Votre question

Pris avec trojan:win32/vundo.gen!AA

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Avril 2009 12:21:12

Je ne réussis pas à me débarasser de ce virus trojan:win32/vundo.gen!AA, mon malwarebytes ne fonctionne plus (ni mon AVG) que faire quelqu'un peut m'aider? svp!!

Autres pages sur : pris trojan win32 vundo gen

a b 8 Sécurité
7 Avril 2009 12:47:21

Un bonjour ?

Quel est l'emplacement ?

Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue  à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt  (qui sera affiché)
    ainsi que de info.txt  (qui sera réduit dans la Barre des Tâches)
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit  
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
    7 Avril 2009 16:41:26

    merci beaucoup de ton aide voici:

    info.txt logfile of random's system information tool 1.06 2009-04-06 22:51:16

    ======Uninstall list======

    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x40c /cont -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c -removeonly
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Acrobat.com-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
    Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Illustrator CS Tryout-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{85CC6638-C827-40E8-94C7-110A77E7812B}\setup.exe"
    Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
    Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    AdvancedAdvisor-->C:\Program Files\AdvancedAdvisor\uninstall.exe
    Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
    a-squared Anti-Malware 4.0-->"C:\Program Files\a-squared Anti-Malware\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Book'In-->C:\Program Files\Book'In\Uninst.exe
    Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x40c Brunin03.dllBrunin03.dll
    canadiens.com Toolbar-->C:\PROGRA~1\CANADI~1.COM\UNWISE.EXE C:\PROGRA~1\CANADI~1.COM\INSTALL.LOG
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    ConvertXtoDVD 3.4.7.121-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
    Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    dBpoweramp Musepack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Musepack Codec.dat
    DVD Profiler Version 3.1.1-->"C:\Program Files\DVD Profiler\unins000.exe"
    EmoDio-->"C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\setup.exe" -runfromtemp -l0x040c -removeonly
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
    High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
    IZArc 3.6-->"C:\Program Files\IZArc\unins000.exe"
    J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    K-Lite Codec Pack 4.2.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFUB.inf
    Last.fm 1.5.4.24567-->"C:\Program Files\Last.fm\unins000.exe"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    MetaFrame Presentation Server Web Client for Win32-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wficat.inf,DefaultUninstall
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft FrontPage Express-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\fpxpress.inf, Uninstall
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office XP Professional-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    MobileMe Control Panel-->MsiExec.exe /I{C7EEC93A-2A61-4B1E-B696-A264680A889D}
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Music Label 2009 v15.0.1-->"C:\Program Files\Music Label 2009\UninsHs.exe" /u0=ca_musiclabel
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{1E86581C-2858-4094-AB8B-D005EF96D4AC}_2_0_0\NSSSetup.exe" /X
    Norton Security Scan-->MsiExec.exe /X{1E86581C-2858-4094-AB8B-D005EF96D4AC}
    ODS-->C:\Program Files\ODS\Uninstal.exe
    On2 VP3 Video for Windows Codec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF59708F-60F4-11D5-866A-00A0D2183227}\Setup.exe" -l0x9
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Safari-->MsiExec.exe /X{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
    Samsung Media Studio 5-->"C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe" -runfromtemp -l0x040c -removeonly
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sony Picture Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x40c /removeonly uninstall -removeonly
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    VIA/S3G Display Driver 6.14.10.0067-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
    VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    VP6 VFW Codec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A23866A0-738B-4091-9924-0B0DE3988A15}\Setup.exe" -l0x9
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

    ======Hosts File======

    91.121.97.18 mininova.org
    91.121.97.18 www.mininova.org
    91.121.97.18 thepiratebay.org
    91.121.97.18 www.thepiratebay.org
    91.121.97.18 demonoid.com
    91.121.97.18 www.demonoid.com

    ======Security center information======

    AV: AVG 7.5.476 (outdated)
    AV: a-squared Anti-Malware (disabled) (outdated)

    ======System event log======

    Computer Name: FAM
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

    Record Number: 18560
    Source Name: Service Control Manager
    Time Written: 20090302110707.000000-300
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: FAM
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de l’iPod.

    Record Number: 18559
    Source Name: Service Control Manager
    Time Written: 20090302110707.000000-300
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: FAM
    Event Code: 7036
    Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

    Record Number: 18558
    Source Name: Service Control Manager
    Time Written: 20090302110707.000000-300
    Event Type: Informations
    User:

    Computer Name: FAM
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 18557
    Source Name: Service Control Manager
    Time Written: 20090302110706.000000-300
    Event Type: Informations
    User:

    Computer Name: FAM
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 18556
    Source Name: Service Control Manager
    Time Written: 20090302110705.000000-300
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: FAM
    Event Code: 102
    Message: msnmsgr (336) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\stef_rene@hotmail.com\SharingMetadata\Working\database_3CE4_75D4_E475_913E\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 6980
    Source Name: ESENT
    Time Written: 20090223220011.000000-300
    Event Type: Informations
    User:

    Computer Name: FAM
    Event Code: 100
    Message: msnmsgr (336) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 6979
    Source Name: ESENT
    Time Written: 20090223220011.000000-300
    Event Type: Informations
    User:

    Computer Name: FAM
    Event Code: 101
    Message: msnmsgr (336) Le moteur de base de données est arrêté.

    Record Number: 6978
    Source Name: ESENT
    Time Written: 20090223220000.000000-300
    Event Type: Informations
    User:

    Computer Name: FAM
    Event Code: 103
    Message: msnmsgr (336) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\stef_jean@hotmail.com\SharingMetadata\Working\database_3CE4_75D4_E475_913E\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 6977
    Source Name: ESENT
    Time Written: 20090223220000.000000-300
    Event Type: Informations
    User:

    Computer Name: FAM
    Event Code: 302
    Message: msnmsgr (336) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\stef_jean@hotmail.com\SharingMetadata\Working\database_3CE4_75D4_E475_913E\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

    Record Number: 6976
    Source Name: ESENT
    Time Written: 20090223175828.000000-300
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=1
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_REVISION"=0409
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "windir"=%SystemRoot%
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Propriétaire at 2009-04-06 22:47:54
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 138 GB (58%) free of 238 GB
    Total RAM: 958 MB (44% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:51:10, on 2009-04-06
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\S3trayp.exe
    C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\Updater.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
    C:\Program Files\trend micro\Propriétaire.exe
    C:\WINDOWS\explorer.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    R3 - URLSearchHook: canadiens.com Toolbar - {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - C:\Program Files\canadiens.com\tbcan0.dll
    O1 - Hosts: 91.121.97.18 mininova.org
    O1 - Hosts: 91.121.97.18 www.mininova.org
    O1 - Hosts: 91.121.97.18 thepiratebay.org
    O1 - Hosts: 91.121.97.18 www.thepiratebay.org
    O1 - Hosts: 91.121.97.18 demonoid.com
    O1 - Hosts: 91.121.97.18 www.demonoid.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {243B26E6-2249-4684-A1AC-BBAE126799E9} - C:\WINDOWS\system32\awtSmLcD.dll (file missing)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\opnnmLdd.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
    O2 - BHO: (no name) - {A9921C1F-235E-41D5-AEE8-412084CBA9C0} - C:\WINDOWS\system32\geBtTnOI.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: {b7cde4bd-16b1-6949-d654-03a1283c8ddc} - {cdd8c382-1a30-456d-9496-1b61db4edc7b} - C:\WINDOWS\system32\tmhtal.dll
    O2 - BHO: canadiens.com Toolbar - {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - C:\Program Files\canadiens.com\tbcan0.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: (no name) - {F457D667-CF9D-4017-AD29-80E2B342255E} - C:\WINDOWS\system32\awtutuTJ.dll
    O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
    O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
    O3 - Toolbar: canadiens.com Toolbar - {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - C:\Program Files\canadiens.com\tbcan0.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P19 "EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Windows Update] C:\WINDOWS\system32\Updater.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.downlo...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://costco.pnimedia.com/upload/activex/v2_0_0_11/PCA...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6A8ED576-66E9-4352-BF51-766A9B0F1FAF}: NameServer = 85.255.112.132,85.255.112.188
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.132,85.255.112.188
    O17 - HKLM\System\CS1\Services\Tcpip\..\{6A8ED576-66E9-4352-BF51-766A9B0F1FAF}: NameServer = 85.255.112.132,85.255.112.188
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.132,85.255.112.188
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O20 - Winlogon Notify: opnnmLdd - C:\WINDOWS\SYSTEM32\opnnmLdd.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 14232 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\acqcqgum.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job
    C:\WINDOWS\tasks\Norton Security Scan for Propriétaire.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B26E6-2249-4684-A1AC-BBAE126799E9}]
    C:\WINDOWS\system32\awtSmLcD.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-24 304736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
    C:\WINDOWS\system32\opnnmLdd.dll [2009-04-06 36864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
    Ask Search Assistant BHO - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL [2007-08-16 57344]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9921C1F-235E-41D5-AEE8-412084CBA9C0}]
    C:\WINDOWS\system32\geBtTnOI.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-28 251504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-25 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-28 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdd8c382-1a30-456d-9496-1b61db4edc7b}]
    C:\WINDOWS\system32\tmhtal.dll [2009-04-06 98816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}]
    canadiens.com Toolbar - C:\Program Files\canadiens.com\tbcan0.dll [2009-03-05 1883672]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-31 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-31 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F457D667-CF9D-4017-AD29-80E2B342255E}]
    C:\WINDOWS\system32\awtutuTJ.dll [2009-04-06 237056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
    Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2007-08-16 245760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2007-08-16 245760]
    {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - canadiens.com Toolbar - C:\Program Files\canadiens.com\tbcan0.dll [2009-03-05 1883672]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-28 251504]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]
    "S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-07-10 176128]
    "HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2006-09-29 720896]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-24 29744]
    "EPSON Stylus CX5400"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE /P19 EPSON Stylus CX5400 /O6 USB001 /M Stylus CX5400 []
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-06 177472]
    "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-24 185872]
    "SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-12-14 132624]
    "SetDefPrt"=C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe [2004-11-11 49152]
    "ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-01-07 864256]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-31 148888]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
    "AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2009-04-06 416256]
    "a-squared"=C:\Program Files\a-squared Anti-Malware\a2guard.exe [2009-02-25 2799760]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-04-04 68856]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe []
    "Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe []
    "Uniblue RegistryBooster 2"=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []
    "WeatherEye"=C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe [2009-01-16 4519832]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "Windows Update"=C:\WINDOWS\system32\Updater.exe [2009-04-04 163840]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnnmLdd]
    C:\WINDOWS\system32\opnnmLdd.dll [2009-04-06 36864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=C:\WINDOWS\system32\opnnmLdd.dll [2009-04-06 36864]
    "{deb76dc9-7214-4f58-a64f-42379bffa503}"=C:\WINDOWS\system32\tmhtal.dll [2009-04-06 98816]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "authentication packages"=msv1_0
    C:\WINDOWS\system32\awtutuTJ

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
    "C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
    "C:\Program Files\Fichiers communs\Nero\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
    "C:\Documents and Settings\Propriétaire\Local Settings\Temp\OnlineUpdate8\SetupXu.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\OnlineUpdate8\SetupXu.exe:*:Enabled:Nero ControlCenter"
    "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
    "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
    "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire 4.18.8"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
    "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
    "C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-04-06 22:47:55 ----D---- C:\Program Files\trend micro
    2009-04-06 22:47:54 ----D---- C:\rsit
    2009-04-06 22:28:02 ----SH---- C:\WINDOWS\system32\vbeuujay.ini
    2009-04-06 22:27:56 ----A---- C:\WINDOWS\system32\tmhtal.dll
    2009-04-06 22:27:55 ----A---- C:\WINDOWS\system32\gdhuinuy.dll
    2009-04-06 22:27:51 ----A---- C:\WINDOWS\system32\yajuuebv.dll
    2009-04-06 22:27:37 ----ASH---- C:\WINDOWS\system32\JTututwa.ini2
    2009-04-06 22:27:37 ----ASH---- C:\WINDOWS\system32\JTututwa.ini
    2009-04-06 22:27:35 ----A---- C:\WINDOWS\system32\awtutuTJ.dll
    2009-04-06 22:21:24 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-04-06 21:30:57 ----D---- C:\VundoFix Backups
    2009-04-06 21:30:57 ----A---- C:\VundoFix.txt
    2009-04-06 21:26:12 ----ASH---- C:\WINDOWS\system32\TsYyayxx.ini2
    2009-04-06 21:26:12 ----ASH---- C:\WINDOWS\system32\TsYyayxx.ini
    2009-04-06 20:33:08 ----D---- C:\Program Files\a-squared Anti-Malware
    2009-04-06 20:07:54 ----SH---- C:\WINDOWS\system32\ngeofxqm.ini
    2009-04-06 20:07:45 ----A---- C:\WINDOWS\system32\jajufrcx.dll
    2009-04-06 20:07:26 ----ASH---- C:\WINDOWS\system32\IOnTtBeg.ini2
    2009-04-06 20:07:25 ----ASH---- C:\WINDOWS\system32\IOnTtBeg.ini
    2009-04-06 20:02:15 ----D---- C:\WINDOWS\Minidump
    2009-04-06 19:58:27 ----D---- C:\Documents and Settings\Propriétaire\Application Data\AVG7
    2009-04-06 19:58:04 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
    2009-04-06 19:58:04 ----D---- C:\Documents and Settings\All Users\Application Data\avg7
    2009-04-06 19:43:58 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
    2009-04-06 19:17:18 ----SH---- C:\WINDOWS\system32\pilhctbx.ini
    2009-04-06 19:17:17 ----A---- C:\WINDOWS\system32\dnqtyldk.dll
    2009-04-06 19:15:38 ----A---- C:\WINDOWS\system32\ef5655ef-.txt
    2009-04-06 19:12:06 ----ASH---- C:\WINDOWS\system32\DcLmStwa.ini2
    2009-04-06 19:12:05 ----ASH---- C:\WINDOWS\system32\DcLmStwa.ini
    2009-04-06 19:03:55 ----A---- C:\WINDOWS\system32\opnnmLdd.dll
    2009-04-06 19:02:30 ----D---- C:\Program Files\AVG
    2009-04-04 20:58:27 ----A---- C:\WINDOWS\system32\Updater.exe
    2009-04-02 17:12:59 ----D---- C:\Program Files\iPod
    2009-04-02 17:12:48 ----D---- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    2009-04-02 17:08:51 ----D---- C:\Program Files\QuickTime
    2009-03-31 16:38:37 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-03-31 16:38:37 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-03-31 16:38:37 ----A---- C:\WINDOWS\system32\java.exe
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\vorbisenc.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\vorbis.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\tg_dump.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\muzwmts.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\muzapp.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\muzaf1.dll
    2009-03-26 15:26:59 ----A---- C:\WINDOWS\system32\muzapp.exe
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\TG_DUMP0708.DLL
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\OggDS.dll
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\Ogg.dll
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\MaDRM.dll
    2009-03-26 15:26:54 ----N---- C:\WINDOWS\system32\MAMACExtract.dll
    2009-03-26 15:26:31 ----D---- C:\Program Files\MarkAny
    2009-03-21 08:47:52 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-03-21 08:44:26 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-03-21 08:43:35 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-03-21 08:39:19 ----D---- C:\Program Files\Microsoft
    2009-03-21 08:38:53 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-03-21 08:33:00 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-03-16 20:24:17 ----A---- C:\WINDOWS\BRWMARK.INI
    2009-03-16 20:23:15 ----A---- C:\WINDOWS\system32\BrWia04b.dll
    2009-03-16 20:23:15 ----A---- C:\WINDOWS\system32\BrUSi04b.dll
    2009-03-16 20:23:12 ----N---- C:\WINDOWS\system32\brinsstr.dll
    2009-03-16 20:23:11 ----N---- C:\WINDOWS\system32\brrbtool.exe
    2009-03-16 20:23:11 ----N---- C:\WINDOWS\system32\BROSNMP.DLL
    2009-03-16 20:23:11 ----N---- C:\WINDOWS\system32\brlm03a.dll
    2009-03-16 20:23:08 ----N---- C:\WINDOWS\system32\PDRVINST.DLL
    2009-03-16 20:23:08 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
    2009-03-16 20:23:08 ----N---- C:\WINDOWS\system32\BrWebIns.dll
    2009-03-16 20:23:07 ----D---- C:\Program Files\Common Files
    2009-03-16 20:23:07 ----D---- C:\Program Files\Brother
    2009-03-16 20:23:01 ----D---- C:\Brother
    2009-03-16 20:23:00 ----N---- C:\WINDOWS\brunin03.dll
    2009-03-16 20:22:15 ----D---- C:\Documents and Settings\All Users\Application Data\Brother
    2009-03-11 23:29:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-11 23:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-03-11 23:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-11 23:28:22 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$

    ======List of files/folders modified in the last 1 months======

    2009-04-06 22:49:57 ----D---- C:\WINDOWS\Temp
    2009-04-06 22:49:43 ----D---- C:\WINDOWS\system32\drivers
    2009-04-06 22:49:24 ----D---- C:\WINDOWS\system32
    2009-04-06 22:47:55 ----D---- C:\Program Files
    2009-04-06 22:46:31 ----SD---- C:\WINDOWS\Tasks
    2009-04-06 22:43:34 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-06 22:43:09 ----D---- C:\Program Files\DNA
    2009-04-06 22:43:09 ----D---- C:\Documents and Settings\Propriétaire\Application Data\DNA
    2009-04-06 22:31:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
    2009-04-06 22:30:52 ----D---- C:\Program Files\Norton Security Scan
    2009-04-06 22:21:24 ----D---- C:\WINDOWS
    2009-04-06 22:18:38 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-04-06 21:36:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-04-06 19:57:55 ----D---- C:\WINDOWS\system
    2009-04-06 19:04:58 ----D---- C:\Documents and Settings\Propriétaire\Application Data\BitTorrent
    2009-04-06 19:02:11 ----SHD---- C:\WINDOWS\Installer
    2009-04-06 19:02:10 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-04-06 18:59:32 ----D---- C:\WINDOWS\Prefetch
    2009-04-06 14:09:13 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-04-05 13:41:59 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Vso
    2009-04-04 21:54:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\DVD Profiler
    2009-04-04 21:43:38 ----D---- C:\Program Files\DVD Profiler
    2009-04-03 17:44:16 ----D---- C:\Program Files\AdvancedAdvisor
    2009-04-03 08:31:14 ----HD---- C:\WINDOWS\inf
    2009-04-02 17:13:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-04-02 17:13:24 ----D---- C:\Program Files\iTunes
    2009-04-02 17:12:57 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-03-31 16:37:39 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-03-31 16:36:47 ----D---- C:\Program Files\Java
    2009-03-31 16:30:48 ----D---- C:\Program Files\Safari
    2009-03-28 11:38:46 ----D---- C:\Program Files\Last.fm
    2009-03-27 07:41:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-26 15:32:38 ----A---- C:\WINDOWS\FISHUI.INI
    2009-03-26 15:26:29 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-03-26 09:50:21 ----SD---- C:\Documents and Settings\Propriétaire\Application Data\Microsoft
    2009-03-22 13:29:26 ----D---- C:\WINDOWS\network diagnostic
    2009-03-21 09:40:31 ----RSD---- C:\WINDOWS\assembly
    2009-03-21 09:40:31 ----D---- C:\WINDOWS\Microsoft.NET
    2009-03-21 08:49:55 ----D---- C:\Program Files\Windows Live
    2009-03-21 08:47:53 ----D---- C:\WINDOWS\WinSxS
    2009-03-21 08:47:23 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-03-21 08:46:30 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-03-21 08:44:32 ----D---- C:\WINDOWS\system32\DirectX
    2009-03-21 08:38:20 ----RSD---- C:\WINDOWS\Fonts
    2009-03-21 08:33:00 ----D---- C:\Program Files\Fichiers communs
    2009-03-19 09:42:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-03-19 09:42:50 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-03-19 09:42:47 ----D---- C:\Program Files\Adobe
    2009-03-17 21:53:28 ----D---- C:\Program Files\EPSON
    2009-03-16 20:23:07 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2009-03-15 14:42:50 ----D---- C:\WINDOWS\Help
    2009-03-14 12:47:10 ----A---- C:\backup.dpb.bak
    2009-03-11 23:29:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-03-11 23:29:07 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-11 06:50:24 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2009-04-06 820928]
    R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2009-04-06 4224]
    R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2009-04-06 27776]
    R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2009-04-06 3968]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
    R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232]
    R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936]
    R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
    R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-11-16 42496]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-01-15 23848]
    R3 HdAudAddService;VIA High Definition Audio Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2006-09-18 141824]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-02-01 47360]
    R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-08-13 654848]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 gcbqkljk;gcbqkljk; \??\C:\WINDOWS\system32\drivers\gcbqkljk.sys []
    S1 gcbqkljk;gcbqkljk; \??\C:\WINDOWS\system32\drivers\gcbqkljk.sys []
    S1 ggvnuhum;ggvnuhum; \??\C:\WINDOWS\system32\drivers\ggvnuhum.sys []
    S1 rabxghhj;rabxghhj; \??\C:\WINDOWS\system32\drivers\rabxghhj.sys []
    S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
    S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
    S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2009-02-25 425080]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2009-04-06 353280]
    R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2009-04-06 49664]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-31 152984]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    7 Avril 2009 16:52:33

    suite
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-24 29744]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------

    MERCI BEAUCOUP!!!
    a b 8 Sécurité
    7 Avril 2009 18:36:29

    Re,

    Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    7 Avril 2009 21:39:14

    voila!
    ComboFix 09-04-04.01 - Propriétaire 2009-04-07 15:22:34.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.958.659 [GMT -4:00]
    Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
    AV: a-squared Anti-Malware *On-access scanning disabled* (Outdated)
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    c:\documents and settings\Propriétaire\Application Data\inst.exe
    c:\windows\system32\amdnxz.dll
    c:\windows\system32\DcLmStwa.ini
    c:\windows\system32\DcLmStwa.ini2
    c:\windows\system32\drivers\gaopdxvndenkjmogmcboylfsqrilsxmuyuodmx.sys
    c:\windows\system32\gaopdxcounter
    c:\windows\system32\gaopdxrvyepjnkrdtldguyaedhbgixfcinlrpj.dll
    c:\windows\system32\IOnTtBeg.ini
    c:\windows\system32\IOnTtBeg.ini2
    c:\windows\system32\JTututwa.ini
    c:\windows\system32\JTututwa.ini2
    c:\windows\system32\kkUBKRqr.ini
    c:\windows\system32\kkUBKRqr.ini2
    c:\windows\system32\ngeofxqm.ini
    c:\windows\system32\obslgiqo.dll
    c:\windows\system32\opnnmLdd.dll
    c:\windows\system32\oqiglsbo.ini
    c:\windows\system32\pilhctbx.ini
    c:\windows\system32\qyhmfuci.dll
    c:\windows\system32\rqRKBUkk.dll
    c:\windows\system32\tmp.reg
    c:\windows\system32\TsYyayxx.ini
    c:\windows\system32\TsYyayxx.ini2
    c:\windows\system32\Updater.exe
    c:\windows\system32\vbeuujay.ini
    c:\windows\Tasks\acqcqgum.job

    ----- BITS: Il y a peut-être des sites infectés -----

    hxxp://drm.wippiespace.com
    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_gaopdxserv.sys


    ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-07 au 2009-04-07 ))))))))))))))))))))))))))))))))))))
    .

    2009-04-06 22:47 . 2009-04-06 22:51 <REP> d-------- C:\rsit
    2009-04-06 22:47 . 2009-04-06 22:51 <REP> d-------- c:\program files\trend micro
    2009-04-06 21:30 . 2009-04-06 21:30 <REP> d-------- C:\VundoFix Backups
    2009-04-06 20:33 . 2009-04-06 20:41 <REP> d-------- c:\program files\a-squared Anti-Malware
    2009-04-06 19:58 . 2009-04-07 10:11 <REP> d-------- c:\documents and settings\Propriétaire\Application Data\AVG7
    2009-04-06 19:58 . 2009-04-06 19:58 <REP> d-------- c:\documents and settings\LocalService\Application Data\AVG7
    2009-04-06 19:58 . 2009-04-07 15:11 <REP> d-------- c:\documents and settings\All Users\Application Data\avg7
    2009-04-06 19:43 . 2009-04-06 19:43 <REP> d-------- c:\documents and settings\All Users\Application Data\Avg8
    2009-04-06 19:02 . 2009-04-06 19:02 <REP> d-------- c:\program files\AVG
    2009-04-02 17:12 . 2009-04-02 17:12 <REP> d-------- c:\program files\iPod
    2009-04-02 17:12 . 2009-04-02 17:13 <REP> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    2009-04-02 17:08 . 2009-04-02 17:09 <REP> d-------- c:\program files\QuickTime
    2009-03-26 15:26 . 2009-03-26 15:26 <REP> d-------- c:\program files\MarkAny
    2009-03-21 08:56 . 2009-04-07 15:28 <REP> d-------- c:\documents and settings\Propriétaire\Tracing
    2009-03-21 08:56 . 2009-04-07 15:28 <REP> d-------- c:\documents and settings\Propriétaire\Tracing
    2009-03-21 08:49 . 2009-02-06 18:08 55,152 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys
    2009-03-21 08:47 . 2009-03-21 08:47 <REP> d-------- c:\program files\Microsoft Sync Framework
    2009-03-21 08:44 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
    2009-03-21 08:43 . 2009-03-21 08:43 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
    2009-03-21 08:39 . 2009-03-21 08:51 <REP> d-------- c:\program files\Microsoft
    2009-03-21 08:38 . 2009-03-21 08:38 <REP> d-------- c:\program files\Windows Live SkyDrive
    2009-03-21 08:33 . 2009-03-21 08:33 <REP> d-------- c:\program files\Fichiers communs\Windows Live
    2009-03-16 20:24 . 2009-03-18 18:10 425 --a------ c:\windows\BRWMARK.INI
    2009-03-16 20:23 . 2009-03-16 20:23 <REP> d-------- c:\program files\Common Files
    2009-03-16 20:23 . 2009-03-16 20:23 <REP> d-------- c:\program files\Brother
    2009-03-16 20:22 . 2009-03-16 20:22 <REP> d-------- c:\documents and settings\All Users\Application Data\Brother

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-04-07 19:28 --------- d-----w c:\program files\DNA
    2009-04-07 19:28 --------- d-----w c:\documents and settings\Propriétaire\Application Data\DNA
    2009-04-07 19:10 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
    2009-04-07 02:37 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
    2009-04-07 02:30 --------- d-----w c:\program files\Norton Security Scan
    2009-04-07 01:36 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-04-06 23:04 --------- d-----w c:\documents and settings\Propriétaire\Application Data\BitTorrent
    2009-04-06 19:32 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-04-06 19:32 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-04-05 17:41 --------- d-----w c:\documents and settings\Propriétaire\Application Data\Vso
    2009-04-05 01:54 --------- d-----w c:\documents and settings\Propriétaire\Application Data\DVD Profiler
    2009-04-05 01:43 --------- d-----w c:\program files\DVD Profiler
    2009-04-03 21:44 --------- d-----w c:\program files\AdvancedAdvisor
    2009-04-02 21:13 --------- d-----w c:\program files\iTunes
    2009-04-02 21:12 --------- d-----w c:\program files\Fichiers communs\Apple
    2009-03-31 20:36 --------- d-----w c:\program files\Java
    2009-03-31 20:30 --------- d-----w c:\program files\Safari
    2009-03-28 15:38 --------- d-----w c:\program files\Last.fm
    2009-03-26 19:26 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-03-23 16:47 22,008 ----a-w c:\documents and settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
    2009-03-21 12:49 --------- d-----w c:\program files\Windows Live
    2009-03-19 13:42 --------- d-----w c:\program files\Fichiers communs\Adobe
    2009-03-18 01:53 --------- d-----w c:\program files\EPSON
    2009-03-17 00:23 --------- d-----w c:\program files\Fichiers communs\InstallShield
    2009-03-05 18:12 --------- d-----w c:\program files\canadiens.com
    2009-02-26 17:37 --------- d-----w c:\program files\Microsoft Silverlight
    2009-02-06 23:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
    2009-02-01 21:05 47,360 ----a-w c:\documents and settings\Propriétaire\Application Data\pcouffin.sys
    2008-09-18 11:40 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008091820080919\index.dat
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2007-08-16 57344]
    "{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}"= "c:\program files\canadiens.com\tbcan0.dll" [2009-03-05 1883672]

    [HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

    [HKEY_CLASSES_ROOT\clsid\{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}]
    2009-03-05 14:12 1883672 --a------ c:\program files\canadiens.com\tbcan0.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}"= "c:\program files\canadiens.com\tbcan0.dll" [2009-03-05 1883672]

    [HKEY_CLASSES_ROOT\clsid\{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{D46B39F4-FC1A-41FC-B6E6-E86276E115D6}"= "c:\program files\canadiens.com\tbcan0.dll" [2009-03-05 1883672]

    [HKEY_CLASSES_ROOT\clsid\{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 68856]
    "WeatherEye"="c:\program files\MétéoMédia\MétéoÉclair\WeatherEye.exe" [2009-01-16 4519832]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-19 342848]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2006-09-29 720896]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-24 29744]
    "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-06 177472]
    "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-11-24 185872]
    "SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-12-14 132624]
    "SetDefPrt"="c:\program files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]
    "ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-01-07 864256]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-31 148888]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
    "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2009-02-25 2799760]
    "VTTimer"="VTTimer.exe" [2006-08-03 c:\windows\system32\VTTimer.exe]
    "S3Trayp"="S3trayp.exe" [2006-07-10 c:\windows\system32\S3Trayp.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-20 110592]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.VP31"= vp31vfw.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\system32\\muzapp.exe"=
    "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\DNA\\btdna.exe"=
    "c:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "62889:TCP"= 62889:TCP:bit torrent

    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2007-03-09 11264]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-21 55152]
    R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2007-03-09 654848]
    S1 cnobhmjh;cnobhmjh;\??\c:\windows\system32\drivers\cnobhmjh.sys --> c:\windows\system32\drivers\cnobhmjh.sys [?]
    S1 gcbqkljk;gcbqkljk;\??\c:\windows\system32\drivers\gcbqkljk.sys --> c:\windows\system32\drivers\gcbqkljk.sys [?]
    S1 rabxghhj;rabxghhj;\??\c:\windows\system32\drivers\rabxghhj.sys --> c:\windows\system32\drivers\rabxghhj.sys [?]
    S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\MediaCoder\SysInfo.sys --> c:\program files\MediaCoder\SysInfo.sys [?]
    S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-03-16 29744]

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    Contenu du dossier 'Tâches planifiées'

    2009-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2009-04-07 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 15:49]

    2009-04-07 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

    2009-04-07 c:\windows\Tasks\Norton Security Scan for Propriétaire.job
    - c:\program files\Norton Security Scan\Nss.exe [2009-03-11 20:20]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{243B26E6-2249-4684-A1AC-BBAE126799E9} - c:\windows\system32\awtSmLcD.dll
    BHO-{3e4c24f1-45d2-4fc2-9a4e-722a5ea4b965} - c:\windows\system32\amdnxz.dll
    BHO-{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\opnnmLdd.dll
    BHO-{8A9D9DBE-190A-4311-8D76-3F0F2DAA451E} - c:\windows\system32\rqRKBUkk.dll
    BHO-{A9921C1F-235E-41D5-AEE8-412084CBA9C0} - c:\windows\system32\geBtTnOI.dll
    BHO-{BCCCAA52-CD22-4131-A33B-4B88E31761C8} - c:\windows\system32\awtutuTJ.dll
    HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
    HKCU-Run-Nero PhotoShow Media Manager - c:\progra~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
    HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    HKLM-Run-EPSON Stylus CX5400 - c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
    HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
    ShellExecuteHooks-{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\opnnmLdd.dll
    ShellExecuteHooks-{8b0f5bdf-7a7b-4614-afcb-17d9a9d8dbe6} - c:\windows\system32\amdnxz.dll


    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    .

    **************************************************************************

    catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-04-07 15:29:10
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\a-squared Anti-Malware\a2service.exe
    c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-04-07 15:33:54 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-04-07 19:33:06

    Avant-CF: 145,381,306,368 octets libres
    Après-CF: 148,330,909,696 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

    245 --- E O F --- 2009-04-06 21:15:31
    a b 8 Sécurité
    8 Avril 2009 12:19:42

    Re,

    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    8 Avril 2009 14:22:02

    voila le rapport, je te remercie car il va déja mieux depuis hier!!!!
    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.66GHz )
    BIOS : Default System BIOS
    USER : Propriétaire ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
    Firewall : COMODO Firewall 3.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:232 Go (Free:138 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB) - FAT - Total:956 Mo (Free:0 Go)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 2009-04-08| 8:13 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskBarDis
    C:\Program Files\AskBarDis\bar
    C:\Program Files\AskBarDis\unins000.dat
    C:\Program Files\AskBarDis\unins000.exe
    C:\Program Files\AskBarDis\bar\bin
    C:\Program Files\AskBarDis\bar\Cache
    C:\Program Files\AskBarDis\bar\History
    C:\Program Files\AskBarDis\bar\Settings
    C:\Program Files\AskBarDis\bar\bin\askBar.dll
    C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
    C:\Program Files\AskBarDis\bar\bin\psvince.dll
    C:\Program Files\AskBarDis\bar\Cache\0018B1A7
    C:\Program Files\AskBarDis\bar\Cache\00192253
    C:\Program Files\AskBarDis\bar\Cache\00199437.bin
    C:\Program Files\AskBarDis\bar\Cache\0019F9D7.bin
    C:\Program Files\AskBarDis\bar\Cache\001A5F57.bin
    C:\Program Files\AskBarDis\bar\Cache\001AB92F.bin
    C:\Program Files\AskBarDis\bar\Cache\001AE58F.bin
    C:\Program Files\AskBarDis\bar\Cache\001AE773.bin
    C:\Program Files\AskBarDis\bar\Cache\001AE929.bin
    C:\Program Files\AskBarDis\bar\Cache\001AEB2C.bin
    C:\Program Files\AskBarDis\bar\Cache\001AED11.bin
    C:\Program Files\AskBarDis\bar\Cache\files.ini
    C:\Program Files\AskBarDis\bar\History\search
    C:\Program Files\AskBarDis\bar\Settings\config.dat
    C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
    C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
    C:\Program Files\AskTBar
    C:\Program Files\AskTBar\bar
    C:\Program Files\AskTBar\PopSwatr
    C:\Program Files\AskTBar\SrchAstt
    C:\Program Files\AskTBar\bar\1.bin
    C:\Program Files\AskTBar\bar\Cache
    C:\Program Files\AskTBar\bar\History
    C:\Program Files\AskTBar\bar\Settings
    C:\Program Files\AskTBar\bar\Cache\0005C3E4
    C:\Program Files\AskTBar\bar\Cache\0005CF7C
    C:\Program Files\AskTBar\bar\Cache\0005D1AF.bin
    C:\Program Files\AskTBar\bar\Cache\0005D5C6.bin
    C:\Program Files\AskTBar\bar\Cache\0005D76C.bin
    C:\Program Files\AskTBar\bar\Cache\0005D818.bin
    C:\Program Files\AskTBar\bar\Cache\files.ini
    C:\Program Files\AskTBar\bar\History\search2
    C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
    C:\Program Files\AskTBar\PopSwatr\History
    C:\Program Files\AskTBar\PopSwatr\History\notallow
    C:\Program Files\AskTBar\SrchAstt\1.bin
    C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@mysearch[2].txt

    -----------\\ Extensions

    (Propriétaire) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.google.com/webhp?sourceid=navclient&hl=fr&ie..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\PROPRI~1\Application Data\BitTorrent\ConvertXtoDVD 3.3.0.96 And Keygen [1337x].zip.torrent
    C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\ConvertXtoDVD 3.3.0.96 And Keygen [1337x].zip



    1 - "C:\ToolBar SD\TB_1.txt" - 2009-04-08| 8:16 - Option : [1]

    -----------\\ Fin du rapport a 8:16:20,40

    a b 8 Sécurité
    8 Avril 2009 17:45:41

    Re,

    Relance Lop S&D.

  • Choisis cette fois ci l'Option 2 (Suppression)
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Poste le rapport généré (C:\lopR.txt)
    9 Avril 2009 01:39:17

    voila!
    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.66GHz )
    BIOS : Default System BIOS
    USER : Propriétaire ( Administrator )
    BOOT : Normal boot
    Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
    Firewall : COMODO Firewall 3.5 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:232 Go (Free:138 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB) - FAT - Total:956 Mo (Free:0 Go)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 2009-04-08|19:31 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\AskBarDis\bar
    Supprime! - C:\Program Files\AskBarDis\unins000.dat
    Supprime! - C:\Program Files\AskBarDis\unins000.exe
    Supprime! - C:\Program Files\AskTBar\bar
    Supprime! - C:\Program Files\AskTBar\PopSwatr
    Supprime! - C:\Program Files\AskTBar\SrchAstt
    Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@mysearch[2].txt
    Supprime! - C:\Program Files\AskBarDis
    Supprime! - C:\Program Files\AskTBar

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Propriétaire) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.google.com/webhp?sourceid=navclient&hl=fr&ie..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\PROPRI~1\Application Data\BitTorrent\ConvertXtoDVD 3.3.0.96 And Keygen [1337x].zip.torrent
    C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\ConvertXtoDVD 3.3.0.96 And Keygen [1337x].zip



    1 - "C:\ToolBar SD\TB_1.txt" - 2009-04-08| 8:16 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 2009-04-08|19:34 - Option : [2]

    -----------\\ Fin du rapport a 19:34:27,68

    a b 8 Sécurité
    9 Avril 2009 19:55:26

    Refais un scan RSTI.
    10 Avril 2009 01:14:48

    [Logfile of random's system information tool 1.06 (written by random/random)
    Run by Propriétaire at 2009-04-09 19:09:40
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 141 GB (59%) free of 238 GB
    Total RAM: 958 MB (36% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:09:50, on 2009-04-09
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\S3trayp.exe
    C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\COMODO\SafeSurf\cssurf.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
    C:\Program Files\DNA\btdna.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\U8F8PM4E\RSIT[1].exe
    C:\Program Files\trend micro\Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: canadiens.com Toolbar - {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - C:\Program Files\canadiens.com\tbcan0.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: canadiens.com Toolbar - {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - C:\Program Files\canadiens.com\tbcan0.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: canadiens.com Toolbar - {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - C:\Program Files\canadiens.com\tbcan0.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.downlo...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://costco.pnimedia.com/upload/activex/v2_0_0_11/PCA...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 11570 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Google Software Updater.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-24 304736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-08 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-25 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-08 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d46b39f4-fc1a-41fc-b6e6-e86276e115d6}]
    canadiens.com Toolbar - C:\Program Files\canadiens.com\tbcan0.dll [2009-03-05 1883672]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-31 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-31 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {d46b39f4-fc1a-41fc-b6e6-e86276e115d6} - canadiens.com Toolbar - C:\Program Files\canadiens.com\tbcan0.dll [2009-03-05 1883672]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-08 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]
    "S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-07-10 176128]
    "HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2006-09-29 720896]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-24 29744]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-06 177472]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-11-24 185872]
    "SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-12-14 132624]
    "SetDefPrt"=C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe [2004-11-11 49152]
    "ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-01-07 864256]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-31 148888]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "COMODO SafeSurf"=C:\Program Files\COMODO\SafeSurf\cssurf.exe [2009-04-07 278264]
    "COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-04-07 1851128]
    "Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-04-08 68592]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-04-04 68856]
    "WeatherEye"=C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe [2009-01-16 4519832]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=" C:\WINDOWS\system32\cssdll32.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
    "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire 4.18.8"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-04-08 08:13:28 ----A---- C:\TB.txt
    2009-04-08 08:12:49 ----D---- C:\ToolBar SD
    2009-04-07 16:52:35 ----A---- C:\WINDOWS\system32\cssdll32.dll
    2009-04-07 16:51:12 ----D---- C:\Documents and Settings\All Users\Application Data\comodo
    2009-04-07 16:51:12 ----A---- C:\WINDOWS\system32\guard32.dll
    2009-04-07 16:51:10 ----D---- C:\Program Files\COMODO
    2009-04-07 16:40:36 ----D---- C:\Program Files\Avira
    2009-04-07 16:40:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-04-07 15:42:53 ----SHD---- C:\RECYCLER
    2009-04-07 15:33:56 ----A---- C:\ComboFix.txt
    2009-04-07 15:13:07 ----A---- C:\Boot.bak
    2009-04-07 15:13:04 ----RASHD---- C:\cmdcons
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\zip.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\VFIND.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\SWSC.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\SWREG.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\sed.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\grep.exe
    2009-04-07 15:11:52 ----A---- C:\WINDOWS\fdsv.exe
    2009-04-07 15:11:39 ----D---- C:\WINDOWS\ERDNT
    2009-04-07 15:07:42 ----D---- C:\Qoobox
    2009-04-07 10:24:48 ----A---- C:\WINDOWS\system32\tmp.txt
    2009-04-07 10:24:35 ----A---- C:\rapport.txt
    2009-04-06 22:47:55 ----D---- C:\Program Files\trend micro
    2009-04-06 22:47:54 ----D---- C:\rsit
    2009-04-06 22:21:24 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-04-06 21:30:57 ----D---- C:\VundoFix Backups
    2009-04-06 21:30:57 ----A---- C:\VundoFix.txt
    2009-04-06 20:02:15 ----D---- C:\WINDOWS\Minidump
    2009-04-06 19:58:27 ----D---- C:\Documents and Settings\Propriétaire\Application Data\AVG7
    2009-04-06 19:58:04 ----D---- C:\Documents and Settings\All Users\Application Data\avg7
    2009-04-06 19:43:58 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
    2009-04-06 19:15:38 ----A---- C:\WINDOWS\system32\ef5655ef-.txt
    2009-04-06 19:02:30 ----D---- C:\Program Files\AVG
    2009-04-02 17:12:59 ----D---- C:\Program Files\iPod
    2009-04-02 17:12:48 ----D---- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    2009-04-02 17:08:51 ----D---- C:\Program Files\QuickTime
    2009-03-31 16:38:37 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-03-31 16:38:37 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-03-31 16:38:37 ----A---- C:\WINDOWS\system32\java.exe
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\vorbisenc.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\vorbis.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\tg_dump.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\muzwmts.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\muzapp.dll
    2009-03-26 15:26:59 ----N---- C:\WINDOWS\system32\muzaf1.dll
    2009-03-26 15:26:59 ----A---- C:\WINDOWS\system32\muzapp.exe
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\TG_DUMP0708.DLL
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\OggDS.dll
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\Ogg.dll
    2009-03-26 15:26:58 ----N---- C:\WINDOWS\system32\MaDRM.dll
    2009-03-26 15:26:54 ----N---- C:\WINDOWS\system32\MAMACExtract.dll
    2009-03-26 15:26:31 ----D---- C:\Program Files\MarkAny
    2009-03-21 08:47:52 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-03-21 08:44:26 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-03-21 08:43:35 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-03-21 08:39:19 ----D---- C:\Program Files\Microsoft
    2009-03-21 08:38:53 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-03-21 08:33:00 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-03-16 20:24:17 ----A---- C:\WINDOWS\BRWMARK.INI
    2009-03-16 20:23:15 ----A---- C:\WINDOWS\system32\BrWia04b.dll
    2009-03-16 20:23:15 ----A---- C:\WINDOWS\system32\BrUSi04b.dll
    2009-03-16 20:23:12 ----N---- C:\WINDOWS\system32\brinsstr.dll
    2009-03-16 20:23:11 ----N---- C:\WINDOWS\system32\brrbtool.exe
    2009-03-16 20:23:11 ----N---- C:\WINDOWS\system32\BROSNMP.DLL
    2009-03-16 20:23:11 ----N---- C:\WINDOWS\system32\brlm03a.dll
    2009-03-16 20:23:08 ----N---- C:\WINDOWS\system32\PDRVINST.DLL
    2009-03-16 20:23:08 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
    2009-03-16 20:23:08 ----N---- C:\WINDOWS\system32\BrWebIns.dll
    2009-03-16 20:23:07 ----D---- C:\Program Files\Common Files
    2009-03-16 20:23:07 ----D---- C:\Program Files\Brother
    2009-03-16 20:23:01 ----D---- C:\Brother
    2009-03-16 20:23:00 ----N---- C:\WINDOWS\brunin03.dll
    2009-03-16 20:22:15 ----D---- C:\Documents and Settings\All Users\Application Data\Brother
    2009-03-11 23:29:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-11 23:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-03-11 23:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-11 23:28:22 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$

    ======List of files/folders modified in the last 1 months======

    2009-04-09 19:09:51 ----D---- C:\WINDOWS\Prefetch
    2009-04-09 19:09:44 ----D---- C:\WINDOWS\Temp
    2009-04-09 19:08:42 ----D---- C:\Documents and Settings\Propriétaire\Application Data\DNA
    2009-04-09 17:12:21 ----SD---- C:\WINDOWS\Tasks
    2009-04-09 17:12:13 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-04-09 07:17:54 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-09 07:17:28 ----D---- C:\Program Files\DNA
    2009-04-08 22:44:40 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-04-08 21:49:09 ----D---- C:\Program Files\Google
    2009-04-08 21:49:07 ----SHD---- C:\WINDOWS\Installer
    2009-04-08 19:32:16 ----D---- C:\Program Files
    2009-04-07 18:33:50 ----D---- C:\WINDOWS\system32
    2009-04-07 18:29:11 ----D---- C:\WINDOWS\Help
    2009-04-07 18:22:08 ----D---- C:\Program Files\Fichiers communs
    2009-04-07 17:54:49 ----D---- C:\Program Files\Real
    2009-04-07 16:51:12 ----D---- C:\WINDOWS\system32\drivers
    2009-04-07 16:37:39 ----D---- C:\WINDOWS
    2009-04-07 15:29:15 ----A---- C:\WINDOWS\system.ini
    2009-04-07 15:27:03 ----D---- C:\WINDOWS\system32\config
    2009-04-07 15:24:18 ----D---- C:\WINDOWS\AppPatch
    2009-04-07 15:13:07 ----RASH---- C:\boot.ini
    2009-04-07 15:11:34 ----D---- C:\WINDOWS\system
    2009-04-06 21:36:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-04-06 19:04:58 ----D---- C:\Documents and Settings\Propriétaire\Application Data\BitTorrent
    2009-04-06 19:02:10 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-04-05 13:41:59 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Vso
    2009-04-04 21:54:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\DVD Profiler
    2009-04-04 21:43:38 ----D---- C:\Program Files\DVD Profiler
    2009-04-03 17:44:16 ----D---- C:\Program Files\AdvancedAdvisor
    2009-04-03 08:31:14 ----HD---- C:\WINDOWS\inf
    2009-04-02 17:13:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-04-02 17:13:24 ----D---- C:\Program Files\iTunes
    2009-04-02 17:12:57 ----D---- C:\Program Files\Fichiers communs\Apple
    2009-03-31 16:37:39 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-03-31 16:36:47 ----D---- C:\Program Files\Java
    2009-03-31 16:30:48 ----D---- C:\Program Files\Safari
    2009-03-28 11:38:46 ----D---- C:\Program Files\Last.fm
    2009-03-27 07:41:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-26 15:32:38 ----A---- C:\WINDOWS\FISHUI.INI
    2009-03-26 15:26:29 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-03-26 09:50:21 ----SD---- C:\Documents and Settings\Propriétaire\Application Data\Microsoft
    2009-03-22 13:29:26 ----D---- C:\WINDOWS\network diagnostic
    2009-03-21 09:40:31 ----RSD---- C:\WINDOWS\assembly
    2009-03-21 09:40:31 ----D---- C:\WINDOWS\Microsoft.NET
    2009-03-21 08:49:55 ----D---- C:\Program Files\Windows Live
    2009-03-21 08:47:53 ----D---- C:\WINDOWS\WinSxS
    2009-03-21 08:47:23 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-03-21 08:46:30 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-03-21 08:44:32 ----D---- C:\WINDOWS\system32\DirectX
    2009-03-21 08:38:20 ----RSD---- C:\WINDOWS\Fonts
    2009-03-19 09:42:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-03-19 09:42:50 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-03-19 09:42:47 ----D---- C:\Program Files\Adobe
    2009-03-17 21:53:28 ----D---- C:\Program Files\EPSON
    2009-03-16 20:23:07 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2009-03-14 12:47:10 ----A---- C:\backup.dpb.bak
    2009-03-11 23:29:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-03-11 23:29:07 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-11 06:50:24 ----HD---- C:\WINDOWS\$hf_mig$

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-04-07 110992]
    R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-04-07 24336]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
    R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-05 63232]
    R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-05 55936]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
    R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-11-16 42496]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-01-15 23848]
    R3 HdAudAddService;VIA High Definition Audio Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2006-09-18 141824]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-02-01 47360]
    R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-08-13 654848]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 cnobhmjh;cnobhmjh; \??\C:\WINDOWS\system32\drivers\cnobhmjh.sys []
    S1 gcbqkljk;gcbqkljk; \??\C:\WINDOWS\system32\drivers\gcbqkljk.sys []
    S1 rabxghhj;rabxghhj; \??\C:\WINDOWS\system32\drivers\rabxghhj.sys []
    S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
    S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
    S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2009-04-07 700152]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-31 152984]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-24 29744]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------
    quotemsg=375781,11,181940]Refais un scan RSTI.[/quotemsg]
    a b 8 Sécurité
    10 Avril 2009 13:30:54

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    10 Avril 2009 13:52:14

    merci beaucoup,
    ton aide a été extrêmement utile:) 
    a b 8 Sécurité
    11 Avril 2009 12:49:31

    Le rapport ?
    13 Avril 2009 23:01:26

    Malwarebytes' Anti-Malware 1.36
    Version de la base de données: 1976
    Windows 5.1.2600 Service Pack 3

    2009-04-13 16:55:18
    mbam-log-2009-04-13 (16-55-18).txt

    Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
    Eléments examinés: 152546
    Temps écoulé: 1 hour(s), 3 minute(s), 49 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a b 8 Sécurité
    14 Avril 2009 13:43:39

    Tu as les mêmes prob ?
    14 Avril 2009 16:53:08

    non tout est revenu à la normale merci!!
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS