sous-statut : 0xE1F9F4

    Record Number: 179795
    Source Name: Security
    Time Written: 20090530141728.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SYSTEM

    Computer Name: ETIENNEPHILIPPE
    Event Code: 537
    Message: Échec de l'ouverture de session :

    Raison : Erreur lors de l'ouverture de session

    Nom de l'utilisateur : ETIENNE Philippe

    Domaine : ETIENNEPHILIPPE

    Type d'ouverture de session : 3

    Processus d'ouv. de session : î-ÄwÌúá

    Package d'authentification : NTLM

    Nom de station de travail : ETIENNEPHILIPPE

    Code du statut : 0xC000006D

    Code du sous-statut : 0xE1F9F4

    Record Number: 179794
    Source Name: Security
    Time Written: 20090530141727.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SYSTEM

    Computer Name: ETIENNEPHILIPPE
    Event Code: 537
    Message: Échec de l'ouverture de session :

    Raison : Erreur lors de l'ouverture de session

    Nom de l'utilisateur : ETIENNE Philippe

    Domaine : ETIENNEPHILIPPE

    Type d'ouverture de session : 3

    Processus d'ouv. de session : î-ÄwÌúá

    Package d'authentification : NTLM

    Nom de station de travail : ETIENNEPHILIPPE

    Code du statut : 0xC000006D

    Code du sous-statut : 0xE1F9F4

    Record Number: 179793
    Source Name: Security
    Time Written: 20090530141726.000000+120
    Event Type: Échec de l'audit
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%NpmLib%;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0d08
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT
    Contenus similaires
    a c 296 8 Sécurité
    30 Mai 2009 15:17:38

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    30 Mai 2009 16:36:27

    Voilà, certains fichiers n'ont pas pu être supprimés :

    Malwarebytes' Anti-Malware 1.37
    Version de la base de données: 2196
    Windows 5.1.2600 Service Pack 3

    30/05/2009 15:44:51
    mbam-log-2009-05-30 (15-44-51).txt

    Type de recherche: Examen rapide
    Eléments examinés: 102677
    Temps écoulé: 10 minute(s), 57 second(s)

    Processus mémoire infecté(s): 11
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 18
    Valeur(s) du Registre infectée(s): 8
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 34

    Processus mémoire infecté(s):
    C:\WINDOWS\dhcp\svchost.exe (Trojan.Agent) -> Unloaded process successfully.
    C:\WINDOWS\ld08.exe (Worm.Koobface) -> Unloaded process successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Temp\vzl2n2vl82.exe (Trojan.WinWebSec) -> Unloaded process successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Temp\vzl2n2vl82.exe (Trojan.WinWebSec) -> Unloaded process successfully.
    C:\WINDOWS\system32\SYSDLL.exe (Trojan.Proxy) -> Unloaded process successfully.
    C:\WINDOWS\system32\SYSDLL.exe (Trojan.Proxy) -> Unloaded process successfully.
    C:\program Files\ThunMail\testabd.exe (Spyware.OnlineGamer) -> Unloaded process successfully.
    C:\WINDOWS\freddy44.exe (Worm.KoobFace) -> Unloaded process successfully.
    C:\WINDOWS\system32\csrcs.exe (Trojan.Agent) -> Unloaded process successfully.
    C:\WINDOWS\system32\sopidkc.exe (Backdoor.Bot) -> Unloaded process successfully.
    C:\WINDOWS\higeorge12.exe (Worm.KoobFace) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\yhafd78auhd.dll (Trojan.FakeAlert) -> Delete on reboot.
    c:\WINDOWS\system32\6to4v32.dll (Trojan.Agent) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{c6c7b2a1-00f3-42bd-f434-00aaba2c8953} (Trojan.Zlob.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6c7b2a1-00f3-42bd-f434-00aaba2c8953} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6c7b2a1-00f3-42bd-f434-00aaba2c8953} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dhcpsrv (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\dhcpsrv (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dhcpsrv (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ntalme (Rootkit.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ntalme (Rootkit.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ntalme (Rootkit.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msncache (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msncache (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\msncache (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\6to4 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\6to4 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\6to4 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sopidkc (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sopidkc (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sopidkc (Backdoor.Bot) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c6c7b2a1-00f3-42bd-f434-00aaba2c8953} (Trojan.Zlob.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Worm.Koobface) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svc (Spyware.OnlineGamer) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrcs (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdll (Worm.Autorun) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syshitray2 (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nzdflkioezncfiunfindiuchiuenfcdc (Trojan.Downloader) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Spyware.OnlineGamer) -> Data: c:\progra~1\thunmail\testabd.dll -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe csrcs.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Program Files\ThunMail (Spyware.OnlineGamer) -> Delete on reboot.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\yhafd78auhd.dll (Trojan.Zlob.H) -> Delete on reboot.
    C:\WINDOWS\dhcp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\ld08.exe (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Temp\vzl2n2vl82.exe (Trojan.WinWebSec) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\SYSDLL.exe (Trojan.Proxy) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\korn.exe (Worm.Autorun) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\tpsaxyd.exe (Backdoor.Refpron) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\ntalme.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\wtukd32.exe (Backdoor.Refpron) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\tpszxyd.sys (Backdoor.Refpron) -> Quarantined and deleted successfully.
    c:\yelhim.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\orsxsg.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    c:\documents and settings\etienne philippe\local settings\Temp\zjhufhdfe.exe (Trojan.WinWebSec) -> Quarantined and deleted successfully.
    c:\documents and settings\etienne philippe\local settings\Temp\xswedfvbnjhrfliuyf44.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    c:\WINDOWS\Temp\t4m0_258305550491.bk.old (Backdoor.Refpron) -> Quarantined and deleted successfully.
    c:\documents and settings\localservice\local settings\temporary internet files\Content.IE5\QX3S35IR\w[1].bin (Backdoor.Refpron) -> Quarantined and deleted successfully.
    c:\documents and settings\etienne philippe\local settings\temporary internet files\Content.IE5\KJSSD4YA\6244[1].exe (Worm.Koobface) -> Quarantined and deleted successfully.
    c:\documents and settings\etienne philippe\local settings\temporary internet files\Content.IE5\L5LA9DMD\nfr[1].exe (Trojan.Proxy) -> Quarantined and deleted successfully.
    c:\program files\ThunMail\testabd.dll (Spyware.OnlineGamer) -> Delete on reboot.
    c:\program files\ThunMail\testabd.exe (Spyware.OnlineGamer) -> Quarantined and deleted successfully.
    c:\WINDOWS\freddy44.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msncache.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\6to4v32.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\comsa32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\csrcs.exe (Trojan.Agent) -> Delete on reboot.
    c:\WINDOWS\system32\dpcxool64.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sopidkc.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    c:\WINDOWS\higeorge12.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\him2.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sysloc\sysloc.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    c:\WINDOWS\sonce122713.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    c:\WINDOWS\sonce122717.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    a c 296 8 Sécurité
    30 Mai 2009 18:27:41

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    30 Mai 2009 19:29:37

    Merci je trouve qu'il est déjà plus rapide, voilà le log :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by ETIENNE Philippe at 2009-05-30 19:25:06
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 13 GB (39%) free of 33 GB
    Total RAM: 511 MB (44% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:25:54, on 30/05/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Norman\Npm\bin\ELOGSVC.EXE
    C:\Norman\Npm\Bin\Zanda.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\ASUS\NB Probe\NBProbe.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Norman\Npm\bin\ZLH.EXE
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Norman\Npm\bin\NJEEVES.EXE
    C:\Norman\nse\bin\NSESVC.EXE
    C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Norman\Nvc\BIN\NVCSCHED.EXE
    C:\Norman\Nvc\bin\nvcoas.exe
    C:\Norman\Nvc\BIN\NIP.EXE
    C:\Norman\Nvc\bin\cclaw.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\ETIENNE Philippe\Bureau\RSIT.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\trend micro\ETIENNE Philippe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101764&l=dis
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [NB Probe] C:\Program Files\ASUS\NB Probe\NBProbe.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd
    O4 - HKLM\..\Run: [GameFace Messenger] C:\Program Files\GameFace Messenger\GameFace.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [adiras] adiras.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
    O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [] C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\

    --
    End of file - 11805 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\HPpromotions journeysoftware.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-06-10 2436160]
    {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-01-25 806912]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-01 7118848]
    "nwiz"=nwiz.exe /install []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-06 14850560]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032]
    "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2005-06-16 86016]
    "NB Probe"=C:\Program Files\ASUS\NB Probe\NBProbe.exe [2005-07-27 765952]
    "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-07-22 57344]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-22 98394]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-22 688218]
    "Zshutdown"=c:\sysprep\patch\sysprep.cmd []
    "GameFace Messenger"=C:\Program Files\GameFace Messenger\GameFace.exe []
    "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-05-31 401408]
    ""= []
    "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-06-03 385024]
    "EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-05-31 356352]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "adiras"=adiras.exe []
    "RemoteControl"=C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2004-11-02 32768]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
    "Norman ZANDA"=C:\Norman\Npm\bin\ZLH.EXE [2008-06-02 273520]
    "ChangeFilterMerit"=C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
    "Presto! PVR Monitor"=C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-01-15 157520]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-01 68856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-05-12 321344]
    ""=C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\vzl2n2vl82.exe []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    C:\Documents and Settings\ETIENNE Philippe\Menu Démarrer\Programmes\Démarrage
    OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]
    C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [2005-05-31 110592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\System32\USMT\migwiz.exe"="C:\WINDOWS\System32\USMT\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
    "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Caplio Software\RGateLXP.exe"="C:\Program Files\Caplio Software\RGateLXP.exe:*:Enabled:RICOH Gate La for DSC"
    "C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe"="C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe:*:D isabled:LiveUpdt"
    "C:\Program Files\jade2006\jre\bin\javaw.exe"="C:\Program Files\jade2006\jre\bin\javaw.exe:*:Enabled:javaw"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
    "C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
    "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
    "C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
    "C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

    ======List of files/folders created in the last 1 months======

    2009-05-30 14:42:36 ----D---- C:\rsit
    2009-05-30 14:26:54 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\Malwarebytes
    2009-05-30 14:26:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-30 14:26:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-05-30 14:24:21 ----D---- C:\MSNCleaner
    2009-05-30 11:19:51 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\Desktopicon
    2009-05-30 11:19:45 ----D---- C:\Program Files\Unlocker
    2009-05-30 00:30:26 ----D---- C:\WINDOWS\Minidump
    2009-05-29 21:32:25 ----D---- C:\WINDOWS\system32\sysloc
    2009-05-29 21:30:43 ----D---- C:\WINDOWS\dhcp
    2009-05-29 21:29:04 ----A---- C:\pxvv.exe
    2009-05-29 21:29:01 ----A---- C:\WINDOWS\system32\xpsvc32.exe
    2009-05-24 21:01:50 ----D---- C:\Sounds
    2009-05-24 20:52:35 ----D---- C:\Program Files\LG Electronics
    2009-05-24 20:48:33 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
    2009-05-24 20:47:52 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\LG Electronics
    2009-05-24 13:09:28 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\Broad Intelligence
    2009-05-23 11:10:11 ----D---- C:\ubuntu
    2009-05-21 14:41:47 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\InfraRecorder
    2009-05-21 11:47:19 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-05-20 20:22:01 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\dvdcss
    2009-05-20 13:32:08 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-05-20 13:31:46 ----D---- C:\Program Files\iPod
    2009-05-20 13:31:05 ----D---- C:\Program Files\iTunes
    2009-05-20 13:31:05 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-05-20 13:30:21 ----D---- C:\Program Files\Bonjour
    2009-05-20 13:25:30 ----D---- C:\Program Files\Apple Software Update
    2009-05-20 13:24:40 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
    2009-05-20 13:23:57 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-05-20 13:23:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2009-05-19 12:14:34 ----SHD---- C:\FOUND.006
    2009-05-12 19:15:45 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\BitTorrent
    2009-05-12 19:12:35 ----D---- C:\Program Files\DNA
    2009-05-12 19:12:34 ----D---- C:\Documents and Settings\ETIENNE Philippe\Application Data\DNA
    2009-05-12 19:12:19 ----D---- C:\Program Files\BitTorrent
    2009-05-12 19:10:46 ----D---- C:\Program Files\AskBarDis

    ======List of files/folders modified in the last 1 months======

    2009-05-30 16:36:02 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-25 21:42:24 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-13 08:18:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-05-12 20:40:26 ----A---- C:\WINDOWS\win.ini
    2009-05-07 09:16:30 ----A---- C:\WINDOWS\system32\MRT.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-06-09 23040]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 NGS;Norman General Security Driver; \??\c:\norman\nvc\bin\ngs.sys []
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-11-24 17801]
    R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
    R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-01-16 13059]
    R2 Ndiskio;Ndiskio; \??\C:\Norman\Nse\bin\NDISKIO.SYS []
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-05-03 11354]
    R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-22 11776]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 Cam5603D;BisonCam, NB Pro; C:\WINDOWS\System32\Drivers\BisonCam.sys [2005-04-18 646656]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-01-16 1036928]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-01-16 163328]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-08 3959808]
    R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-01 3208800]
    R3 NvcMFlt;NvcMFlt; C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2009-01-22 19512]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-07-01 9856]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-16 702592]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
    S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
    S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
    S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfo.sys []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
    S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nvcfsr;nvcfsr; \??\C:\Norman\Nvc\bin\nvcfsr.sys []
    S3 nvcoafl51;nvcoafl51; \??\C:\Norman\Nvc\bin\nvcoafl51.sys []
    S3 nvcoaft51;nvcoaft51; \??\C:\Norman\Nvc\bin\nvcoaft51.sys []
    S3 nvcoarc51;nvcoarc51; \??\C:\Norman\Nvc\bin\nvcoarc51.sys []
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\WINDOWS\system32\DRIVERS\SMCWGU.sys []
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-22 186240]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
    S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
    S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D.sys []
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
    R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-08-07 253952]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 eLoggerSvc6;Norman eLogger service 6; C:\Norman\Npm\bin\ELOGSVC.EXE [2007-08-30 150584]
    R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-06-03 86016]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 Norman ZANDA;Norman ZANDA; C:\Norman\Npm\Bin\Zanda.exe [2008-04-23 408696]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-01 127042]
    R2 OwnershipProtocol;OwnershipProtocol; C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe [2005-05-31 98304]
    R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 118784]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-06-03 139264]
    R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-06-03 372809]
    R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2005-04-20 118784]
    R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
    R3 Norman NJeeves;Norman NJeeves; C:\Norman\Npm\bin\NJEEVES.EXE [2008-03-27 150584]
    R3 nsesvc;Norman Scanner Engine Service; C:\Norman\nse\bin\NSESVC.EXE [2009-05-19 310328]
    R3 nvcoas;Norman Virus Control on-access component; C:\Norman\Nvc\bin\nvcoas.exe [2009-02-05 183352]
    R3 NVCScheduler;Norman Virus Control Scheduler; C:\Norman\Nvc\BIN\NVCSCHED.EXE [2008-03-11 146488]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-10 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    30 Mai 2009 19:32:38

    Par contre toujours le soucis des moteurs de recherche, toujours ces pages de pub qui se chargent à la place des liens sur lesquels j'ai cliqué... (sous Firefox comme sur IE).
    a c 296 8 Sécurité
    30 Mai 2009 19:34:38

    Tu connais ce dossier : C:\Sounds ?
    30 Mai 2009 19:54:03

    Ah non connais pas, il est vide d'ailleurs, enfin il a un sous dossier Playlists, vide aussi.
    a c 296 8 Sécurité
    30 Mai 2009 20:01:02

    Je m'absente.

    Citation :
    2009-05-29 21:29:04 ----A---- C:\pxvv.exe
    2009-05-29 21:29:01 ----A---- C:\WINDOWS\system32\xpsvc32.exe


  • Fais analyser ces deux fichiers sur VirusTotal et poste les liens des analyses.
    30 Mai 2009 22:06:06

    Je profite d'ailleurs de ce sujet, depuis, j'ai aussi mes navigateurs qui se mettent en proxy tout seul, proxy réglé sur du localhost donc forcement ça marche pas. J'ai beau le remettre d'origine sans proxy, dès que j'ouvre le navigateur le proxy est de nouveau là. Donc j'imagine que c'est une autre saloperie de malware qu'un couillon a pris mumuse à faire...
    a c 296 8 Sécurité
    30 Mai 2009 23:25:19

    Le premier lien ne fonctionne pas.
    30 Mai 2009 23:28:29

    En effet, il fonctionnait pourtant toute à l'heure, bref j'ai viré le fichier de toutes façons, je ne voyais pas trop à quoi il pouvait servir de toutes façons.
    Encore merci de ton aide, mon PC tourne déjà beaucoup mieux.
    a c 296 8 Sécurité
    30 Mai 2009 23:42:32

    Citation :
    2009-05-29 21:32:25 ----D---- C:\WINDOWS\system32\sysloc
    2009-05-29 21:30:43 ----D---- C:\WINDOWS\dhcp

    ---> Que contient ces dossiers ?
    a c 296 8 Sécurité
    30 Mai 2009 23:48:32

    Je vais m'absenter.

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\WINDOWS\system32\sysloc
    C:\WINDOWS\dhcp
    C:\pxvv.exe
    C:\WINDOWS\system32\xpsvc32.exe
    C:\Program Files\AskBarDis

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    31 Mai 2009 10:30:53

    J'ai plusieurs messages d'erreur :
    OTM : OTM.exe - Fichier endommagé
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\EG47I9OQ\i_removable_m[2] est endommagé et illisible. Exécutez l'utilitaire CHKDSK

    Puis :
    OTM : OTM.exe - Fichier endommagé
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\8VVJLGAZ\i_removable_m[1] est endommagé et illisible. Exécutez l'utilitaire CHKDSK

    Puis :
    OTM : OTM.exe - Fichier endommagé
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\N97IDF3S\i_cd_m[1] est endommagé et illisible. Exécutez l'utilitaire CHKDSK

    Puis :
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\6Y85ZUYL\i_cd_m[1] est endommagé et illisible. Exécutez l'utilitaire CHKDSK

    Puis :
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\K83OSOMA\i_drive_m[1] est endommagé et illisible. Exécutez l'utilitaire CHKDSK

    Puis :
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\OQLKS9OR\i_cd_m[1] est endommagé et illisible. Exécutez l'utilitaire CHKDSK

    Et (enfin ):
    Le fichier ou le répertoire \Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1gazpeu.defaut\Cache.Trash\Cache\683145C8d01 est endommagé et illisible. Exécutez l'utilitaire CHKDSK.

    Voilà, de plus au moment où j'écris ce message, je n'ai plus accès à la barre de tâches.
    31 Mai 2009 10:41:15

    Néanmoins, après avoir réduit la fenêtre de mon navigateur, j'ai vu que OTM me proposait de redémarrer. J'ai donc accepté, et voilà le rapport :

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    File/Folder C:\WINDOWS\system32\sysloc not found.
    File/Folder C:\WINDOWS\dhcp not found.
    File/Folder C:\pxvv.exe not found.
    File/Folder C:\WINDOWS\system32\xpsvc32.exe not found.
    File/Folder C:\Program Files\AskBarDis not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DF9F48.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DFA9B9.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DFB563.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DFB748.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\etilqs_HjYcoV1sHSgInQOQZpNS scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\6Y85ZUYL\ADSAdClient31[1].htm scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\nvcbin.def.7683f5b2.tmp scheduled to be deleted on reboot.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_c0.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\XUL.mfl scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTM by OldTimer - Version 2.1.0.0 log created on 05312009_102041

    Files moved on Reboot...
    File C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DF9F48.tmp not found!
    File C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DFA9B9.tmp not found!
    File C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DFB563.tmp not found!
    File C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\~DFB748.tmp not found!
    File C:\DOCUME~1\ETIENN~1\LOCALS~1\Temp\etilqs_HjYcoV1sHSgInQOQZpNS not found!
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Temporary Internet Files\Content.IE5\6Y85ZUYL\ADSAdClient31[1].htm moved successfully.
    C:\Documents and Settings\LocalService\Local Settings\Temp\nvcbin.def.7683f5b2.tmp moved successfully.
    File C:\WINDOWS\temp\Perflib_Perfdata_c0.dat not found!
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\XUL.mfl moved successfully.
    C:\Documents and Settings\ETIENNE Philippe\Local Settings\Application Data\Mozilla\Firefox\Profiles\1jgazpeu.default\urlclassifier3.sqlite moved successfully.

    Registry entries deleted on Reboot...
    a c 296 8 Sécurité
    31 Mai 2009 11:38:07

  • Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)

  • En bas à droite, clique sur Démarrer Online-scanner.

  • Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.

  • Accepte les Contrôles ActiveX.

  • Choisis Poste de travail pour le scan.

  • Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.

  • Pour t'aider à utiliser le scan en ligne : Tutoriel

    Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.
    31 Mai 2009 13:13:09

    J'ai un message d'erreur :
    "Certains composants sont endommagés ou ne sont pas correctement installés. Veuillez réinstaller l'application".
    Donc il faut que je désinstalle On-Line Scanner et que je le réinstalle par la suite ?
    a c 296 8 Sécurité
    31 Mai 2009 13:30:03

    Tu peux essayer.
    31 Mai 2009 22:52:15

    Désolé je viens de rentrer d'une après midi chargée, je n'ai pas pu essayer de désinstaller et réinstaller le scanner en ligne, je ferai ça demain.
    Merci de ton aide
    ++
    a c 296 8 Sécurité
    1 Juin 2009 02:23:30

    Ok, bonne nuit ;) 
    1 Juin 2009 20:25:37

    Donc après réinstallation, ça ne fonctionne toujours pas...
    2 Juillet 2009 00:05:33

    Salut, désolé de temps de la réponse mais je n'avais pas vu la tienne ;-)
    Donc voilà, après test il n'a rien trouvé.
    Merci encore
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS