Votre question

PC RAM A MORT

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Mai 2009 20:57:46

Bonjour,
depuis hier mon PC c'est mis ramer grave alors que je n'est rien fait de spéciale, aucune installation ni téléchargement,
a un moment l'explorateur windows utilisé comme mémoire plus de 700 000 K. Je sais si un virus a causé cela ou un programme. De plus, j'ai observé les programme ouvert dans le gestionnaire des taches et que des programme
nécessaire au fonctionnement de windows. (je suis sous vista).


Merci d'avance a ceux qui m'aideront.

Autres pages sur : ram mort

a c 295 8 Sécurité
7 Mai 2009 21:21:29

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    7 Mai 2009 23:16:07

    Tout d'abbord Destrio5, merci de t'être interéssé à mon cas.

    Voici les 2 rapport.

    info :

    info.txt logfile of random's system information tool 1.06 2009-05-07 23:02:14

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    -->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    -->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
    -->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    -->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    -->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    -->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    -->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    -->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
    Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
    Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
    Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AOL - Assistant de désinstallation-->C:\Program Files\Common Files\AOL\uninstaller.exe
    Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    BitTorrent Ultra Accelerator-->C:\Program Files\BitTorrent Ultra Accelerator\uninstall.exe
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    Bowling 3D-->C:\Program Files\Anuman Interactive\Bowling 3D\uninst.exe
    Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
    BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
    Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}\SETUP.EXE" -l0x40c UNINST
    Casino 3D-->"C:\Program Files\Anuman Interactive\Casino 3D\unins000.exe"
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Cerebral Training - Mon coach particulier-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E41A97B-173F-4B0F-A3EE-3F278979D9D7}\Setup.exe" -l0x40c
    Coffret de pilotes Logitech Legacy USB Camera-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\11.10.2016\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"legacyqcam_11.10" /clone_wait /hide_progress
    Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
    ConvertMovie 4.1-->C:\Program Files\ConvertMovie 4.1\uninst.exe
    Creator 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
    EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
    Edirol HQ Orchestral VSTi v1.03-->C:\PROGRA~1\EDIROL\ORCHES~1.03\UNWISE.EXE C:\PROGRA~1\EDIROL\ORCHES~1.03\INSTALL.LOG
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}\SETUP.EXE" -l0x40c UNINST
    EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
    EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
    FairStars Audio Converter 1.77-->"C:\Program Files\FairStars Audio Converter\unins000.exe"
    Firebird SQL Server - MAGIX Edition-->I:\Program Files\MAGIX\Common\Database\instslct.exe /p
    FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
    Flash Player plugins 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
    Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
    Free Music Zilla-->"C:\Program Files\Free Music Zilla\unins000.exe"
    Free Video Converter V 2.0-->"C:\Program Files\Free Video Converter\unins000.exe"
    Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    GameShadow-->MsiExec.exe /I{6AEAD38B-383B-46FF-8A5D-00A822ADA77A}
    Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
    getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
    Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
    GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
    HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
    Hercules DJ Console drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A649F27-1A7B-42B1-8668-3BC2DD590919}\setup.exe" -l0x40c
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 anything
    IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
    Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
    iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Keyboard FIJI-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FIJI*
    K-Lite Codec Pack 4.5.3 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSFRF.inf, Uninstall
    Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
    Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
    LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
    Logitech QuickCam-->MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
    MAGIX Music Maker 2008 13.0.0.17 (F)-->C:\Program Files\MAGIX\MusicMaker2008\instslct.exe
    MAGIX Music Maker 2008 Producer Edition Version à télécharger 13.0.2.1 (F)-->C:\Program Files\MAGIX\MusicMaker2008PE_Version_a_telecharger\unwise.exe
    MAGIX PC Visit-->C:\Program Files\MAGIX\PCVisit\instslct.exe
    MAGIX Photo Manager 2007 4.2.0.85 (F)-->C:\Program Files\MAGIX\Photo_Manager_2007\instslct.exe
    Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\msTTS.inf, Uninstall
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\wmv9vcm.inf, Uninstall
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module linguistique Microsoft .NET Framework 3.5 - fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
    Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Mufin MusicFinder Base 1.0.1.255 (F)-->C:\Program Files\MAGIX\Mufin MusicFinder\instslct.exe
    MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
    Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.5.0.135\InstStub.exe /X
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    OFFICE One 150 Templates v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA147801-8946-4BBE-BE17-A2199CE52C81}\setup.exe" -l0x40c -removeonly
    OFFICE One 7.0-->MsiExec.exe /I{1EF377AC-035A-48BE-8EF7-D18D36308CE9}
    OFFICE One ClipArt v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8F3555E-B918-445E-97D1-BC4861C4EF59}\setup.exe" -l0x40c -removeonly
    OFFICE One Fonts v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC0C788C-7C68-47A9-BFBF-0DF7B205B4CC}\setup.exe" -l0x40c -removeonly
    OFFICE One License v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1A7B28B-AA31-442C-A4FA-598B65A7F5DA}\setup.exe" -l0x40c -removeonly
    OFFICE One Menu v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85C5827E-106F-4497-8066-B7CFEBBEA91D}\setup.exe" -l0x40c -removeonly
    OFFICE One Notes v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D2683BE-2C44-4DB5-BECD-87B324077A7F}\setup.exe" -l0x40c -removeonly
    OFFICE One QuickZip v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87DEF84E-51A5-4A0E-91C2-E012E92DE69B}\setup.exe" -l0x40c -removeonly
    OFFICE One Safety-Box v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B243ABE9-57C2-4B97-BA6B-37DF6C0208ED}\setup.exe" -l0x40c -removeonly
    OFFICE One Startup v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FEC30F06-A382-47D1-B828-859AC641EB1D}\setup.exe" -l0x40c -removeonly
    Office One-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFFICE*
    Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
    Orbit Downloader-->"C:\Program Files\Orbitdownloader\unins000.exe"
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
    Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
    PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
    Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
    ProtectDisc Helper Driver 10-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v10.exe
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Realtek HD Audio V6.0.1.5322-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
    RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
    SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
    Skype 2.5.2.151-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
    Sony Vegas Pro 8.0-->MsiExec.exe /X{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}
    Steinberg Cubase Studio 4-->MsiExec.exe /I{A5FB086B-B602-4452-8FE9-DF6BFBCE3D09}
    Super Billard et Snooker 3D-->"c:\Program Files\Anuman Interactive\Super billard et snooker 3D\unins000.exe"
    SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
    Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
    Tiger Woods PGA TOUR 08-->C:\Program Files\EA Sports\Tiger Woods PGA TOUR 08\EAUninstall.exe
    Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
    Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
    TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
    Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
    VIA Rhine Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    Video NVIDIA v97.46-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA*
    Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
    Visual C++ 8.0 ATL (x86) WinSXS MSM Beta2-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}
    Visual C++ 8.0 ATL.Policy (x86) WinSXS MSM Beta2-->MsiExec.exe /I{66332652-9C28-58B1-FF1F-C8B3B9A1E18E}
    Visual C++ 8.0 CRT (x86) WinSXS MSM Beta2-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
    Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM Beta2-->MsiExec.exe /I{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}
    Visual C++ 8.0 MFC (x86) WinSXS MSM Beta2-->MsiExec.exe /I{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}
    Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM Beta2-->MsiExec.exe /I{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}
    Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
    Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

    ======Security center information======

    AS: AVG Anti-Spyware (disabled)
    AS: Windows Defender

    ======System event log======

    Computer Name: Packard-Bell
    Event Code: 20
    Message: Échec de l'installation : l'installation de la mise à jour suivante a échoue avec l'erreur 0x80070643 : Installation Windows Live.
    Record Number: 168691
    Source Name: Microsoft-Windows-WindowsUpdateClient
    Time Written: 20090507161200.863371-000
    Event Type: Erreur
    User: AUTORITE NT\SYSTEM

    Computer Name: Packard-Bell
    Event Code: 4226
    Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
    Record Number: 168706
    Source Name: Tcpip
    Time Written: 20090507181645.885275-000
    Event Type: Avertissement
    User:

    Computer Name: Packard-Bell
    Event Code: 7031
    Message: Le service Service Partage réseau du Lecteur Windows Media s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
    Record Number: 168707
    Source Name: Service Control Manager
    Time Written: 20090507182300.000000-000
    Event Type: Erreur
    User:

    Computer Name: Packard-Bell
    Event Code: 7011
    Message: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ShellHWDetection.
    Record Number: 168714
    Source Name: Service Control Manager
    Time Written: 20090507195311.000000-000
    Event Type: Erreur
    User:

    Computer Name: Packard-Bell
    Event Code: 7011
    Message: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ShellHWDetection.
    Record Number: 168715
    Source Name: Service Control Manager
    Time Written: 20090507195319.000000-000
    Event Type: Erreur
    User:

    =====Application event log=====

    Computer Name: Packard-Bell
    Event Code: 502
    Message: Le client des services de certification n’a pas pu inscrire les notifications de la stratégie de groupe. Code d’erreur : 2147942405.
    Record Number: 73310
    Source Name: Microsoft-Windows-CertificateServicesClient
    Time Written: 20090506204847.055998-000
    Event Type: Avertissement
    User: Packard-Bell\Mickael

    Computer Name: Packard-Bell
    Event Code: 8193
    Message: Échec de la création d’un point de restauration sur le volume (Processus = C:\Windows\system32\svchost.exe -k netsvcs ; Description = Windows Update ; Hr = 0x81000101).
    Record Number: 73383
    Source Name: System Restore
    Time Written: 20090507105332.000000-000
    Event Type: Erreur
    User:

    Computer Name: Packard-Bell
    Event Code: 4354
    Message: Le système d'événements de COM+ n'a pas pu déclencher la méthode ConnectionMadeNoQOCInfo de l'abonnement {C46B786B-2751-41EF-9E08-7BE02C0ADB0E}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. L'abonné a renvoyé HRESULT 80040210.
    Record Number: 73415
    Source Name: Microsoft-Windows-EventSystem
    Time Written: 20090507145929.000000-000
    Event Type: Avertissement
    User:

    Computer Name: Packard-Bell
    Event Code: 4356
    Message: Le système d'événements de COM+ n'a pas pu créer d'instance de l'abonné {28778B62-8481-400D-8E8A-A4C81ED3F65C}. StandardCreateInstance a renvoyé HRESULT 80080005.
    Record Number: 73453
    Source Name: Microsoft-Windows-EventSystem
    Time Written: 20090507155437.000000-000
    Event Type: Avertissement
    User:

    Computer Name: Packard-Bell
    Event Code: 1000
    Message: Application défaillante ccSvcHst.exe, version 108.1.0.24, horodatage 0x49a5dac7, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000005, décalage d’erreur 0x00047e8b, ID du processus 0x774, heure de début de l’application 0x01c9cf2bfc29feda.
    Record Number: 73456
    Source Name: Application Error
    Time Written: 20090507155522.000000-000
    Event Type: Erreur
    User:

    =====Security event log=====

    Computer Name: Packard-Bell
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 36331
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090105112516.640625-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Packard-Bell
    Event Code: 4648
    Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PACKARD-BELL$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Compte dont les informations d’identification ont été utilisées :
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Serveur cible :
    Nom du serveur cible : localhost
    Informations supplémentaires : localhost

    Informations sur le processus :
    ID du processus : 0x2d0
    Nom du processus : C:\Windows\System32\services.exe

    Informations sur le réseau :
    Adresse du réseau : -
    Port : -

    Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
    Record Number: 36332
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090105112519.772326-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Packard-Bell
    Event Code: 4624
    Message: L’ouverture de session d’un compte s’est correctement déroulée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PACKARD-BELL$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Type d’ouverture de session : 5

    Nouvelle ouverture de session :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Informations sur le processus :
    ID du processus : 0x2d0
    Nom du processus : C:\Windows\System32\services.exe

    Informations sur le réseau :
    Nom de la station de travail :
    Adresse du réseau source : -
    Port source : -

    Informations détaillées sur l’authentification :
    Processus d’ouverture de session : Advapi
    Package d’authentification : Negotiate
    Services en transit : -
    Nom du package (NTLM uniquement) : -
    Longueur de la clé : 0

    Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

    Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

    Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

    Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

    Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

    Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
    - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
    - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
    - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
    - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
    Record Number: 36333
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090105112519.772326-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Packard-Bell
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 36334
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090105112519.772326-000
    Event Type: Succès de l'audit
    User:

    Computer Name: Packard-Bell
    Event Code: 5033
    Message: Le pilote du Pare-feu Windows est correctement démarré.
    Record Number: 36335
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090105112520.383615-000
    Event Type: Succès de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
    "PROCESSOR_REVISION"=0f02
    "NUMBER_OF_PROCESSORS"=2
    "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip

    -----------------EOF-----------------



    LOG :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Mickael at 2009-05-07 23:00:05
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 47 GB (21%) free of 230 GB
    Total RAM: 1022 MB (44% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:02:00, on 07/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Users\Mickael\Desktop\RSIT.exe
    C:\Program Files\trend micro\Mickael.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 10190 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Extension de garantie.job
    C:\Windows\tasks\Google Software Updater.job
    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
    C:\Windows\tasks\Recovery DVD Creator.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
    Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2009-02-27 134344]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-15 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-12 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
    {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2009-02-27 646264]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
    C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
    C:\Users\Mickael\Program Files\DNA\btdna.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAMP SHIM EXIT HECK]
    C:\ProgramData\Part Regs Wave.y4z3meg [2009-02-21 16400]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdromatom]
    C:\ProgramData\Camp program program.4hnxrwe [2009-02-21 253968]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DJ Console]
    C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe [2004-12-24 282624]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
    C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
    C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
    C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe /min []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-19 29744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    C:\Users\Mickael\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 133104]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
    C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
    C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe [2006-11-14 50736]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-08-25 221184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-08-25 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-20 228088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2006-10-23 1092152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-12 136600]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
    C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransVente]
    C:\PROGRA~1\TRANSV~1\TransVente.exe 1 []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
    C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
    C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    C:\Program Files\Winamp\winampa.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
    oobefldr.dll,ShowWelcomeCenter []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BitTorrent Ultra Accelerator.lnk]
    C:\PROGRA~1\BITTOR~2\BITTOR~1.EXE [2008-12-08 236032]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moteur du Planificateur de tâches SolidWorks.lnk]
    C:\PROGRA~1\SOLIDW~2\SWSCHE~1\SWBOEN~1.EXE []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe"="C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe:*:Enabled:River Past Screen Recorder"
    "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
    "C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:o rbit"
    "C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:o rbit"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10371688-96dc-11dd-8969-0019db413655}]
    shell\Auto\command - cmd /C launch.bat
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48198042-205c-11dd-be51-00038a000015}]
    shell\AutoRun\command - I:\EmDesk.exe
    shell\EmDesk\command - I:\EmDesk.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*
    .reg - open - "regedit.exe" "%1"

    ======List of files/folders created in the last 1 months======

    2009-05-07 23:00:15 ----D---- C:\Program Files\trend micro
    2009-05-07 23:00:05 ----D---- C:\rsit
    2009-05-06 19:49:16 ----D---- C:\Program Files\Acoustica Beatcraft
    2009-04-21 15:01:29 ----D---- C:\Users\Mickael\AppData\Roaming\Anuman Interactive
    2009-04-19 17:27:49 ----D---- C:\Users\Mickael\AppData\Roaming\Publish Providers
    2009-04-19 17:21:42 ----D---- C:\Users\Mickael\AppData\Roaming\Sony
    2009-04-19 17:15:05 ----D---- C:\ProgramData\Sony
    2009-04-19 17:13:09 ----D---- C:\Program Files\Sony
    2009-04-19 17:10:49 ----D---- C:\Program Files\Sony Setup
    2009-04-15 11:23:21 ----A---- C:\Windows\system32\xolehlp.dll
    2009-04-15 11:23:21 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-04-15 11:23:04 ----A---- C:\Windows\system32\winhttp.dll
    2009-04-15 11:21:03 ----A---- C:\Windows\system32\rpcss.dll
    2009-04-15 11:21:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2009-04-15 11:21:01 ----A---- C:\Windows\system32\ntoskrnl.exe
    2009-04-15 11:20:58 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
    2009-04-15 11:20:57 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
    2009-04-15 11:20:56 ----A---- C:\Windows\system32\sdohlp.dll
    2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasrecst.dll
    2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-04-15 11:20:55 ----A---- C:\Windows\system32\iashost.exe
    2009-04-15 11:20:55 ----A---- C:\Windows\system32\iasads.dll
    2009-04-15 11:20:12 ----A---- C:\Windows\system32\lsasrv.dll
    2009-04-15 11:20:11 ----A---- C:\Windows\system32\kernel32.dll
    2009-04-15 11:20:09 ----A---- C:\Windows\system32\secur32.dll
    2009-04-15 11:20:07 ----A---- C:\Windows\system32\apilogen.dll
    2009-04-15 11:20:07 ----A---- C:\Windows\system32\amxread.dll

    ======List of files/folders modified in the last 1 months======

    2009-05-07 23:01:35 ----D---- C:\Windows\Temp
    2009-05-07 23:00:15 ----D---- C:\Program Files
    2009-05-07 21:35:36 ----D---- C:\Windows\Tasks
    2009-05-07 20:19:06 ----D---- C:\Windows\system32\drivers
    2009-05-07 18:17:58 ----SHD---- C:\Windows\Installer
    2009-05-07 18:17:50 ----SHD---- C:\Config.Msi
    2009-05-07 18:17:41 ----D---- C:\Program Files\Microsoft Office
    2009-05-07 18:17:41 ----D---- C:\Program Files\Common Files\DESIGNER
    2009-05-07 18:15:36 ----SHD---- C:\System Volume Information
    2009-05-07 18:13:39 ----D---- C:\Program Files\Anuman Interactive
    2009-05-07 18:13:18 ----D---- C:\Program Files\Audacity
    2009-05-07 18:13:17 ----D---- C:\Windows\Prefetch
    2009-05-07 18:02:47 ----D---- C:\Windows\winsxs
    2009-05-07 11:54:53 ----D---- C:\Windows\system32\catroot
    2009-05-07 11:54:52 ----D---- C:\Windows\system32\catroot2
    2009-05-06 22:49:47 ----D---- C:\ProgramData\Google Updater
    2009-05-06 20:04:55 ----D---- C:\Users\Mickael\AppData\Roaming\BitTorrent
    2009-05-06 19:50:14 ----D---- C:\Windows
    2009-05-06 19:49:53 ----D---- C:\Windows\System32
    2009-05-06 13:05:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-05-06 13:05:06 ----D---- C:\Windows\inf
    2009-05-06 12:48:17 ----A---- C:\Windows\Robota.INI
    2009-05-06 12:48:17 ----A---- C:\Windows\BeatBox.INI
    2009-05-04 12:29:57 ----D---- C:\ProgramData\stop 4
    2009-05-02 21:12:36 ----D---- C:\ProgramData\Microsoft Help
    2009-05-02 21:10:52 ----RSD---- C:\Windows\assembly
    2009-05-02 21:07:56 ----RSD---- C:\Windows\Fonts
    2009-05-02 21:07:38 ----D---- C:\Program Files\Common Files\microsoft shared
    2009-05-02 21:06:53 ----D---- C:\Program Files\Microsoft Works
    2009-05-02 21:03:48 ----A---- C:\Windows\win.ini
    2009-05-02 21:03:47 ----D---- C:\Program Files\Common Files\System
    2009-04-29 10:27:24 ----D---- C:\temp
    2009-04-28 20:06:20 ----D---- C:\Windows\system32\LogFiles
    2009-04-24 23:11:28 ----D---- C:\Users\Mickael\AppData\Roaming\BSplayer
    2009-04-21 22:00:02 ----D---- C:\Windows\Debug
    2009-04-19 17:41:10 ----AD---- C:\ProgramData\TEMP
    2009-04-19 17:24:14 ----D---- C:\Program Files\VstPlugins
    2009-04-19 17:15:05 ----D---- C:\ProgramData
    2009-04-18 22:37:00 ----D---- C:\Program Files\Unlocker
    2009-04-16 11:47:48 ----D---- C:\Windows\system32\wbem
    2009-04-16 11:47:48 ----D---- C:\Program Files\Windows Mail
    2009-04-16 11:47:47 ----D---- C:\Windows\system32\manifeststore
    2009-04-16 11:47:47 ----D---- C:\Windows\AppPatch
    2009-04-09 12:58:50 ----D---- C:\ProgramData\That Face Camp Shim

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
    R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-03-25 482352]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-03-25 371248]
    R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-09-03 12800]
    R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090501.001\IDSvix86.sys [2009-01-29 292912]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
    R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.087\SRTSPX.SYS [2009-03-12 43696]
    R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIM
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    a c 295 8 Sécurité
    7 Mai 2009 23:19:36

    Tu as une infection Lop/Swizzor.

  • Désactive l'UAC le temps de la désinfection.

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Clique droit sur le raccourci Lop S&D présent sur ton Bureau et choisis Exécuter en tant qu'administrateur.
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    8 Mai 2009 10:52:01

    Voici le rapport :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Mickael ( Not Administrator ! )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:224 Go (Free:47 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    J:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 08/05/2009|10:36 )

    [ UAC => 0 ]

    --------------------\\ Listing des dossiers dans Local

    [10/12/2008|16:31] C:\Users\Mickael\AppData\Local\{7326CE9D-C0D2-433A-8A57-B7934EA13EC8}
    [08/03/2009|20:50] C:\Users\Mickael\AppData\Local\Adobe
    [26/12/2008|14:10] C:\Users\Mickael\AppData\Local\Ahead
    [12/05/2008|21:55] C:\Users\Mickael\AppData\Local\AOL
    [01/06/2008|19:40] C:\Users\Mickael\AppData\Local\Apple
    [18/07/2008|11:08] C:\Users\Mickael\AppData\Local\Apple Computer
    [12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Application Data
    [08/12/2008|19:14] C:\Users\Mickael\AppData\Local\ApplicationHistory
    [07/05/2009|20:46] C:\Users\Mickael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [06/12/2008|16:11] C:\Users\Mickael\AppData\Local\Downloaded Installations
    [13/05/2008|11:24] C:\Users\Mickael\AppData\Local\eMule
    [12/05/2008|21:55] C:\Users\Mickael\AppData\Local\fusioncache.dat
    [03/05/2009|10:55] C:\Users\Mickael\AppData\Local\GDIPFONTCACHEV1.DAT
    [21/04/2009|13:14] C:\Users\Mickael\AppData\Local\Google
    [12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Historique
    [08/05/2009|10:28] C:\Users\Mickael\AppData\Local\IconCache.db
    [26/03/2009|21:42] C:\Users\Mickael\AppData\Local\IM
    [15/12/2008|21:05] C:\Users\Mickael\AppData\Local\Microsoft
    [19/09/2008|20:15] C:\Users\Mickael\AppData\Local\Microsoft Games
    [28/11/2008|20:13] C:\Users\Mickael\AppData\Local\Microsoft Help
    [14/05/2008|20:58] C:\Users\Mickael\AppData\Local\Mozilla
    [15/11/2008|17:22] C:\Users\Mickael\AppData\Local\NOS
    [04/06/2008|16:20] C:\Users\Mickael\AppData\Local\Oberon Media
    [18/05/2008|18:07] C:\Users\Mickael\AppData\Local\Packard Bell
    [10/12/2008|16:39] C:\Users\Mickael\AppData\Local\Pando
    [09/07/2008|00:26] C:\Users\Mickael\AppData\Local\regrc.bat
    [19/04/2009|17:21] C:\Users\Mickael\AppData\Local\Sony
    [07/05/2009|20:05] C:\Users\Mickael\AppData\Local\Symantec
    [08/05/2009|10:34] C:\Users\Mickael\AppData\Local\Temp
    [12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Temporary Internet Files
    [26/03/2009|21:32] C:\Users\Mickael\AppData\Local\Thunderbird
    [01/02/2009|18:46] C:\Users\Mickael\AppData\Local\vdownloader
    [16/06/2008|19:20] C:\Users\Mickael\AppData\Local\vetclci.bat
    [12/05/2008|21:56] C:\Users\Mickael\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [08/05/2009 10:33][--a------] C:\Windows\tasks\Google Software Updater.job
    [06/05/2009 14:40][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
    [08/05/2009 10:00][--a------] C:\Windows\tasks\Extension de garantie.job
    [08/05/2009 10:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
    [08/05/2009 10:30][--ah-----] C:\Windows\tasks\SA.DAT
    [08/05/2009 10:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [07/03/2009|23:04] C:\ProgramData\Adobe
    [24/12/2008|19:33] C:\ProgramData\Ahead
    [08/10/2008|10:18] C:\ProgramData\AOL
    [05/06/2008|10:10] C:\ProgramData\Apple
    [18/07/2008|10:37] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [12/05/2008|20:33] C:\ProgramData\Bureau
    [21/02/2009|23:25] C:\ProgramData\Camp program program.4hnxrwe
    [21/02/2009|23:25] C:\ProgramData\Camp program program.mowmg
    [20/11/2008|12:48] C:\ProgramData\Ciel
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [26/05/2008|10:37] C:\ProgramData\Downloaded Installations
    [13/05/2008|11:24] C:\ProgramData\eMule
    [27/08/2008|11:22] C:\ProgramData\EPSON
    [13/09/2008|17:26] C:\ProgramData\eXPert PDF 4
    [12/05/2008|20:33] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [07/03/2009|23:16] C:\ProgramData\FLEXnet
    [29/12/2008|16:51] C:\ProgramData\Google
    [08/05/2009|09:04] C:\ProgramData\Google Updater
    [11/03/2009|13:34] C:\ProgramData\Grisoft
    [26/03/2009|21:40] C:\ProgramData\IM
    [26/03/2009|21:40] C:\ProgramData\IncrediMail
    [26/01/2007|18:21] C:\ProgramData\InstallShield
    [28/10/2008|14:37] C:\ProgramData\iolo
    [15/07/2008|14:49] C:\ProgramData\LogiShrd
    [14/06/2008|14:01] C:\ProgramData\Logitech
    [02/03/2009|17:31] C:\ProgramData\MAGIX
    [12/05/2008|20:33] C:\ProgramData\Menu D‚marrer
    [25/02/2009|20:53] C:\ProgramData\Messenger Plus!
    [29/05/2008|12:38] C:\ProgramData\MGS
    [29/12/2008|19:47] C:\ProgramData\Micro Application
    [29/05/2008|12:38] C:\ProgramData\Microgaming
    [21/02/2009|21:26] C:\ProgramData\Microsoft
    [02/05/2009|21:12] C:\ProgramData\Microsoft Help
    [12/05/2008|20:33] C:\ProgramData\ModŠles
    [26/08/2008|12:26] C:\ProgramData\N360BUOptions.ini
    [30/03/2009|19:51] C:\ProgramData\NCH Software
    [24/12/2008|19:28] C:\ProgramData\Nero
    [22/10/2008|16:53] C:\ProgramData\Norton
    [22/10/2008|16:48] C:\ProgramData\NortonInstaller
    [15/11/2008|17:22] C:\ProgramData\NOS
    [26/03/2009|09:18] C:\ProgramData\ntuser.pol
    [30/10/2008|10:04] C:\ProgramData\NVIDIA
    [26/01/2007|18:35] C:\ProgramData\OFFICE One v7
    [28/11/2008|23:03] C:\ProgramData\OrbNetworks
    [21/02/2009|23:26] C:\ProgramData\Part Regs Wave.y4z3meg
    [22/10/2008|16:48] C:\ProgramData\PCSettings
    [25/01/2009|12:21] C:\ProgramData\Pinnacle
    [09/11/2008|15:19] C:\ProgramData\River Past G5
    [10/08/2008|18:12] C:\ProgramData\Roxio
    [09/01/2009|23:40] C:\ProgramData\Skype
    [20/12/2008|15:06] C:\ProgramData\SolidWorks
    [10/08/2008|14:45] C:\ProgramData\Sonic
    [19/04/2009|17:15] C:\ProgramData\Sony
    [09/03/2009|22:16] C:\ProgramData\Sports Interactive
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [04/05/2009|12:29] C:\ProgramData\stop 4
    [14/10/2008|17:21] C:\ProgramData\Symantec
    [19/01/2009|13:33] C:\ProgramData\Syncrosoft
    [19/04/2009|17:41] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [09/04/2009|12:58] C:\ProgramData\That Face Camp Shim
    [12/01/2009|18:32] C:\ProgramData\TuneUp Software
    [27/08/2008|11:27] C:\ProgramData\UDL
    [04/06/2008|21:16] C:\ProgramData\WindowsSearch
    [21/02/2009|23:17] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/03/2009|15:30] C:\Program Files\7-Zip
    [07/05/2009|20:00] C:\Program Files\Acoustica Beatcraft
    [07/03/2009|23:05] C:\Program Files\Adobe
    [26/10/2008|14:12] C:\Program Files\Alcohol Soft
    [07/05/2009|18:13] C:\Program Files\Anuman Interactive
    [05/06/2008|10:10] C:\Program Files\Apple Software Update
    [07/05/2009|18:13] C:\Program Files\Audacity
    [08/02/2009|15:31] C:\Program Files\AviSynth 2.5
    [07/11/2008|00:07] C:\Program Files\BitTorrent
    [24/01/2009|18:39] C:\Program Files\BitTorrent Ultra Accelerator
    [18/07/2008|10:36] C:\Program Files\Bonjour
    [05/03/2009|14:22] C:\Program Files\Casse Brique
    [17/01/2009|19:46] C:\Program Files\CCleaner
    [05/04/2009|21:03] C:\Program Files\Common Files
    [13/09/2008|17:16] C:\Program Files\ConvertMovie 4.1
    [07/03/2009|16:31] C:\Program Files\Crcle Developement
    [01/02/2009|21:06] C:\Program Files\DivX
    [13/09/2008|17:21] C:\Program Files\Driver-Soft
    [23/02/2009|17:46] C:\Program Files\EA Sports
    [08/01/2009|12:40] C:\Program Files\EDIROL
    [13/05/2008|11:24] C:\Program Files\eMule
    [27/08/2008|11:24] C:\Program Files\epson
    [08/02/2009|15:30] C:\Program Files\eRightSoft
    [06/01/2009|20:50] C:\Program Files\FairStars Audio Converter
    [09/02/2009|10:31] C:\Program Files\ffdshow
    [12/05/2008|20:33] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [19/01/2009|23:04] C:\Program Files\Fish Aquarium 3D Screensaver
    [19/01/2009|23:02] C:\Program Files\fishaquarium
    [28/02/2009|16:29] C:\Program Files\FlashGet Network
    [11/01/2009|18:55] C:\Program Files\Free Audio Pack
    [19/10/2008|21:28] C:\Program Files\Free Download Manager
    [01/02/2009|17:29] C:\Program Files\Free Music Zilla
    [29/03/2009|21:21] C:\Program Files\Free Video Converter
    [22/02/2009|18:47] C:\Program Files\Golf Adventure Galaxy
    [22/02/2009|12:04] C:\Program Files\Google
    [26/01/2007|18:16] C:\Program Files\HDReg
    [27/01/2009|20:40] C:\Program Files\Hercules
    [11/01/2009|18:56] C:\Program Files\Image-Line
    [12/10/2008|11:02] C:\Program Files\inKline Global
    [14/03/2009|18:36] C:\Program Files\InstallShield Installation Information
    [25/03/2009|13:26] C:\Program Files\Internet Explorer
    [18/07/2008|10:37] C:\Program Files\iPod
    [26/01/2007|18:32] C:\Program Files\ISSENDIS
    [18/07/2008|10:37] C:\Program Files\iTunes
    [12/01/2009|18:08] C:\Program Files\Java
    [08/02/2009|20:50] C:\Program Files\K-Lite Codec Pack
    [15/07/2008|14:48] C:\Program Files\Logitech
    [02/03/2009|18:02] C:\Program Files\MAGIX
    [21/02/2009|23:25] C:\Program Files\Messenger Plus! Live
    [14/03/2009|18:35] C:\Program Files\Micro Application
    [20/03/2009|23:29] C:\Program Files\Microsoft
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [07/05/2009|18:17] C:\Program Files\Microsoft Office
    [26/02/2009|11:25] C:\Program Files\Microsoft Silverlight
    [12/05/2008|22:38] C:\Program Files\Microsoft SQL Server Compact Edition
    [30/11/2008|19:20] C:\Program Files\Microsoft Visual Studio
    [30/11/2008|19:15] C:\Program Files\Microsoft Visual Studio 8
    [02/05/2009|21:06] C:\Program Files\Microsoft Works
    [30/11/2008|19:18] C:\Program Files\Microsoft.NET
    [05/06/2008|17:15] C:\Program Files\Mio Technology
    [13/09/2008|17:16] C:\Program Files\MOVAVI
    [23/05/2008|19:09] C:\Program Files\Movie Maker
    [29/03/2009|14:36] C:\Program Files\Mozilla Firefox
    [26/12/2008|19:59] C:\Program Files\MP3Gain
    [30/11/2008|19:22] C:\Program Files\MSBuild
    [21/02/2009|23:12] C:\Program Files\MSECache
    [30/03/2009|19:50] C:\Program Files\NCH Software
    [24/12/2008|19:28] C:\Program Files\Nero
    [22/10/2008|16:53] C:\Program Files\Norton Internet Security
    [14/10/2008|17:25] C:\Program Files\NortonInstaller
    [15/11/2008|17:22] C:\Program Files\NOS
    [26/01/2007|18:36] C:\Program Files\OFFICE ONE 7.0
    [26/01/2007|18:35] C:\Program Files\OFFICE One v7
    [08/05/2009|10:06] C:\Program Files\OrangeHSS
    [04/03/2009|13:29] C:\Program Files\Orbitdownloader
    [31/08/2008|18:52] C:\Program Files\Outsim
    [26/01/2007|18:37] C:\Program Files\Packard Bell
    [13/05/2008|11:35] C:\Program Files\Panda Security
    [14/07/2008|16:58] C:\Program Files\PhotoFiltre
    [08/11/2008|16:30] C:\Program Files\PowerISO
    [14/05/2008|18:57] C:\Program Files\ProtectDisc Driver Installer
    [05/09/2008|17:34] C:\Program Files\QuickTime
    [14/05/2008|20:57] C:\Program Files\Real
    [26/01/2007|18:14] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [22/02/2009|13:03] C:\Program Files\ReflexiveArcade
    [29/12/2008|14:49] C:\Program Files\RegCleaner
    [26/01/2007|18:21] C:\Program Files\Roxio
    [25/12/2008|12:12] C:\Program Files\SAGEM
    [04/03/2009|15:27] C:\Program Files\SolidWorks
    [04/03/2009|14:58] C:\Program Files\Sonic and Knuckles
    [04/03/2009|14:59] C:\Program Files\Sonik Synth 2 Free
    [19/04/2009|17:13] C:\Program Files\Sony
    [19/04/2009|17:10] C:\Program Files\Sony Setup
    [09/03/2009|22:02] C:\Program Files\Sports Interactive
    [20/01/2009|13:26] C:\Program Files\Steinberg
    [26/03/2009|09:29] C:\Program Files\Symantec
    [05/03/2009|12:45] C:\Program Files\Syncrosoft
    [30/12/2008|18:06] C:\Program Files\ToniArts
    [07/05/2009|23:02] C:\Program Files\trend micro
    [12/01/2009|18:33] C:\Program Files\TuneUp Utilities 2008
    [18/04/2009|22:37] C:\Program Files\Unlocker
    [25/01/2009|21:02] C:\Program Files\VirtualDJ
    [19/04/2009|17:24] C:\Program Files\VstPlugins
    [30/09/2008|18:25] C:\Program Files\Webteh
    [17/01/2009|18:22] C:\Program Files\Winamp
    [06/12/2008|10:34] C:\Program Files\Winamp Remote
    [23/05/2008|19:09] C:\Program Files\Windows Calendar
    [23/05/2008|19:09] C:\Program Files\Windows Collaboration
    [23/05/2008|19:09] C:\Program Files\Windows Defender
    [21/02/2009|23:13] C:\Program Files\Windows Installer Clean Up
    [21/02/2009|23:22] C:\Program Files\Windows Live
    [16/04/2009|11:47] C:\Program Files\Windows Mail
    [17/12/2008|15:16] C:\Program Files\Windows Media Components
    [26/02/2009|11:24] C:\Program Files\Windows Media Player
    [12/05/2008|20:33] C:\Program Files\Windows NT
    [23/05/2008|19:09] C:\Program Files\Windows Photo Gallery
    [23/05/2008|19:09] C:\Program Files\Windows Sidebar
    [07/12/2008|19:05] C:\Program Files\WinRAR
    [09/11/2008|15:18] C:\Program Files\WMV9_VCM
    [29/05/2008|22:00] C:\Program Files\Zero G Registry

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [31/12/2008|11:28] C:\Program Files\Common Files\Acon Digital Media
    [07/03/2009|23:03] C:\Program Files\Common Files\Adobe
    [24/12/2008|19:32] C:\Program Files\Common Files\Ahead
    [08/10/2008|10:18] C:\Program Files\Common Files\aol
    [26/01/2007|18:18] C:\Program Files\Common Files\aolshare
    [05/06/2008|10:20] C:\Program Files\Common Files\Apple
    [07/04/2009|10:19] C:\Program Files\Common Files\AVSMedia
    [07/05/2009|18:17] C:\Program Files\Common Files\DESIGNER
    [14/10/2008|20:00] C:\Program Files\Common Files\France Telecom
    [05/06/2008|17:13] C:\Program Files\Common Files\InstallShield
    [01/06/2008|12:13] C:\Program Files\Common Files\Java
    [20/03/2009|23:28] C:\Program Files\Common Files\logishrd
    [07/03/2009|22:42] C:\Program Files\Common Files\Macrovision Shared
    [17/05/2008|18:20] C:\Program Files\Common Files\MAGIX Shared
    [02/05/2009|21:07] C:\Program Files\Common Files\microsoft shared
    [21/12/2008|12:56] C:\Program Files\Common Files\Nero
    [26/01/2007|18:18] C:\Program Files\Common Files\Nullsoft
    [16/06/2008|08:57] C:\Program Files\Common Files\Panda Software
    [01/02/2009|20:56] C:\Program Files\Common Files\PX Storage Engine
    [30/11/2008|13:19] C:\Program Files\Common Files\Real
    [26/01/2007|18:21] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [04/03/2009|15:26] C:\Program Files\Common Files\SolidWorks Shared
    [26/01/2007|18:21] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [26/01/2007|18:21] C:\Program Files\Common Files\SureThing Shared
    [22/10/2008|17:22] C:\Program Files\Common Files\Symantec Shared
    [02/05/2009|21:03] C:\Program Files\Common Files\System
    [21/02/2009|21:27] C:\Program Files\Common Files\Windows Live
    [12/05/2008|22:35] C:\Program Files\Common Files\WindowsLiveInstaller
    [12/01/2009|18:30] C:\Program Files\Common Files\Wise Installation Wizard

    --------------------\\ Process

    ( 59 Processes )

    iexplore.exe ~ [PID:4996]
    iexplore.exe ~ [PID:5500]

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\Camp program program.mowmg
    C:\ProgramData\Camp program program.4hnxrwe
    C:\ProgramData\Part Regs Wave.y4z3meg

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\That Face Camp Shim
    C:\ProgramData\That Face Camp Shim\that great.dat
    C:\Users\Mickael\AppData\Local\Temp\stadistic.log
    C:\Program Files\Orbitdownloader
    C:\Program Files\Orbitdownloader\addons
    C:\Program Files\Orbitdownloader\banurl.ini
    C:\Program Files\Orbitdownloader\banurl.ini.bak
    C:\Program Files\Orbitdownloader\changelog.txt
    C:\Program Files\Orbitdownloader\download.dll
    C:\Program Files\Orbitdownloader\Grab.exe
    C:\Program Files\Orbitdownloader\GrabDll.dll
    C:\Program Files\Orbitdownloader\GrabKernel.dll
    C:\Program Files\Orbitdownloader\GrabPro.dll
    C:\Program Files\Orbitdownloader\idht.dll
    C:\Program Files\Orbitdownloader\Lang.ini
    C:\Program Files\Orbitdownloader\language
    C:\Program Files\Orbitdownloader\libeay32.dll
    C:\Program Files\Orbitdownloader\orbitcth.dll
    C:\Program Files\Orbitdownloader\orbitdm.exe
    C:\Program Files\Orbitdownloader\orbitmxt.dll
    C:\Program Files\Orbitdownloader\orbitnet.exe
    C:\Program Files\Orbitdownloader\orbitsearch.xml
    C:\Program Files\Orbitdownloader\saction.dll
    C:\Program Files\Orbitdownloader\siteinfo.ini
    C:\Program Files\Orbitdownloader\siteinfo.ini.bak
    C:\Program Files\Orbitdownloader\ssleay32.dll
    C:\Program Files\Orbitdownloader\unins000.dat
    C:\Program Files\Orbitdownloader\unins000.exe
    C:\Program Files\Orbitdownloader\update
    C:\Program Files\Orbitdownloader\winfile.dll

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-08 10:36:55
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 96

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\Mickael\AppData\Roaming\BitTorrent\Adobe Photoshop CS3 Extended + Crack.rar.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.1.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\doom 3 + patch V3.1 +crack nocd.rar.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Fruity Loops Studio 7 Full + Crack.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%).rar.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6-t Va Crack-er.avi.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6T va crack-er.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.1.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.2.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Nero 7.11.6.0 [With keygen and Activator].torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-Incl Keygen Fully Avtivated.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-InclKeygen.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\SolidWorks Crack.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Sony Vegas Pro 8.0c Build 260 + Keygen.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.1.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.2.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\UseNeXT 4.34 + Crack.rar.torrent
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Cubase Studio 4 Hybride (Mac et PC).iso
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Nouveau document texte.txt
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Read Me!!!.nfo
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Update_HALion_3.3.1.456.exe
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\SYNSOACC.dll
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_4.5.2.274_Update.exe
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_Studio_Patch_411.msp
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Update_HALionOne_1.1.0.0.exe
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack\fm91_t1.exe
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Instructions.txt
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\Keygen.exe
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\readme.txt
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR\french.ltc
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Patch\fm2009-crack&patch.sfv
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Blackcat.nfo
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\Blackcat.txt
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\MusicMaker.exe
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack.rar
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Cubase sx3.exe
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Leeme.txt
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original\SYNSOACC.dll
    C:\Users\Mickael\Documents\Nouveau dossier\(Serial-Crack-Keygen) - Alcohol 120% and Fantom CD Serials.txt
    C:\Users\Mickael\Documents\Nouveau dossier\Ableton Live 7.0.7 FULL crack serial.txt
    C:\Users\Mickael\Documents\Nouveau dossier\Alcohol 120% 1.9.7.6221 Retail Crack.txt
    C:\Users\Mickael\Documents\Nouveau dossier\ALL SERIAL Cracks,serialnumbers,keygenerators,nero,corel draw,antivirus,adobe,macromedia, norton,paint shop pro,winrar,winzip,x win,astalav.doc
    C:\Users\Mickael\Documents\Nouveau dossier\Cracks,Serialnumbers,Keygenerators,Nero,Corel Draw,Antivirus,Adobe,Macromedia, Norton,Paint Shop Pro,Winrar,Winzip,X Win,Astalav.txt
    C:\Users\Mickael\Documents\Nouveau dossier\keygen virtual dj 5.0.txt
    C:\Users\Mickael\Documents\Nouveau dossier\Nero 9 Ultra Edition 9.0.9.4b + New KeyGen serial valid crack Burning ROM retail upgrade box version.txt
    C:\Users\Mickael\Documents\Parole\Nouveau dossier\A VOIR FABULEUX astuces Liste Grossiste Codes Allopass Complet [allopass.crack.site.comment.dvix.Sel 2 Mer.By.Flaviman].rtf
    C:\Users\Mickael\Documents\Sample\Pro Samples\ReFX.quadraSID.VSTi.v1.6.incl.KeyGen-BEAT.rar
    C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr2_eLAB_Crackl_080.wav
    C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr3_eLAB_Crack2_080.wav
    C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A70_MpcVox3_eLAB_Crackl_100.wav
    C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - AIFF\HARD HITN HORNS 3\HN_HORNONCRACK.AIF
    C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - WAV\HARD HITN HORNS 3\HN_HORNONCRACK.WAV
    C:\Users\Mickael\Documents\Sample\Sound sample\2431-117_Jovica_Tonic_Electronic_Drum_Samples\38254_Jovica_Tonic_Crack.flac
    C:\Users\Mickael\Downloads\Crack
    C:\Users\Mickael\Downloads\Crack\Craagle.exe
    C:\Users\Mickael\Downloads\Crack\Options.ini
    C:\Users\Mickael\Downloads\Crack\proxy.txt
    C:\Users\Mickael\Music\Assassin-Rockin' Squat\2007-TOO HOT FOR TV\5 Crack game.mp3
    C:\Users\Mickael\Videos\Ma 6-t Va Crack-er.avi


    [F:1730][D:351]-> C:\Users\Mickael\AppData\Local\Temp
    [F:84][D:1]-> C:\Users\Mickael\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:3561][D:9]-> C:\Users\Mickael\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:182][D:14]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 08/05/2009|10:46 - Option : [1]

    --------------------\\ Fin du rapport a 10:47:04
    [ UAC => 1 ]



    Est-ce cete infection qui fait ralentir mon ordinateur ?
    a c 295 8 Sécurité
    8 Mai 2009 12:04:32

    Citation :
    Est-ce cete infection qui fait ralentir mon ordinateur ?

    ---> Je pense que oui.

  • Réexécute Lop S&D en tant qu'administrateur.
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    8 Mai 2009 13:39:28

    Voici le rapport :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Mickael ( Not Administrator ! )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:224 Go (Free:46 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    J:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 08/05/2009|12:48 )

    [ UAC => 0 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\That Face Camp Shim\that great.dat
    Supprime! - C:\Users\Mickael\AppData\Local\Temp\stadistic.log
    Supprime! - C:\Program Files\Orbitdownloader\addons
    Supprime! - C:\Program Files\Orbitdownloader\banurl.ini
    Supprime! - C:\Program Files\Orbitdownloader\banurl.ini.bak
    Supprime! - C:\Program Files\Orbitdownloader\changelog.txt
    Supprime! - C:\Program Files\Orbitdownloader\download.dll
    Supprime! - C:\Program Files\Orbitdownloader\Grab.exe
    Supprime! - C:\Program Files\Orbitdownloader\GrabDll.dll
    Supprime! - C:\Program Files\Orbitdownloader\GrabKernel.dll
    Supprime! - C:\Program Files\Orbitdownloader\GrabPro.dll
    Supprime! - C:\Program Files\Orbitdownloader\idht.dll
    Supprime! - C:\Program Files\Orbitdownloader\Lang.ini
    Supprime! - C:\Program Files\Orbitdownloader\language
    Supprime! - C:\Program Files\Orbitdownloader\libeay32.dll
    Supprime! - C:\Program Files\Orbitdownloader\orbitcth.dll
    Supprime! - C:\Program Files\Orbitdownloader\orbitdm.exe
    Supprime! - C:\Program Files\Orbitdownloader\orbitmxt.dll
    Supprime! - C:\Program Files\Orbitdownloader\orbitnet.exe
    Supprime! - C:\Program Files\Orbitdownloader\orbitsearch.xml
    Supprime! - C:\Program Files\Orbitdownloader\saction.dll
    Supprime! - C:\Program Files\Orbitdownloader\siteinfo.ini
    Supprime! - C:\Program Files\Orbitdownloader\siteinfo.ini.bak
    Supprime! - C:\Program Files\Orbitdownloader\ssleay32.dll
    Supprime! - C:\Program Files\Orbitdownloader\unins000.dat
    Supprime! - C:\Program Files\Orbitdownloader\unins000.exe
    Supprime! - C:\Program Files\Orbitdownloader\update
    Supprime! - C:\Program Files\Orbitdownloader\winfile.dll
    Supprime! - C:\ProgramData\Camp program program.mowmg
    Supprime! - C:\ProgramData\Camp program program.4hnxrwe
    Supprime! - C:\ProgramData\Part Regs Wave.y4z3meg
    Supprime! - C:\ProgramData\That Face Camp Shim
    Supprime! - C:\Program Files\Orbitdownloader
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [10/12/2008|16:31] C:\Users\Mickael\AppData\Local\{7326CE9D-C0D2-433A-8A57-B7934EA13EC8}
    [08/03/2009|20:50] C:\Users\Mickael\AppData\Local\Adobe
    [26/12/2008|14:10] C:\Users\Mickael\AppData\Local\Ahead
    [12/05/2008|21:55] C:\Users\Mickael\AppData\Local\AOL
    [01/06/2008|19:40] C:\Users\Mickael\AppData\Local\Apple
    [18/07/2008|11:08] C:\Users\Mickael\AppData\Local\Apple Computer
    [12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Application Data
    [08/12/2008|19:14] C:\Users\Mickael\AppData\Local\ApplicationHistory
    [07/05/2009|20:46] C:\Users\Mickael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [06/12/2008|16:11] C:\Users\Mickael\AppData\Local\Downloaded Installations
    [13/05/2008|11:24] C:\Users\Mickael\AppData\Local\eMule
    [12/05/2008|21:55] C:\Users\Mickael\AppData\Local\fusioncache.dat
    [03/05/2009|10:55] C:\Users\Mickael\AppData\Local\GDIPFONTCACHEV1.DAT
    [21/04/2009|13:14] C:\Users\Mickael\AppData\Local\Google
    [12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Historique
    [08/05/2009|11:51] C:\Users\Mickael\AppData\Local\IconCache.db
    [26/03/2009|21:42] C:\Users\Mickael\AppData\Local\IM
    [15/12/2008|21:05] C:\Users\Mickael\AppData\Local\Microsoft
    [19/09/2008|20:15] C:\Users\Mickael\AppData\Local\Microsoft Games
    [28/11/2008|20:13] C:\Users\Mickael\AppData\Local\Microsoft Help
    [14/05/2008|20:58] C:\Users\Mickael\AppData\Local\Mozilla
    [15/11/2008|17:22] C:\Users\Mickael\AppData\Local\NOS
    [04/06/2008|16:20] C:\Users\Mickael\AppData\Local\Oberon Media
    [18/05/2008|18:07] C:\Users\Mickael\AppData\Local\Packard Bell
    [10/12/2008|16:39] C:\Users\Mickael\AppData\Local\Pando
    [09/07/2008|00:26] C:\Users\Mickael\AppData\Local\regrc.bat
    [19/04/2009|17:21] C:\Users\Mickael\AppData\Local\Sony
    [07/05/2009|20:05] C:\Users\Mickael\AppData\Local\Symantec
    [08/05/2009|12:49] C:\Users\Mickael\AppData\Local\Temp
    [12/05/2008|21:53] C:\Users\Mickael\AppData\Local\Temporary Internet Files
    [26/03/2009|21:32] C:\Users\Mickael\AppData\Local\Thunderbird
    [01/02/2009|18:46] C:\Users\Mickael\AppData\Local\vdownloader
    [16/06/2008|19:20] C:\Users\Mickael\AppData\Local\vetclci.bat
    [12/05/2008|21:56] C:\Users\Mickael\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [08/05/2009 11:57][--a------] C:\Windows\tasks\Google Software Updater.job
    [06/05/2009 14:40][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
    [08/05/2009 12:30][--a------] C:\Windows\tasks\Extension de garantie.job
    [08/05/2009 12:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
    [08/05/2009 11:54][--ah-----] C:\Windows\tasks\SA.DAT
    [08/05/2009 11:52][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [07/03/2009|23:04] C:\ProgramData\Adobe
    [24/12/2008|19:33] C:\ProgramData\Ahead
    [08/10/2008|10:18] C:\ProgramData\AOL
    [05/06/2008|10:10] C:\ProgramData\Apple
    [18/07/2008|10:37] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [12/05/2008|20:33] C:\ProgramData\Bureau
    [20/11/2008|12:48] C:\ProgramData\Ciel
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [26/05/2008|10:37] C:\ProgramData\Downloaded Installations
    [13/05/2008|11:24] C:\ProgramData\eMule
    [27/08/2008|11:22] C:\ProgramData\EPSON
    [13/09/2008|17:26] C:\ProgramData\eXPert PDF 4
    [12/05/2008|20:33] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [07/03/2009|23:16] C:\ProgramData\FLEXnet
    [29/12/2008|16:51] C:\ProgramData\Google
    [08/05/2009|09:04] C:\ProgramData\Google Updater
    [11/03/2009|13:34] C:\ProgramData\Grisoft
    [26/03/2009|21:40] C:\ProgramData\IM
    [26/03/2009|21:40] C:\ProgramData\IncrediMail
    [26/01/2007|18:21] C:\ProgramData\InstallShield
    [28/10/2008|14:37] C:\ProgramData\iolo
    [15/07/2008|14:49] C:\ProgramData\LogiShrd
    [14/06/2008|14:01] C:\ProgramData\Logitech
    [02/03/2009|17:31] C:\ProgramData\MAGIX
    [12/05/2008|20:33] C:\ProgramData\Menu D‚marrer
    [25/02/2009|20:53] C:\ProgramData\Messenger Plus!
    [29/05/2008|12:38] C:\ProgramData\MGS
    [29/12/2008|19:47] C:\ProgramData\Micro Application
    [29/05/2008|12:38] C:\ProgramData\Microgaming
    [21/02/2009|21:26] C:\ProgramData\Microsoft
    [02/05/2009|21:12] C:\ProgramData\Microsoft Help
    [12/05/2008|20:33] C:\ProgramData\ModŠles
    [26/08/2008|12:26] C:\ProgramData\N360BUOptions.ini
    [30/03/2009|19:51] C:\ProgramData\NCH Software
    [24/12/2008|19:28] C:\ProgramData\Nero
    [22/10/2008|16:53] C:\ProgramData\Norton
    [22/10/2008|16:48] C:\ProgramData\NortonInstaller
    [15/11/2008|17:22] C:\ProgramData\NOS
    [26/03/2009|09:18] C:\ProgramData\ntuser.pol
    [30/10/2008|10:04] C:\ProgramData\NVIDIA
    [26/01/2007|18:35] C:\ProgramData\OFFICE One v7
    [28/11/2008|23:03] C:\ProgramData\OrbNetworks
    [22/10/2008|16:48] C:\ProgramData\PCSettings
    [25/01/2009|12:21] C:\ProgramData\Pinnacle
    [09/11/2008|15:19] C:\ProgramData\River Past G5
    [10/08/2008|18:12] C:\ProgramData\Roxio
    [09/01/2009|23:40] C:\ProgramData\Skype
    [20/12/2008|15:06] C:\ProgramData\SolidWorks
    [10/08/2008|14:45] C:\ProgramData\Sonic
    [19/04/2009|17:15] C:\ProgramData\Sony
    [09/03/2009|22:16] C:\ProgramData\Sports Interactive
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [04/05/2009|12:29] C:\ProgramData\stop 4
    [14/10/2008|17:21] C:\ProgramData\Symantec
    [19/01/2009|13:33] C:\ProgramData\Syncrosoft
    [19/04/2009|17:41] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [12/01/2009|18:32] C:\ProgramData\TuneUp Software
    [27/08/2008|11:27] C:\ProgramData\UDL
    [04/06/2008|21:16] C:\ProgramData\WindowsSearch
    [21/02/2009|23:17] C:\ProgramData\WLInstaller

    --------------------\\ Listing des dossiers dans C:\Program Files

    [04/03/2009|15:30] C:\Program Files\7-Zip
    [07/05/2009|20:00] C:\Program Files\Acoustica Beatcraft
    [07/03/2009|23:05] C:\Program Files\Adobe
    [26/10/2008|14:12] C:\Program Files\Alcohol Soft
    [07/05/2009|18:13] C:\Program Files\Anuman Interactive
    [05/06/2008|10:10] C:\Program Files\Apple Software Update
    [07/05/2009|18:13] C:\Program Files\Audacity
    [08/02/2009|15:31] C:\Program Files\AviSynth 2.5
    [07/11/2008|00:07] C:\Program Files\BitTorrent
    [24/01/2009|18:39] C:\Program Files\BitTorrent Ultra Accelerator
    [18/07/2008|10:36] C:\Program Files\Bonjour
    [05/03/2009|14:22] C:\Program Files\Casse Brique
    [17/01/2009|19:46] C:\Program Files\CCleaner
    [05/04/2009|21:03] C:\Program Files\Common Files
    [13/09/2008|17:16] C:\Program Files\ConvertMovie 4.1
    [07/03/2009|16:31] C:\Program Files\Crcle Developement
    [01/02/2009|21:06] C:\Program Files\DivX
    [13/09/2008|17:21] C:\Program Files\Driver-Soft
    [23/02/2009|17:46] C:\Program Files\EA Sports
    [08/01/2009|12:40] C:\Program Files\EDIROL
    [13/05/2008|11:24] C:\Program Files\eMule
    [27/08/2008|11:24] C:\Program Files\epson
    [08/02/2009|15:30] C:\Program Files\eRightSoft
    [06/01/2009|20:50] C:\Program Files\FairStars Audio Converter
    [09/02/2009|10:31] C:\Program Files\ffdshow
    [12/05/2008|20:33] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [19/01/2009|23:04] C:\Program Files\Fish Aquarium 3D Screensaver
    [19/01/2009|23:02] C:\Program Files\fishaquarium
    [28/02/2009|16:29] C:\Program Files\FlashGet Network
    [11/01/2009|18:55] C:\Program Files\Free Audio Pack
    [19/10/2008|21:28] C:\Program Files\Free Download Manager
    [01/02/2009|17:29] C:\Program Files\Free Music Zilla
    [29/03/2009|21:21] C:\Program Files\Free Video Converter
    [22/02/2009|18:47] C:\Program Files\Golf Adventure Galaxy
    [22/02/2009|12:04] C:\Program Files\Google
    [26/01/2007|18:16] C:\Program Files\HDReg
    [27/01/2009|20:40] C:\Program Files\Hercules
    [11/01/2009|18:56] C:\Program Files\Image-Line
    [12/10/2008|11:02] C:\Program Files\inKline Global
    [14/03/2009|18:36] C:\Program Files\InstallShield Installation Information
    [25/03/2009|13:26] C:\Program Files\Internet Explorer
    [18/07/2008|10:37] C:\Program Files\iPod
    [26/01/2007|18:32] C:\Program Files\ISSENDIS
    [18/07/2008|10:37] C:\Program Files\iTunes
    [12/01/2009|18:08] C:\Program Files\Java
    [08/02/2009|20:50] C:\Program Files\K-Lite Codec Pack
    [15/07/2008|14:48] C:\Program Files\Logitech
    [02/03/2009|18:02] C:\Program Files\MAGIX
    [21/02/2009|23:25] C:\Program Files\Messenger Plus! Live
    [14/03/2009|18:35] C:\Program Files\Micro Application
    [20/03/2009|23:29] C:\Program Files\Microsoft
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [07/05/2009|18:17] C:\Program Files\Microsoft Office
    [26/02/2009|11:25] C:\Program Files\Microsoft Silverlight
    [12/05/2008|22:38] C:\Program Files\Microsoft SQL Server Compact Edition
    [30/11/2008|19:20] C:\Program Files\Microsoft Visual Studio
    [30/11/2008|19:15] C:\Program Files\Microsoft Visual Studio 8
    [02/05/2009|21:06] C:\Program Files\Microsoft Works
    [30/11/2008|19:18] C:\Program Files\Microsoft.NET
    [05/06/2008|17:15] C:\Program Files\Mio Technology
    [13/09/2008|17:16] C:\Program Files\MOVAVI
    [23/05/2008|19:09] C:\Program Files\Movie Maker
    [29/03/2009|14:36] C:\Program Files\Mozilla Firefox
    [26/12/2008|19:59] C:\Program Files\MP3Gain
    [30/11/2008|19:22] C:\Program Files\MSBuild
    [21/02/2009|23:12] C:\Program Files\MSECache
    [30/03/2009|19:50] C:\Program Files\NCH Software
    [24/12/2008|19:28] C:\Program Files\Nero
    [22/10/2008|16:53] C:\Program Files\Norton Internet Security
    [14/10/2008|17:25] C:\Program Files\NortonInstaller
    [15/11/2008|17:22] C:\Program Files\NOS
    [26/01/2007|18:36] C:\Program Files\OFFICE ONE 7.0
    [26/01/2007|18:35] C:\Program Files\OFFICE One v7
    [08/05/2009|10:06] C:\Program Files\OrangeHSS
    [31/08/2008|18:52] C:\Program Files\Outsim
    [26/01/2007|18:37] C:\Program Files\Packard Bell
    [13/05/2008|11:35] C:\Program Files\Panda Security
    [14/07/2008|16:58] C:\Program Files\PhotoFiltre
    [08/11/2008|16:30] C:\Program Files\PowerISO
    [14/05/2008|18:57] C:\Program Files\ProtectDisc Driver Installer
    [05/09/2008|17:34] C:\Program Files\QuickTime
    [14/05/2008|20:57] C:\Program Files\Real
    [26/01/2007|18:14] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [22/02/2009|13:03] C:\Program Files\ReflexiveArcade
    [29/12/2008|14:49] C:\Program Files\RegCleaner
    [26/01/2007|18:21] C:\Program Files\Roxio
    [25/12/2008|12:12] C:\Program Files\SAGEM
    [04/03/2009|15:27] C:\Program Files\SolidWorks
    [04/03/2009|14:58] C:\Program Files\Sonic and Knuckles
    [04/03/2009|14:59] C:\Program Files\Sonik Synth 2 Free
    [19/04/2009|17:13] C:\Program Files\Sony
    [19/04/2009|17:10] C:\Program Files\Sony Setup
    [09/03/2009|22:02] C:\Program Files\Sports Interactive
    [20/01/2009|13:26] C:\Program Files\Steinberg
    [26/03/2009|09:29] C:\Program Files\Symantec
    [05/03/2009|12:45] C:\Program Files\Syncrosoft
    [30/12/2008|18:06] C:\Program Files\ToniArts
    [07/05/2009|23:02] C:\Program Files\trend micro
    [12/01/2009|18:33] C:\Program Files\TuneUp Utilities 2008
    [18/04/2009|22:37] C:\Program Files\Unlocker
    [25/01/2009|21:02] C:\Program Files\VirtualDJ
    [19/04/2009|17:24] C:\Program Files\VstPlugins
    [30/09/2008|18:25] C:\Program Files\Webteh
    [17/01/2009|18:22] C:\Program Files\Winamp
    [06/12/2008|10:34] C:\Program Files\Winamp Remote
    [23/05/2008|19:09] C:\Program Files\Windows Calendar
    [23/05/2008|19:09] C:\Program Files\Windows Collaboration
    [23/05/2008|19:09] C:\Program Files\Windows Defender
    [21/02/2009|23:13] C:\Program Files\Windows Installer Clean Up
    [21/02/2009|23:22] C:\Program Files\Windows Live
    [16/04/2009|11:47] C:\Program Files\Windows Mail
    [17/12/2008|15:16] C:\Program Files\Windows Media Components
    [26/02/2009|11:24] C:\Program Files\Windows Media Player
    [12/05/2008|20:33] C:\Program Files\Windows NT
    [23/05/2008|19:09] C:\Program Files\Windows Photo Gallery
    [23/05/2008|19:09] C:\Program Files\Windows Sidebar
    [07/12/2008|19:05] C:\Program Files\WinRAR
    [09/11/2008|15:18] C:\Program Files\WMV9_VCM
    [29/05/2008|22:00] C:\Program Files\Zero G Registry

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [31/12/2008|11:28] C:\Program Files\Common Files\Acon Digital Media
    [07/03/2009|23:03] C:\Program Files\Common Files\Adobe
    [24/12/2008|19:32] C:\Program Files\Common Files\Ahead
    [08/10/2008|10:18] C:\Program Files\Common Files\aol
    [26/01/2007|18:18] C:\Program Files\Common Files\aolshare
    [05/06/2008|10:20] C:\Program Files\Common Files\Apple
    [07/04/2009|10:19] C:\Program Files\Common Files\AVSMedia
    [07/05/2009|18:17] C:\Program Files\Common Files\DESIGNER
    [14/10/2008|20:00] C:\Program Files\Common Files\France Telecom
    [05/06/2008|17:13] C:\Program Files\Common Files\InstallShield
    [01/06/2008|12:13] C:\Program Files\Common Files\Java
    [20/03/2009|23:28] C:\Program Files\Common Files\logishrd
    [07/03/2009|22:42] C:\Program Files\Common Files\Macrovision Shared
    [17/05/2008|18:20] C:\Program Files\Common Files\MAGIX Shared
    [02/05/2009|21:07] C:\Program Files\Common Files\microsoft shared
    [21/12/2008|12:56] C:\Program Files\Common Files\Nero
    [26/01/2007|18:18] C:\Program Files\Common Files\Nullsoft
    [16/06/2008|08:57] C:\Program Files\Common Files\Panda Software
    [01/02/2009|20:56] C:\Program Files\Common Files\PX Storage Engine
    [30/11/2008|13:19] C:\Program Files\Common Files\Real
    [26/01/2007|18:21] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [04/03/2009|15:26] C:\Program Files\Common Files\SolidWorks Shared
    [26/01/2007|18:21] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [26/01/2007|18:21] C:\Program Files\Common Files\SureThing Shared
    [22/10/2008|17:22] C:\Program Files\Common Files\Symantec Shared
    [02/05/2009|21:03] C:\Program Files\Common Files\System
    [21/02/2009|21:27] C:\Program Files\Common Files\Windows Live
    [12/05/2008|22:35] C:\Program Files\Common Files\WindowsLiveInstaller
    [12/01/2009|18:30] C:\Program Files\Common Files\Wise Installation Wizard

    --------------------\\ Process

    ( 56 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-08 12:51:09
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 96

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\Mickael\AppData\Roaming\BitTorrent\Adobe Photoshop CS3 Extended + Crack.rar.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.1.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\doom 3 + patch V3.1 +crack nocd.rar.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Fruity Loops Studio 7 Full + Crack.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%).rar.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6-t Va Crack-er.avi.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Ma 6T va crack-er.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.1.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.2.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\MAGIX.Music.Maker.14.v13.0.2.1 + crack.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Nero 7.11.6.0 [With keygen and Activator].torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-Incl Keygen Fully Avtivated.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Norton-AV-2008-InclKeygen.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\SolidWorks Crack.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Sony Vegas Pro 8.0c Build 260 + Keygen.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.1.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.2.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen.torrent
    C:\Users\Mickael\AppData\Roaming\BitTorrent\UseNeXT 4.34 + Crack.rar.torrent
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Cubase Studio 4 Hybride (Mac et PC).iso
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Nouveau document texte.txt
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Read Me!!!.nfo
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Update_HALion_3.3.1.456.exe
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\SYNSOACC.dll
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_4.5.2.274_Update.exe
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Cubase_Studio_Patch_411.msp
    C:\Users\Mickael\Documents\Downloads\Cubase Studio 4 Hybride (Mac et PC) - Avec Patch 4.1.1 et Crack D'activation\Patch 4.1.1 et Crack D'activation\Cubase_Studio_Update_4.1.1\Update_HALionOne_1.1.0.0.exe
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Crack\fm91_t1.exe
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Instructions.txt
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\Keygen.exe
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Keygen\readme.txt
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Keygen Reloaded v9.3.0 Football Manager 2009 + Patch FR (teste et fonctionne a 100%)\Patch FR\french.ltc
    C:\Users\Mickael\Documents\Downloads\Football Manager 2009\Patch\fm2009-crack&patch.sfv
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Blackcat.nfo
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\Blackcat.txt
    C:\Users\Mickael\Documents\Downloads\MAGIX.Music.Maker.14.v13.0.2.1 + crack\Crack\MusicMaker.exe
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack.rar
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Cubase sx3.exe
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Leeme.txt
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original
    C:\Users\Mickael\Documents\Downloads\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\SYNSOACC.dll Original\SYNSOACC.dll
    C:\Users\Mickael\Documents\Nouveau dossier\(Serial-Crack-Keygen) - Alcohol 120% and Fantom CD Serials.txt
    C:\Users\Mickael\Documents\Nouveau dossier\Ableton Live 7.0.7 FULL crack serial.txt
    C:\Users\Mickael\Documents\Nouveau dossier\Alcohol 120% 1.9.7.6221 Retail Crack.txt
    C:\Users\Mickael\Documents\Nouveau dossier\ALL SERIAL Cracks,serialnumbers,keygenerators,nero,corel draw,antivirus,adobe,macromedia, norton,paint shop pro,winrar,winzip,x win,astalav.doc
    C:\Users\Mickael\Documents\Nouveau dossier\Cracks,Serialnumbers,Keygenerators,Nero,Corel Draw,Antivirus,Adobe,Macromedia, Norton,Paint Shop Pro,Winrar,Winzip,X Win,Astalav.txt
    C:\Users\Mickael\Documents\Nouveau dossier\keygen virtual dj 5.0.txt
    C:\Users\Mickael\Documents\Nouveau dossier\Nero 9 Ultra Edition 9.0.9.4b + New KeyGen serial valid crack Burning ROM retail upgrade box version.txt
    C:\Users\Mickael\Documents\Parole\Nouveau dossier\A VOIR FABULEUX astuces Liste Grossiste Codes Allopass Complet [allopass.crack.site.comment.dvix.Sel 2 Mer.By.Flaviman].rtf
    C:\Users\Mickael\Documents\Sample\Pro Samples\ReFX.quadraSID.VSTi.v1.6.incl.KeyGen-BEAT.rar
    C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr2_eLAB_Crackl_080.wav
    C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A68_MpcScr3_eLAB_Crack2_080.wav
    C:\Users\Mickael\Documents\Sample\Pro Samples\E-Lab Smokers Delight. Sample CD 16bit 44.1kHz .wav\A68-70_FxVox_Loops_80_90_100\A70_MpcVox3_eLAB_Crackl_100.wav
    C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - AIFF\HARD HITN HORNS 3\HN_HORNONCRACK.AIF
    C:\Users\Mickael\Documents\Sample\Pro Samples\URBAN WARFARE - WAV\HARD HITN HORNS 3\HN_HORNONCRACK.WAV
    C:\Users\Mickael\Documents\Sample\Sound sample\2431-117_Jovica_Tonic_Electronic_Drum_Samples\38254_Jovica_Tonic_Crack.flac
    C:\Users\Mickael\Downloads\Crack
    C:\Users\Mickael\Downloads\Crack\Craagle.exe
    C:\Users\Mickael\Downloads\Crack\Options.ini
    C:\Users\Mickael\Downloads\Crack\proxy.txt
    C:\Users\Mickael\Music\Assassin-Rockin' Squat\2007-TOO HOT FOR TV\5 Crack game.mp3
    C:\Users\Mickael\Videos\Ma 6-t Va Crack-er.avi


    [F:1729][D:351]-> C:\Users\Mickael\AppData\Local\Temp
    [F:86][D:1]-> C:\Users\Mickael\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:3983][D:9]-> C:\Users\Mickael\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:184][D:15]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 08/05/2009|10:46 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 08/05/2009|13:35 - Option : [2]

    --------------------\\ Fin du rapport a 13:35:52
    [ UAC => 1 ]



    Pour info ce n'est plus l'explorateur windows qui utilise 700 000 K mais SearchProtocolHost.exe
    a c 295 8 Sécurité
    8 Mai 2009 15:03:05

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Clique droit sur OTMoveIt3.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\Program Files\Crcle Developement

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    8 Mai 2009 15:50:29

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\Program Files\Crcle Developement moved successfully.
    ========== COMMANDS ==========
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Windows\temp\JETD2A1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JETDE1B.tmp scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05082009_153503

    Files moved on Reboot...
    File C:\Windows\temp\JETD2A1.tmp not found!
    C:\Windows\temp\JETDE1B.tmp moved successfully.
    a c 295 8 Sécurité
    8 Mai 2009 18:36:45

  • Désinstalle les programmes suivants :
    - Java 6 Update 11
    - Java 6 Update 7

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    8 Mai 2009 19:42:02

    Voici le rapport :

    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 2095
    Windows 6.0.6001 Service Pack 1

    08/05/2009 19:39:24
    mbam-log-2009-05-08 (19-39-24).txt

    Type de recherche: Examen rapide
    Eléments examinés: 87670
    Temps écoulé: 6 minute(s), 48 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 295 8 Sécurité
    8 Mai 2009 21:26:48

    Des changements ?
    8 Mai 2009 21:37:22

    Il a l'air de ramer un peu moins mais rame encore
    a c 295 8 Sécurité
    8 Mai 2009 21:39:58

  • Refais un scan RSIT et poste le rapport log.
    8 Mai 2009 22:03:48

    Finalement si l'ordinateur rame toujours autant la mémoire utilisé tourne à 95% alors qu'avant elle tourné
    a 40 maxi


    Voila le Log :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Mickael at 2009-05-08 21:48:57
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 51 GB (22%) free of 230 GB
    Total RAM: 1022 MB (33% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:50:00, on 08/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\taskmgr.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
    C:\Program Files\Webteh\BSplayer\bsplayer.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
    C:\Users\Mickael\Desktop\RSIT.exe
    C:\Program Files\trend micro\Mickael.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redirect/?country...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (file missing)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie....
    O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 10644 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Extension de garantie.job
    C:\Windows\tasks\Google Software Updater.job
    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1134688716-2738016877-902099103-1003.job
    C:\Windows\tasks\Recovery DVD Creator.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
    Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-15 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-08 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
    {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll []
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-15 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-08 148888]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
    C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
    C:\Users\Mickael\Program Files\DNA\btdna.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAMP SHIM EXIT HECK]
    C:\ProgramData\Part Regs Wave.y4z3meg []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdromatom]
    C:\ProgramData\Camp program program.4hnxrwe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DJ Console]
    C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe [2004-12-24 282624]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
    C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
    C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet]
    C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe /min []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-19 29744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    C:\Users\Mickael\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-02 133104]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
    C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
    C:\Program Files\Common Files\AOL\1169828225\ee\AOLSoftware.exe [2006-11-14 50736]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-08-25 221184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-08-25 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-20 228088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2006-10-23 1092152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-08 148888]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-15 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystrayORAHSS]
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
    C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransVente]
    C:\PROGRA~1\TRANSV~1\TransVente.exe 1 []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
    C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
    C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    C:\Program Files\Winamp\winampa.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
    oobefldr.dll,ShowWelcomeCenter []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BitTorrent Ultra Accelerator.lnk]
    C:\PROGRA~1\BITTOR~2\BITTOR~1.EXE [2008-12-08 236032]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mickael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moteur du Planificateur de tâches SolidWorks.lnk]
    C:\PROGRA~1\SOLIDW~2\SWSCHE~1\SWBOEN~1.EXE []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "FilterAdministratorToken"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
    "C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe"="C:\Program Files\River Past\Screen Recorder\ScreenRecorder.exe:*:Enabled:River Past Screen Recorder"
    "C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
    "C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:o rbit"
    "C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:o rbit"
    "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
    "C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10371688-96dc-11dd-8969-0019db413655}]
    shell\Auto\command - cmd /C launch.bat
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48198042-205c-11dd-be51-00038a000015}]
    shell\AutoRun\command - I:\EmDesk.exe
    shell\EmDesk\command - I:\EmDesk.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e02d29d6-2058-11dd-ba10-806e6f6e6963}]
    shell\AutoRun\command - D:\setup.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-05-08 19:29:14 ----D---- C:\Users\Mickael\AppData\Roaming\Malwarebytes
    2009-05-08 19:29:06 ----D---- C:\ProgramData\Malwarebytes
    2009-05-08 19:29:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-08 18:57:54 ----A---- C:\Windows\system32\javaws.exe
    2009-05-08 18:57:54 ----A---- C:\Windows\system32\javaw.exe
    2009-05-08 18:57:53 ----A---- C:\Windows\system32\java.exe
    2009-05-08 15:35:03 ----D---- C:\_OTMoveIt
    2009-05-08 10:36:25 ----A---- C:\lopR.txt
    2009-05-08 10:34:44 ----D---- C:\Lop SD
    2009-05-07 23:00:15 ----D---- C:\Program Files\trend micro
    2009-05-07 23:00:05 ----D---- C:\rsit
    2009-05-06 19:49:16 ----D---- C:\Program Files\Acoustica Beatcraft
    2009-04-21 15:01:29 ----D---- C:\Users\Mickael\AppData\Roaming\Anuman Interactive
    2009-04-19 17:27:49 ----D---- C:\Users\Mickael\AppData\Roaming\Publish Providers
    2009-04-19 17:21:42 ----D---- C:\Users\Mickael\AppData\Roaming\Sony
    2009-04-19 17:15:05 ----D---- C:\ProgramData\Sony
    2009-04-19 17:13:09 ----D---- C:\Program Files\Sony
    2009-04-19 17:10:49 ----D---- C:\Program Files\Sony Setup
    2009-04-15 11:23:21 ----A---- C:\Windows\system32\xolehlp.dll
    2009-04-15 11:23:21 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-04-15 11:23:04 ----A---- C:\Windows\system32\winhttp.dll
    2009-04-15 11:21:03 ----A---- C:\Windows\system32\rpcss.dll
    2009-04-15 11:21:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2009-04-15 11:21:01 ----A---- C:\Windows\system32\ntoskrnl.exe
    2009-04-15 11:20:58 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
    2009-04-15 11:20:57 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
    2009-04-15 11:20:56 ----A---- C:\Windows\system32\sdohlp.dll
    2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasrecst.dll
    2009-04-15 11:20:56 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-04-15 11:20:55 ----A---- C:\Windows\system32\iashost.exe
    2009-04-15 11:20:55 ----A---- C:\Windows\system32\iasads.dll
    2009-04-15 11:20:12 ----A---- C:\Windows\system32\lsasrv.dll
    2009-04-15 11:20:11 ----A---- C:\Windows\system32\kernel32.dll
    2009-04-15 11:20:09 ----A---- C:\Windows\system32\secur32.dll
    2009-04-15 11:20:07 ----A---- C:\Windows\system32\apilogen.dll
    2009-04-15 11:20:07 ----A---- C:\Windows\system32\amxread.dll

    ======List of files/folders modified in the last 1 months======

    2009-05-08 21:48:54 ----D---- C:\Windows\Temp
    2009-05-08 19:48:28 ----D---- C:\Windows\Tasks
    2009-05-08 19:43:57 ----SHD---- C:\Config.Msi
    2009-05-08 19:43:41 ----D---- C:\Windows\system32\drivers
    2009-05-08 19:29:06 ----D---- C:\ProgramData
    2009-05-08 19:29:06 ----D---- C:\Program Files
    2009-05-08 19:26:21 ----SHD---- C:\Windows\Installer
    2009-05-08 19:21:01 ----D---- C:\ProgramData\Adobe
    2009-05-08 19:20:16 ----D---- C:\Program Files\Common Files\Adobe
    2009-05-08 19:19:58 ----D---- C:\Program Files\Adobe
    2009-05-08 19:16:20 ----D---- C:\Windows\System32
    2009-05-08 19:15:23 ----SHD---- C:\System Volume Information
    2009-05-08 19:00:02 ----SD---- C:\Windows\Downloaded Program Files
    2009-05-08 18:56:58 ----A---- C:\Windows\system32\deploytk.dll
    2009-05-08 18:51:30 ----D---- C:\Program Files\Java
    2009-05-08 18:51:29 ----D---- C:\Program Files\Common Files
    2009-05-08 16:49:00 ----D---- C:\Windows\winsxs
    2009-05-08 16:48:59 ----D---- C:\Program Files\Internet Explorer
    2009-05-08 15:10:16 ----D---- C:\Windows\system32\catroot
    2009-05-08 10:47:31 ----A---- C:\Windows\NeroDigital.ini
    2009-05-08 10:10:02 ----A---- C:\ExtractLog.txt
    2009-05-08 10:06:59 ----D---- C:\Program Files\OrangeHSS
    2009-05-08 09:04:41 ----D---- C:\ProgramData\Google Updater
    2009-05-08 09:01:43 ----D---- C:\Windows
    2009-05-07 18:17:41 ----D---- C:\Program Files\Microsoft Office
    2009-05-07 18:17:41 ----D---- C:\Program Files\Common Files\DESIGNER
    2009-05-07 18:13:39 ----D---- C:\Program Files\Anuman Interactive
    2009-05-07 18:13:18 ----D---- C:\Program Files\Audacity
    2009-05-07 18:13:17 ----D---- C:\Windows\Prefetch
    2009-05-07 11:54:52 ----D---- C:\Windows\system32\catroot2
    2009-05-06 20:04:55 ----D---- C:\Users\Mickael\AppData\Roaming\BitTorrent
    2009-05-06 13:05:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-05-06 13:05:06 ----D---- C:\Windows\inf
    2009-05-06 12:48:17 ----A---- C:\Windows\Robota.INI
    2009-05-06 12:48:17 ----A---- C:\Windows\BeatBox.INI
    2009-05-04 12:29:57 ----D---- C:\ProgramData\stop 4
    2009-05-02 21:12:36 ----D---- C:\ProgramData\Microsoft Help
    2009-05-02 21:10:52 ----RSD---- C:\Windows\assembly
    2009-05-02 21:07:56 ----RSD---- C:\Windows\Fonts
    2009-05-02 21:07:38 ----D---- C:\Program Files\Common Files\microsoft shared
    2009-05-02 21:06:53 ----D---- C:\Program Files\Microsoft Works
    2009-05-02 21:03:48 ----A---- C:\Windows\win.ini
    2009-05-02 21:03:47 ----D---- C:\Program Files\Common Files\System
    2009-04-29 10:27:24 ----D---- C:\temp
    2009-04-28 20:06:20 ----D---- C:\Windows\system32\LogFiles
    2009-04-24 23:11:28 ----D---- C:\Users\Mickael\AppData\Roaming\BSplayer
    2009-04-21 22:00:02 ----D---- C:\Windows\Debug
    2009-04-19 17:41:10 ----AD---- C:\ProgramData\TEMP
    2009-04-19 17:24:14 ----D---- C:\Program Files\VstPlugins
    2009-04-18 22:37:00 ----D---- C:\Program Files\Unlocker
    2009-04-16 11:47:48 ----D---- C:\Windows\system32\wbem
    2009-04-16 11:47:48 ----D---- C:\Program Files\Windows Mail
    2009-04-16 11:47:47 ----D---- C:\Windows\system32\manifeststore
    2009-04-16 11:47:47 ----D---- C:\Windows\AppPatch

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
    R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-03-25 482352]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-03-25 371248]
    R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-09-03 12800]
    R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090501.001\IDSvix86.sys [2009-01-29 292912]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
    R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\Windows\system32\drivers\NIS\1005000.087\SRTSPX.SYS [2009-03-12 43696]
    R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-03-12 25136]
    R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
    R2 acedrv10;acedrv10; \??\C:\Windows\system32\drivers\acedrv10.sys [2007-07-27 330144]
    R2 acehlp10;acehlp10; \??\C:\Windows\system32\drivers\acehlp10.sys [2007-07-27 251680]
    R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-25 101936]
    R3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
    R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]
    R3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
    R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
    R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
    R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090508.003\NAVENG.SYS [2009-03-25 89104]
    R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090508.003\NAVEX15.SYS [2009-03-25 876144]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
    R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
    R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-03-26 124464]
    R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
    R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS [2009-03-12 39984]
    R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    S2 Nsynas32;Nsynas32; C:\Windows\system32\drivers\Nsynas32.sys []
    S3 alha9p7u;alha9p7u; C:\Windows\system32\drivers\alha9p7u.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
    S3 FETNDIS;Service de pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
    S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter; \??\C:\Users\Mickael\AppData\Local\Temp\Low\OnlineScanner\Anti-Virus\fsgk.sys []
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-03-29 47360]
    S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\NIS\1002000.007\SYMDNS.SYS []
    S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS []
    S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2007-10-24 23288]
    S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
    S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
    S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-19 31616]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2006-12-12 57344]
    R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
    R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
    R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-20 166648]
    R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-20 887544]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
    S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe []
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-07 654848]
    S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-19 29744]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-10 532264]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-12-20 79360]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
    S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-01-12 355584]
    S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    8 Mai 2009 22:11:08

    Il reste des traces d'infection mais tes soucis ne viennent pas de là.
    8 Mai 2009 22:11:28

    Pour info, avant hier dans l'après midi bien avant que le PC se soit mis à ramer,
    un logiciel avait était installé, c'est BeatCraft, la version démo téléchargé sur 01.net.
    Mais je doute que se soit lui qui ait fait buger mon PC on ne sait jamais. Je l'ai désinstallé depuis.
    8 Mai 2009 22:36:08

    Autrement je pourrai de revenir à un état antérieur du PC grâce au sauvegarde automatique mais le peux de fois ou j'avais testé cela par le passé à chaque au redémarrage l'ordinateur me disez échec donc si tu pourrais m'aider a ce sujet...
    a c 295 8 Sécurité
    8 Mai 2009 22:37:17

    Tu parles de la restauration système ?
    8 Mai 2009 22:47:43

    non de revenir à plusieurs avant que le pc rame
    a c 295 8 Sécurité
    8 Mai 2009 22:58:10

    Je n'ai pas compris.
    8 Mai 2009 23:06:10

    Le pc fait des sauvegardes du systeme pour si au cas où il y a un bug (comme dans mon cas) qu'on puisse restaurer les fichiers système de votre ordinateur à un point antérieur dans le temps.
    il y a des explications sur cette page : http://www.libellules.ch/restauration_system_vista.php

    j'avais déja essayer de faire ca dans le passé mais a chaque il y avait une érreur
    a c 295 8 Sécurité
    8 Mai 2009 23:08:28

    Je t'ai demandé si tu parlais de la restauration système et tu m'as répondu non...
    8 Mai 2009 23:14:11

    désolé j'ai cru que tu parlait de la restauration complète
    a c 295 8 Sécurité
    8 Mai 2009 23:15:23

    Je n'ai pas de solution pour toi.
    8 Mai 2009 23:16:26

    ok merci quand même
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS