Votre question

Un virus msn

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Mars 2009 12:53:20

bonjour,
j'ai besoin d'un coup de pousse, j'ai choppé un virus sur msn en cliquant malencontreusement sur une photo!
j'ai bitdefender en anti virus j'ai fait une analyse il m'a trouvé deux virus que j'ai supprimer mais man contient toujours ce virus.
comment puis je procéder pour enlever ce virus? je vous remercie d'avance pour vos réponses.

Autres pages sur : virus msn

a c 295 8 Sécurité
26 Mars 2009 13:21:54

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    26 Mars 2009 19:22:27

    alors voici les deux logs:


    info.txt logfile of random's system information tool 1.06 2009-03-26 19:15:21

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Agere Systems AC'97 Modem-->agrsmdel
    Airport Mania fr-->"C:\Program Files\BoontyGames\Airport Mania\unins000.exe"
    ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
    Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    Big City Adventure Sydney-->"C:\Program Files\M6 Jeux\Big City Adventure Sydney\Uninstall.exe" "C:\Program Files\M6 Jeux\Big City Adventure Sydney\install.log"
    BitDefender Internet Security 2008-->MsiExec.exe /I{4FD01CB0-EC34-4199-8037-08DE3E64A0A3}
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Centre-Ville-->"C:\Program Files\Ihsv\Centre-Ville\unins000.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Delicious - Emily's Tea Garden 1.00-->C:\Program Files\Games\Delicious - Emily's Tea Garden\Uninstall.exe
    Destinator Console-->C:\NAVIGA~1\INSTAL~1\UNWISE.EXE C:\NAVIGA~1\INSTAL~1\INSTALL.LOG
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    EAX Unified-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Euro Truck Simulator-->C:\Program Files\Euro Truck Simulator\Uninstal_EuroTruckSimulator.exe
    Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    Gourmania-->"C:\WINDOWS\Gourmania\uninstall.exe" "/U:C:\Program Files\Gourmania\Uninstall\uninstall.xml"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    HP Deskjet 5700 Series-->rundll32 hpzcon10.dll,VendorJettison HP Deskjet 5700 Series
    HP Deskjet 5700-->msiexec /x{85B1BEF2-2357-4C27-ABBE-15A1AE3AF78D}
    HP Help and Support-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x40c -removeonly
    HP Image Zone 4.8.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Image Zone Plus 4.8.5-->C:\Program Files\HP\Digital Imaging\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}\setup\hpzscr01.exe -datfile hpdscr01.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HP Wireless Assistant 1.01 B2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x40c hpquninst
    HPIZplus450-->MsiExec.exe /X{0E484A60-A429-49A8-982C-D6475F1E80A9}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
    J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2  La bonne affaire\EAUninstall.exe
    Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
    Les Sims™ Histoires de naufragés-->C:\Program Files\Electronic Arts\Les Sims Histoires de naufragés\EAUninstall.exe
    Lyra Jukebox Applications-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3374B4A6-5595-4667-882D-755ABE093806}\Setup.exe" -l0x9 -remove
    Magic ISO Maker v5.5 (build 0273)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
    mIRC-->C:\Documents and Settings\Amélie\Bureau\LighTScriptV2_Black\LighTScriptV2_Black\uninstall.exe _?=C:\Documents and Settings\Amélie\Bureau\LighTScriptV2_Black\LighTScriptV2_Black
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MWSnap 3-->"C:\Program Files\MWSnap\uninstall.exe"
    Nanny Mania 2 Hollywood 1.00-->C:\Program Files\Games\Nanny Mania 2 Hollywood\Uninstall.exe
    Nanny Mania fr-->"C:\Program Files\BoontyGames\Nanny Mania\unins000.exe"
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Prism-->C:\Program Files\NCH Software\Prism\uninst.exe
    Quick Launch Buttons 5.10 B5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x40c -uninst
    QuickTime 3.0-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\QuickTime\DeIsL1.isu"
    QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Skin Windows Playboy-->C:\Program Files\MSN Messenger\Uninstal.exe
    Solitaire Antics Deluxe-->C:\Masque\SOLITA~1\UNWISE.EXE C:\Masque\SOLITA~1\INSTALL.LOG
    Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
    Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1} /l1036
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
    WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
    Windows Desktop Search 3.01-->"C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WordBiz version 1.8-->"C:\Program Files\WordBiz\unins000.exe"
    Zylom Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall

    ======Hosts File======

    127.0.0.1 007guard.com
    127.0.0.1 www.007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 www.008k.com
    127.0.0.1 00hq.com
    127.0.0.1 www.00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 www.032439.com

    ======Security center information======

    AV: Bitdefender Antivirus
    FW: Bitdefender Firewall

    ======System event log======

    Computer Name: PETITELOUVE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service HP WMI Interface.

    Record Number: 62261
    Source Name: Service Control Manager
    Time Written: 20090216213137.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PETITELOUVE
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 62260
    Source Name: Service Control Manager
    Time Written: 20090216213135.000000+060
    Event Type: Informations
    User:

    Computer Name: PETITELOUVE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 62259
    Source Name: Service Control Manager
    Time Written: 20090216213134.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: PETITELOUVE
    Event Code: 7036
    Message: Le service Service de l’iPod est entré dans l'état : en cours d'exécution.

    Record Number: 62258
    Source Name: Service Control Manager
    Time Written: 20090216213132.000000+060
    Event Type: Informations
    User:

    Computer Name: PETITELOUVE
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service de l’iPod.

    Record Number: 62257
    Source Name: Service Control Manager
    Time Written: 20090216213132.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: PETITELOUVE
    Event Code: 1001
    Message: Échec de détection du produit '{364EC092-93CF-4DDC-9D7A-7278452028E0}', fonctionnalité 'QuickCam' lors de la demande du composant '{C207503F-9631-4AF6-8CD2-D11260DBA3C5}'

    Record Number: 30357
    Source Name: MsiInstaller
    Time Written: 20090105163533.000000+060
    Event Type: Avertissement
    User: AUTORITE NT\SERVICE RÉSEAU

    Computer Name: PETITELOUVE
    Event Code: 1004
    Message: Échec de détection du produit '{364EC092-93CF-4DDC-9D7A-7278452028E0}', fonctionnalité 'QuickCam', composant '{B52C7B4D-F46F-438C-ADF2-05A138C57757}. La ressource 'HKEY_CURRENT_USER\Software\Logitech\QuickCam10\DesktopShortcutKey' n'existe pas

    Record Number: 30356
    Source Name: MsiInstaller
    Time Written: 20090105163533.000000+060
    Event Type: Avertissement
    User: AUTORITE NT\SERVICE RÉSEAU

    Computer Name: PETITELOUVE
    Event Code: 4137
    Message: CI a démarré pour le catalogue c:\system volume information\catalog.wci.

    Record Number: 30355
    Source Name: Ci
    Time Written: 20090105162714.000000+060
    Event Type: Informations
    User:

    Computer Name: PETITELOUVE
    Event Code: 1001
    Message: Échec de détection du produit '{364EC092-93CF-4DDC-9D7A-7278452028E0}', fonctionnalité 'QuickCam' lors de la demande du composant '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'

    Record Number: 30354
    Source Name: MsiInstaller
    Time Written: 20090105162353.000000+060
    Event Type: Avertissement
    User: PETITELOUVE\Amélie

    Computer Name: PETITELOUVE
    Event Code: 1004
    Message: Échec de détection du produit '{364EC092-93CF-4DDC-9D7A-7278452028E0}', fonctionnalité 'QuickCam', composant '{B52C7B4D-F46F-438C-ADF2-05A138C57757}. La ressource 'HKEY_CURRENT_USER\Software\Logitech\QuickCam10\DesktopShortcutKey' n'existe pas

    Record Number: 30353
    Source Name: MsiInstaller
    Time Written: 20090105162353.000000+060
    Event Type: Avertissement
    User: PETITELOUVE\Amélie

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\DivX Shared\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0d08
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
    "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip

    -----------------EOF-----------------
    .
    .
    .
    .
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Amélie at 2009-03-26 19:14:47
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 57 GB (60%) free of 95 GB
    Total RAM: 1022 MB (43% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:15:16, on 26/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\fxstaller.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HPQ\SHARED\HPQWMI.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Amélie\Bureau\Telechargement\RSIT.exe
    C:\Program Files\trend micro\Amélie.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [Flash Player2] C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O15 - Trusted Zone: http://*.secuser.com
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-f6a99beb0d85ca24.spaces.live.com/PhotoUpload...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    O24 - Desktop Component 0: (no name) - http://www.astwinds.com/Jeux/8ballpool/billard.gif
    O24 - Desktop Component 2: blog.fr - Créer gratuitement votre blog ici - http://www.blog.fr/

    --
    End of file - 12839 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\cleanmgr.job
    C:\WINDOWS\tasks\Google Software Updater.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    EoBho Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-31 657904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]

    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []
    {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-20 344064]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160]
    "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-05-04 794624]
    "Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2005-03-29 233534]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
    "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
    "Flash Player2"=C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe []
    "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-10-09 61440]
    "BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-04 368640]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "Windows UDP Control Center"=C:\WINDOWS\fxstaller.exe [2009-03-25 52786]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-14 1695232]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-05 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    C:\WINDOWS\AGRSMMSG.exe [2005-04-13 88209]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    C:\Program Files\Apoint2K\Apoint.exe [2005-02-08 159744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Ahead\InCD\InCD.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
    c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    ~C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    C:\WINDOWS\system32\NeroCheck.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
    C:\Program Files\Picasa2\PicasaMediaDetector.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe [2005-06-03 36975]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-05 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    C:\PROGRA~1\Hp\DIGITA~1\bin\hpqtra08.exe [2004-11-04 258048]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
    C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2009-01-31 161776]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    C:\Documents and Settings\Amélie\Menu Démarrer\Programmes\Démarrage
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-06-21 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Player2"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7ffe33e-acd7-11dc-b897-00150001b82b}]
    shell\AutoRun\command - F:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-03-26 19:14:48 ----D---- C:\Program Files\trend micro
    2009-03-26 19:14:47 ----DC---- C:\rsit
    2009-03-25 20:11:39 ----RSH---- C:\WINDOWS\fxstaller.exe
    2009-03-25 18:15:33 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-03-25 17:55:20 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-03-25 17:55:20 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-03-25 17:55:19 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-03-25 17:55:18 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2009-03-25 17:55:17 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2009-03-25 17:55:17 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2009-03-25 17:55:16 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2009-03-25 17:55:15 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2009-03-25 17:55:14 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2009-03-25 17:55:11 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2009-03-25 17:55:10 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2009-03-25 17:55:10 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2009-03-25 17:55:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2009-03-25 17:52:09 ----D---- C:\WINDOWS\Logs
    2009-03-25 13:53:31 ----D---- C:\Program Files\Euro Truck Simulator
    2009-03-25 13:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\Gogii
    2009-03-25 11:34:41 ----D---- C:\Program Files\BoontyGames
    2009-03-25 11:34:38 ----D---- C:\Program Files\Boonty
    2009-03-24 19:57:16 ----D---- C:\Documents and Settings\All Users\Application Data\JollyBear
    2009-03-24 19:50:52 ----D---- C:\Program Files\M6 Jeux
    2009-03-24 19:50:52 ----D---- C:\Program Files\Fichiers communs\Oberon Media
    2009-03-23 13:09:28 ----D---- C:\Program Files\MSN Messenger
    2009-03-12 23:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-12 23:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-03-12 23:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-08 20:33:19 ----D---- C:\Program Files\MagicISO
    2009-03-08 17:40:50 ----D---- C:\Program Files\MagicDisc
    2009-03-05 23:43:12 ----D---- C:\Program Files\Games
    2009-03-02 20:44:29 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2009-03-02 19:01:31 ----D---- C:\Program Files\Electronic Arts
    2009-03-02 19:01:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
    2009-03-02 19:01:21 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
    2009-03-02 19:01:20 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
    2009-03-02 19:01:19 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
    2009-03-02 19:01:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
    2009-03-02 19:01:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
    2009-03-02 19:01:16 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
    2009-03-02 19:01:12 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
    2009-03-02 19:01:10 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
    2009-03-02 19:01:10 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
    2009-03-02 19:01:09 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
    2009-03-02 19:01:09 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
    2009-03-02 19:01:08 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
    2009-03-02 19:01:05 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-03-02 19:01:01 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-03-02 19:00:56 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-03-02 19:00:56 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-03-02 19:00:48 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-03-02 19:00:47 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-03-02 19:00:46 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-03-02 19:00:44 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-03-02 19:00:44 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-03-02 19:00:43 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-03-02 19:00:42 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-03-02 19:00:42 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-03-02 19:00:41 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-03-02 19:00:40 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-03-02 19:00:38 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-03-02 19:00:24 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-03-02 19:00:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-03-02 19:00:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-03-02 19:00:22 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-03-02 19:00:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-03-02 19:00:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-03-02 19:00:18 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-03-02 19:00:13 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-03-01 20:58:26 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse
    2009-02-28 15:46:59 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
    2009-02-28 15:26:43 ----A---- C:\WINDOWS\Gourmania Uninstall Log.txt
    2009-02-28 15:14:02 ----D---- C:\WINDOWS\Gourmania
    2009-02-28 15:13:44 ----A---- C:\WINDOWS\Gourmania Setup Log.txt
    2009-02-28 14:30:49 ----D---- C:\Program Files\uTorrent
    2009-02-28 14:30:46 ----D---- C:\Documents and Settings\Amélie\Application Data\uTorrent
    2009-02-27 21:39:57 ----D---- C:\Program Files\Zylom Games

    ======List of files/folders modified in the last 1 months======

    2009-03-26 19:15:06 ----D---- C:\WINDOWS\Temp
    2009-03-26 19:14:48 ----RD---- C:\Program Files
    2009-03-26 19:10:12 ----D---- C:\Program Files\Mozilla Firefox
    2009-03-26 19:03:02 ----D---- C:\WINDOWS\system32
    2009-03-26 19:01:20 ----SD---- C:\WINDOWS\Tasks
    2009-03-26 13:24:03 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-26 13:23:46 ----A---- C:\WINDOWS\bdagent.INI
    2009-03-26 13:22:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-03-26 09:33:55 ----D---- C:\WINDOWS
    2009-03-25 23:47:13 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-03-25 19:45:52 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-03-25 18:16:39 ----D---- C:\Program Files\DivX
    2009-03-25 18:15:40 ----SHD---- C:\WINDOWS\Installer
    2009-03-25 18:15:40 ----HD---- C:\Config.Msi
    2009-03-25 18:15:33 ----D---- C:\Program Files\Fichiers communs
    2009-03-25 17:55:23 ----D---- C:\WINDOWS\system32\DirectX
    2009-03-25 17:55:21 ----HD---- C:\WINDOWS\inf
    2009-03-25 17:54:27 ----RSD---- C:\WINDOWS\assembly
    2009-03-25 11:37:40 ----D---- C:\Documents and Settings\Amélie\Application Data\Macromedia
    2009-03-25 11:29:48 ----D---- C:\Program Files\Ihsv
    2009-03-16 17:46:59 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-03-12 23:44:21 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-03-12 23:44:13 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-12 23:44:08 ----D---- C:\WINDOWS\WinSxS
    2009-03-11 21:46:11 ----D---- C:\WINDOWS\system32\CatRoot
    2009-03-11 21:44:34 ----HD---- C:\WINDOWS\$hf_mig$
    2009-03-09 17:08:34 ----D---- C:\Program Files\EA GAMES
    2009-03-08 17:41:00 ----D---- C:\WINDOWS\system32\drivers
    2009-03-06 17:32:21 ----D---- C:\WINDOWS\network diagnostic
    2009-03-05 10:02:13 ----D---- C:\Program Files\eMule
    2009-03-02 19:12:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
    R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
    R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
    R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-10-06 129280]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-04-13 1066278]
    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2005-01-31 109319]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-21 1201152]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 86792]
    R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-01-07 196368]
    R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
    R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-07-22 1341466]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2007-11-29 6144]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-06-20 3281408]
    S3 a187j1z8;a187j1z8; C:\WINDOWS\system32\drivers\a187j1z8.sys []
    S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-07-22 401152]
    S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-07-22 30363]
    S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-07-22 148040]
    S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-07-22 30189]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-07-22 56648]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
    S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2007-12-01 23616]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
    S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-11-19 47360]
    S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS []
    S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
    S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCIRDA;Pilote de périphérique SMC IrCC Miniport; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-23 36937]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
    S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-21 368640]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2005-07-22 258103]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-12-14 61440]
    R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-18 1179648]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 SNMP;Service SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
    R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
    R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-08-29 1261568]
    R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
    R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
    R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2005-03-04 98304]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
    R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-31 182768]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-01-05 69120]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 LPDSVC;Serveur d'impression TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456]
    S3 SNMPTRAP;Service d'interruption SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]

    -----------------EOF-----------------
    Contenus similaires
    a c 295 8 Sécurité
    26 Mars 2009 19:38:27

  • Télécharge MSNFix.zip (de !aur3n7) sur ton Bureau.
  • Décompresse-le (Clic droit >> Extraire ici).
  • Double-clique sur le fichier MSNFix.bat.
  • Exécute l'option R.
    Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage.

    Note : Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur.

  • Le rapport sera enregistré dans C:\Windows\ sous le nom de MSNFix.txt, poste-le.
    27 Mars 2009 09:39:05

    bonjour,
    quand je clique sur MSNFix.bat. il me met un message comme quoi windows ne peut pas lire ce type de fichier!! je fais quoi dans ce cas la? merci.
    a c 295 8 Sécurité
    27 Mars 2009 14:53:09

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    29 Mars 2009 14:54:27

    bonjour desolée de ne pas avoir repondu plus tot mais un des virus m'avais coupé la connection internet, j'ai du lutter pour reprendre le controle de ma connection heureusement que j'ai deux ordinateurs, j'ai pu le bloquer bon bref donc voilà le compte rendu de l'analyse, tant qu'a faire j'ai fais la complete.
    apparement j'ai des virus dans le system32 sa peut s'éffacer ca?

    Malwarebytes' Anti-Malware 1.35
    Version de la base de données: 1915
    Windows 5.1.2600 Service Pack 3

    29/03/2009 14:48:52
    mbam-log-2009-03-29 (14-48-52).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
    Eléments examinés: 186070
    Temps écoulé: 1 hour(s), 39 minute(s), 17 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 11

    Processus mémoire infecté(s):
    C:\WINDOWS\fxstaller.exe (Backdoor.Bot) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME (Rootkit.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Center (Backdoor.Bot) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\rfh.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bpsmn.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\fxstaller.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bwdgtiuxeb_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hvtxoknpj_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bwdgtiuxeb_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hvtxoknpj_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\poof (Trojan.Wopla) -> Delete on reboot.
    C:\WINDOWS\system32\koos.exe (Trojan.Wopla) -> Delete on reboot.
    C:\WINDOWS\system32\kprof (Trojan.Wopla) -> Delete on reboot.
    a c 295 8 Sécurité
    29 Mars 2009 16:11:12

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente jusqu'au message : *** Analyse terminée le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

    N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
    29 Mars 2009 20:26:44

    voila le resultat
    Search Navipromo version 3.7.6 commencé le 29/03/2009 à 20:13:47,23

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
    BIOS : Ver 1.00PARTTBLh
    USER : Amélie ( Administrator )
    BOOT : Normal boot

    Antivirus : Bitdefender Antivirus 8.0 (Activated)
    Firewall : Bitdefender Firewall 8.0 (Activated)

    C:\ (Local Disk) - NTFS - Total:93 Go (Free:56 Go)
    D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)


    Recherche executé en mode normal


    *** Recherche dossiers dans "C:\WINDOWS" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Amélie\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Amélie\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Amélie\menudm~1\progra~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    Fichiers trouvés :

    jvhlvuqqjy.exe trouvé !
    osiswon.exe trouvé !
    pagmuwdbbx.exe trouvé !
    veyqqtzioa.exe trouvé !

    * Recherche dans "C:\Documents and Settings\Amélie\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



    *** Recherche fichiers ***



    *** Recherche clés spécifiques dans le Registre ***
    !! Les clés trouvées ne sont pas forcément infectées !!

    HKEY_CURRENT_USER\Software\Lanconfig

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :

    bwdgtiuxeb.dat trouvé !
    hvtxoknpj.dat trouvé !

    * Dans "C:\Documents and Settings\Amélie\locals~1\applic~1" :


    * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group trouvé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit trouvé !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche autres dossiers et fichiers connus :



    *** Analyse terminée le 29/03/2009 à 20:23:17,89 ***
    a c 295 8 Sécurité
    30 Mars 2009 00:06:16

  • Relance Navilog1, fais l'option 2 et poste le rapport (C:\cleannavi.txt).
    30 Mars 2009 09:36:36

    voici:
    Clean Navipromo version 3.7.6 commencé le 30/03/2009 à 9:24:08,17

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
    BIOS : Ver 1.00PARTTBLh
    USER : Amélie ( Administrator )
    BOOT : Normal boot

    Antivirus : Bitdefender Antivirus 8.0 (Activated)
    Firewall : Bitdefender Firewall 8.0 (Activated)

    C:\ (Local Disk) - NTFS - Total:93 Go (Free:56 Go)
    D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)


    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *


    jvhlvuqqjy.exe trouvé !
    Copie jvhlvuqqjy.exe réalisée avec succès !
    jvhlvuqqjy.exe supprimé !

    osiswon.exe trouvé !
    Copie osiswon.exe réalisée avec succès !
    osiswon.exe supprimé !

    pagmuwdbbx.exe trouvé !
    Copie pagmuwdbbx.exe réalisée avec succès !
    pagmuwdbbx.exe supprimé !

    veyqqtzioa.exe trouvé !
    Copie veyqqtzioa.exe réalisée avec succès !
    veyqqtzioa.exe supprimé !


    * Suppression dans "C:\Documents and Settings\Amélie\locals~1\applic~1" *



    * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Amélie\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Amélie\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Amélie\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***



    *** Suppression fichiers ***


    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Am‚lie\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    bwdgtiuxeb.dat trouvé !
    Copie bwdgtiuxeb.dat réalisée avec succès !
    bwdgtiuxeb.dat supprimé !

    hvtxoknpj.dat trouvé !
    Copie hvtxoknpj.dat réalisée avec succès !
    hvtxoknpj.dat supprimé !


    * Dans "C:\Documents and Settings\Amélie\locals~1\applic~1" *


    * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group supprimé !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit supprimé !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Recherche autres dossiers et fichiers connus ***



    *** Nettoyage terminé le 30/03/2009 à 9:31:23,81 ***

    a c 295 8 Sécurité
    30 Mars 2009 15:55:22

  • Désinstalle Navilog1.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
  • Au menu principal, choisis l'option A.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-Scan-(date).log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    30 Mars 2009 19:49:44

    voici,

    ------- LOGFILE OF AD-REMOVER 1.1.2.4 | ONLY XP/VISTA -------

    Updated by C_XX on 29/03/2009 at 19:20
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

    Start at: 19:36:58, Lun 30/03/2009 | Boot mode: Normal Boot
    Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
    Computer Name: PETITELOUVE
    Current User: Am‚lie - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - E:\ (File System: CDFS)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 47

    +-----------------| Boonty/Boonty Games Elements Found:

    Service: Boonty Games
    .
    HKCR\boontybox
    HKCU\Software\Boonty
    HKLM\Software\Boonty
    HKLM\Software\Classes\boontybox
    HKLM\System\ControlSet001\Services\Boonty Games
    HKLM\System\ControlSet002\Enum\Root\LEGACY_BOONTY_GAMES
    HKLM\System\ControlSet002\Services\Boonty Games
    HKLM\System\CurrentControlSet\Services\Boonty Games
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Airport Mania_is1
    .
    C:\Program Files\Fichiers communs\BOONTY Shared
    C:\Documents and Settings\All Users\Application Data\BOONTY
    C:\Documents and Settings\All Users\Menudm~1\Progra~1\BoontyGames
    C:\Documents and Settings\All Users\Bureau\Airport Mania.lnk
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@ads.boonty[1].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@payment.boonty[2].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@shell.boonty[1].txt

    +-----------------| Eorezo Elements Found:

    HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine
    HKLM\Software\Microsoft\shared tools\msconfig\startupreg\EoWeather
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    .

    +-----------------| Infected Poker Softwares Elements Found:

    .

    +-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

    .
    .

    +-----------------| It's TV Elements Found:

    .

    +-----------------| Sweetim Elements Found:

    HKCR\SWEETIE.SWEETIE.1
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKLM\Software\Classes\SWEETIE.SWEETIE.1
    HKLM\Software\Microsoft\ESENT\Process\SweetIM
    HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    .
    C:\WINDOWS\Installer\172045.msi
    C:\WINDOWS\Installer\54a6fd.msi

    ============ Other Adwares Found ============

    .
    HKLM\Software\Trymedia Systems
    .
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@atdmt[2].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@atdmt[3].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@bs.serving-sys[1].txt

    +-----------------| Added Scan:

    ---- Mozilla FireFox Version 3.0.1 ----

    ProfilePath: vtie4np9.default (Am‚lie)
    .
    Prefs.js: Browser.Search.DefaultEngineName: "Google"
    Prefs.js: Browser.Search.SelectedEngine: "Live Search"
    Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
    .
    .
    .
    .
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Search bar: hxxp://www.google.com/ie
    Search Page: hxxp://www.google.com
    Start page: hxxp://fr.msn.com/

    +-[HKEY_USERS\S-1-5-21-1024109507-3556856733-2533084168-1006\..\Internet Explorer\Main]

    Search bar: hxxp://www.google.com/ie
    Search Page: hxxp://www.google.com
    Start page: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://fr.msn.com/
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start page: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    +---------------------------------------------------------------------------+

    5041 Byte(s) - C:\Ad-Report-Scan-30.03.2009.log

    0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
    0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

    End at: 19:47:19 | 30/03/2009
    .
    +-----------------| E.O.F - 109 Lines
    .
    a c 295 8 Sécurité
    30 Mars 2009 19:56:21

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le raccourci d'Ad-Remover pour le lancer.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)

  • Au menu principal, choisis l'option B.

  • Coche A à l'écran de sélection :



  • Puis choisis S, le programme va travailler.

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-Clean-(date).log).

    /!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide /!\
    30 Mars 2009 21:46:33

    voici:

    ------- LOGFILE OF AD-REMOVER 1.1.2.4 | ONLY XP/VISTA -------

    Updated by C_XX on 29/03/2009 at 19:20
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

    **** LIMITED TO ****

    Boonty/BoontyGames
    Eorezo
    Infected Poker Softwares
    FunWebProduct/MyWay/MyWebSearch
    It's TV
    Sweetim
    Other Adwares

    ********************

    Start at: 21:28:33, Lun 30/03/2009 | Boot mode: Normal Boot
    Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows XP™ Service Pack 3 (version 5.1.2600)
    Computer Name: PETITELOUVE
    Current User: Am‚lie - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - E:\ (File System: CDFS)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 46

    (!) ---- IE start pages/Tabs reset

    +-----------------| Boonty/Boonty Games Elements Deleted :

    Service: "Boonty Games"
    .
    HKCR\boontybox
    HKCU\Software\Boonty
    HKLM\Software\Boonty
    HKLM\System\ControlSet001\Services\Boonty Games
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Airport Mania_is1
    .
    C:\Program Files\Fichiers communs\BOONTY Shared
    C:\Documents and Settings\All Users\Application Data\BOONTY
    C:\Documents and Settings\All Users\Menudm~1\Progra~1\BoontyGames
    C:\Documents and Settings\All Users\Bureau\Airport Mania.lnk
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@ads.boonty[1].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@payment.boonty[2].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@shell.boonty[1].txt

    +-----------------| Eorezo Elements Deleted :

    HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine
    HKLM\Software\Microsoft\shared tools\msconfig\startupreg\EoWeather
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    .

    +-----------------| Infected Poker Softwares Elements Deleted :

    .

    +-----------------| FunWebProducts/MyWay/MyWebSearch Elements Deleted :

    .
    .

    +-----------------| It's TV Elements Deleted :

    .

    +-----------------| Sweetim Elements Deleted :

    HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
    HKCR\SWEETIE.SWEETIE.1
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
    HKLM\Software\Microsoft\ESENT\Process\SweetIM
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    .
    C:\WINDOWS\Installer\172045.msi
    C:\WINDOWS\Installer\54a6fd.msi

    ============ Other Adwares Deleted ============

    .
    HKLM\Software\Trymedia Systems
    .
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@atdmt[2].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@atdmt[3].txt
    C:\Documents and Settings\Am‚lie\Cookies\am‚lie@bs.serving-sys[1].txt

    ---- Complementary Cleaning + Heuristic ----


    ... Done !


    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.


    +-----------------| Added Scan :

    ---- Mozilla FireFox Version 3.0.1 ----

    ProfilePath: vtie4np9.default (Am‚lie)
    .
    Prefs.js: Browser.Search.DefaultEngineName: "Google"
    Prefs.js: Browser.Search.SelectedEngine: "Live Search"
    Prefs.js: Browser.Search.DefaultUrl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
    .
    .
    .
    .
    .

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.google.com
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

    +-[HKEY_USERS\S-1-5-21-1024109507-3556856733-2533084168-1006\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://www.google.com
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    +---------------------------------------------------------------------------+

    5485 Byte(s) - C:\Ad-Report-Clean-30.03.2009.log
    5282 Byte(s) - C:\Ad-Report-Scan-30.03.2009.log

    1 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
    9 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

    End at: 21:44:25 | 30/03/2009
    .
    +-----------------| E.O.F - 118 Lines
    .
    a c 295 8 Sécurité
    30 Mars 2009 23:42:18

  • Désinstalle Ad-Remover, J2SE Runtime Environment 5.0 Update 4 et Viewpoint Media Player.

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Refais un scan RSIT et poste le rapport log.
    31 Mars 2009 08:27:50

    bon si je me suis pas trompée voila le rapport:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Amélie at 2009-03-31 08:25:10
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 58 GB (61%) free of 95 GB
    Total RAM: 1022 MB (50% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:25:25, on 31/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HPQ\SHARED\HPQWMI.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Documents and Settings\Amélie\Bureau\Telechargement\RSIT.exe
    C:\Program Files\trend micro\Amélie.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [Flash Player2] C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\lssas.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O15 - Trusted Zone: http://*.secuser.com
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-f6a99beb0d85ca24.spaces.live.com/PhotoUpload...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    O24 - Desktop Component 0: (no name) - http://www.astwinds.com/Jeux/8ballpool/billard.gif
    O24 - Desktop Component 2: blog.fr - Créer gratuitement votre blog ici - http://www.blog.fr/

    --
    End of file - 11620 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\cleanmgr.job
    C:\WINDOWS\tasks\Google Software Updater.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-27 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-31 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-31 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]

    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []
    {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-20 344064]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160]
    "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-05-04 794624]
    "Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2005-03-29 233534]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
    "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
    "Flash Player2"=C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe []
    "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-10-09 61440]
    "BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-04 368640]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "Local Security Authority Service"=C:\WINDOWS\system32\lssas.exe []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-31 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-14 1695232]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-06 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    C:\WINDOWS\AGRSMMSG.exe [2005-04-13 88209]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    C:\Program Files\Apoint2K\Apoint.exe [2005-02-08 159744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Ahead\InCD\InCD.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
    c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    ~C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    C:\WINDOWS\system32\NeroCheck.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
    C:\Program Files\Picasa2\PicasaMediaDetector.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-06 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    C:\PROGRA~1\Hp\DIGITA~1\bin\hpqtra08.exe [2004-11-04 258048]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
    C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2009-03-27 161776]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    C:\Documents and Settings\Amélie\Menu Démarrer\Programmes\Démarrage
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-06-21 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Player2"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7ffe33e-acd7-11dc-b897-00150001b82b}]
    shell\AutoRun\command - F:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-03-31 08:22:59 ----D---- C:\Program Files\NOS
    2009-03-31 08:22:59 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-03-31 08:22:50 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-03-31 08:22:50 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-03-31 08:22:50 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-03-31 08:22:49 ----A---- C:\WINDOWS\system32\java.exe
    2009-03-30 20:31:57 ----A---- C:\WINDOWS\system32\lfgif13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltimg13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltfil13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltefx13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltdis13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
    2009-03-30 19:36:02 ----D---- C:\Program Files\Ad-remover
    2009-03-30 09:24:08 ----AC---- C:\cleannavi.txt
    2009-03-29 20:13:47 ----AC---- C:\fixnavi.txt
    2009-03-29 20:09:54 ----D---- C:\Program Files\Navilog1
    2009-03-29 13:08:08 ----D---- C:\Documents and Settings\Amélie\Application Data\Malwarebytes
    2009-03-29 13:07:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-03-29 13:07:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-03-27 14:37:31 ----AC---- C:\du.exe
    2009-03-27 14:36:31 ----AC---- C:\dhu.exe
    2009-03-27 14:07:16 ----D---- C:\Documents and Settings\Amélie\Application Data\DivX
    2009-03-26 20:14:48 ----D---- C:\Program Files\trend micro
    2009-03-26 20:14:47 ----DC---- C:\rsit
    2009-03-25 19:15:33 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-03-25 18:55:20 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-03-25 18:55:20 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-03-25 18:55:19 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-03-25 18:55:18 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2009-03-25 18:55:17 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2009-03-25 18:55:17 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2009-03-25 18:55:16 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2009-03-25 18:55:15 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2009-03-25 18:55:14 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2009-03-25 18:55:11 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2009-03-25 18:55:10 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2009-03-25 18:55:10 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2009-03-25 18:55:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2009-03-25 18:52:09 ----D---- C:\WINDOWS\Logs
    2009-03-25 14:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\Gogii
    2009-03-24 20:57:16 ----D---- C:\Documents and Settings\All Users\Application Data\JollyBear
    2009-03-24 20:50:52 ----D---- C:\Program Files\Fichiers communs\Oberon Media
    2009-03-13 00:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-13 00:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-03-13 00:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-08 21:33:19 ----D---- C:\Program Files\MagicISO
    2009-03-08 18:40:50 ----D---- C:\Program Files\MagicDisc
    2009-03-06 00:43:12 ----D---- C:\Program Files\Games
    2009-03-02 21:44:29 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2009-03-02 20:01:31 ----D---- C:\Program Files\Electronic Arts
    2009-03-02 20:01:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
    2009-03-02 20:01:21 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
    2009-03-02 20:01:20 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
    2009-03-02 20:01:19 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
    2009-03-02 20:01:17 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
    2009-03-02 20:01:16 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
    2009-03-02 20:01:16 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
    2009-03-02 20:01:12 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
    2009-03-02 20:01:10 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
    2009-03-02 20:01:10 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
    2009-03-02 20:01:09 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
    2009-03-02 20:01:09 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
    2009-03-02 20:01:08 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
    2009-03-02 20:01:05 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-03-02 20:01:01 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-03-02 20:00:56 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-03-02 20:00:56 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-03-02 20:00:48 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-03-02 20:00:47 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-03-02 20:00:46 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-03-02 20:00:44 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-03-02 20:00:44 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-03-02 20:00:43 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-03-02 20:00:42 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-03-02 20:00:42 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-03-02 20:00:41 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-03-02 20:00:40 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-03-02 20:00:38 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-03-02 20:00:24 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-03-02 20:00:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-03-02 20:00:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-03-02 20:00:22 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-03-02 20:00:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-03-02 20:00:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-03-02 20:00:18 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-03-02 20:00:13 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-03-01 21:58:26 ----D---- C:\Documents and Settings\All Users\Application Data\GameHouse

    ======List of files/folders modified in the last 1 months======

    2009-03-31 08:24:22 ----D---- C:\WINDOWS\Temp
    2009-03-31 08:23:26 ----SHD---- C:\WINDOWS\Installer
    2009-03-31 08:23:09 ----HD---- C:\Config.Msi
    2009-03-31 08:22:59 ----RD---- C:\Program Files
    2009-03-31 08:22:51 ----D---- C:\Program Files\Mozilla Firefox
    2009-03-31 08:22:50 ----D---- C:\WINDOWS\system32
    2009-03-31 08:22:13 ----D---- C:\Program Files\Java
    2009-03-31 08:18:44 ----SD---- C:\Documents and Settings\Amélie\Application Data\Microsoft
    2009-03-31 08:18:28 ----D---- C:\Program Files\Fichiers communs
    2009-03-31 08:11:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-31 08:06:55 ----SD---- C:\WINDOWS\Tasks
    2009-03-30 22:56:20 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-30 22:56:17 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-03-30 22:56:03 ----A---- C:\WINDOWS\bdagent.INI
    2009-03-30 22:48:19 ----D---- C:\WINDOWS\Prefetch
    2009-03-30 22:35:02 ----D---- C:\Program Files\eMule
    2009-03-30 21:05:35 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-03-30 20:31:48 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-03-30 19:58:32 ----D---- C:\Documents and Settings\Amélie\Application Data\uTorrent
    2009-03-29 14:56:31 ----D---- C:\WINDOWS\system32\drivers
    2009-03-29 14:48:51 ----D---- C:\WINDOWS
    2009-03-29 12:26:15 ----D---- C:\WINDOWS\WinSxS
    2009-03-29 12:26:14 ----D---- C:\Program Files\Windows Live
    2009-03-29 11:55:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-03-28 13:34:46 ----D---- C:\WINDOWS\Help
    2009-03-28 13:34:39 ----D---- C:\WINDOWS\Cursors
    2009-03-28 13:34:34 ----D---- C:\Program Files\Windows NT
    2009-03-28 13:34:19 ----D---- C:\WINDOWS\system32\wbem
    2009-03-27 16:01:23 ----D---- C:\WINDOWS\system32\DirectX
    2009-03-27 16:01:20 ----HD---- C:\WINDOWS\inf
    2009-03-27 15:59:14 ----RSD---- C:\WINDOWS\assembly
    2009-03-27 14:05:05 ----D---- C:\Program Files\Ihsv
    2009-03-25 19:16:39 ----D---- C:\Program Files\DivX
    2009-03-25 12:37:40 ----D---- C:\Documents and Settings\Amélie\Application Data\Macromedia
    2009-03-13 00:44:25 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-13 00:44:21 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-03-11 22:46:11 ----D---- C:\WINDOWS\system32\CatRoot
    2009-03-11 22:44:34 ----HD---- C:\WINDOWS\$hf_mig$
    2009-03-09 18:08:34 ----D---- C:\Program Files\EA GAMES
    2009-03-07 21:33:29 ----D---- C:\Program Files\uTorrent
    2009-03-06 18:32:21 ----D---- C:\WINDOWS\network diagnostic
    2009-03-02 20:12:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
    R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-10-06 129280]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-04-13 1066278]
    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2005-01-31 109319]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-21 1201152]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 86792]
    R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-01-07 196368]
    R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2007-11-29 6144]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-06-20 3281408]
    S2 poof;poof; \??\C:\WINDOWS\system32\poof []
    S3 aet6kt2j;aet6kt2j; C:\WINDOWS\system32\drivers\aet6kt2j.sys []
    S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
    S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
    S3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
    S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
    S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-07-22 30189]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
    S3 catchme;catchme; \??\C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
    S3 kprof;kprof; \??\C:\WINDOWS\system32\kprof []
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
    S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2007-12-01 23616]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
    S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-11-19 47360]
    S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS []
    S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
    S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCIRDA;Pilote de périphérique SMC IrCC Miniport; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-23 36937]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
    S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-21 368640]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-31 152984]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-12-14 61440]
    R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-18 1179648]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
    R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-08-29 1261568]
    R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
    R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
    R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2005-03-04 98304]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
    R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-27 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    31 Mars 2009 16:00:24

    1/

  • Cherche ce fichier : C:\Program Files\trend micro\Amélie.exe
  • Double-clique sur ce fichier.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

    O4 - HKLM\..\Run: [Flash Player2] C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe

    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\lssas.exe

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.


    2/

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe pour le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :services
    aet6kt2j
    kprof
    poof

    :files
    C:\dhu.exe
    C:\du.exe

    :reg
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe"=-

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    2 Avril 2009 15:56:21

    si je me trompe pas c'était le fichier log qui fallait prendre voila le resultat:

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Service\Driver aet6kt2j not found.
    Service\Driver aet6kt2j not found.
    Service\Driver aet6kt2j not found.
    Service\Driver kprof deleted successfully.
    Service\Driver aet6kt2j not found.
    Service\Driver poof deleted successfully.
    ========== FILES ==========
    C:\dhu.exe moved successfully.
    C:\du.exe moved successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\services.exe deleted successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\etilqs_puR9E69WRENMgLBAy0Rh scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\fla1F5.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Temporary Internet Files\Content.IE5\U2TDK2Q5\01[1].htm scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Temporary Internet Files\Content.IE5\U2TDK2Q5\ADSAdClient31CANNNUG5.htm scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_57c.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Application Data\Mozilla\Firefox\Profiles\vtie4np9.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Application Data\Mozilla\Firefox\Profiles\vtie4np9.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Application Data\Mozilla\Firefox\Profiles\vtie4np9.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Application Data\Mozilla\Firefox\Profiles\vtie4np9.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Application Data\Mozilla\Firefox\Profiles\vtie4np9.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Amélie\Local Settings\Application Data\Mozilla\Firefox\Profiles\vtie4np9.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04022009_154928
    a c 295 8 Sécurité
    2 Avril 2009 15:58:05

    Bien, refais un scan RSIT et poste le rapport log.
    2 Avril 2009 16:05:39

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Amélie at 2009-04-02 16:03:28
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 58 GB (61%) free of 95 GB
    Total RAM: 1022 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:03:31, on 02/04/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HPQ\SHARED\HPQWMI.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Amélie\Bureau\Telechargement\RSIT.exe
    C:\Program Files\trend micro\Amélie.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\system32\lssas.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\RunOnce: [OTMoveIt] C:\Documents and Settings\Amélie\Bureau\Telechargement\OTMoveIt3.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O15 - Trusted Zone: http://*.secuser.com
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-f6a99beb0d85ca24.spaces.live.com/PhotoUpload...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    O24 - Desktop Component 0: (no name) - http://www.astwinds.com/Jeux/8ballpool/billard.gif
    O24 - Desktop Component 2: blog.fr - Créer gratuitement votre blog ici - http://www.blog.fr/

    --
    End of file - 11217 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\cleanmgr.job
    C:\WINDOWS\tasks\Google Software Updater.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-27 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-31 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-31 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]

    {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-20 344064]
    "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160]
    "hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-05-04 794624]
    "Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2005-03-29 233534]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
    "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
    "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-10-09 61440]
    "BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-04 368640]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "Local Security Authority Service"=C:\WINDOWS\system32\lssas.exe []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-31 148888]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "OTMoveIt"=C:\Documents and Settings\Amélie\Bureau\Telechargement\OTMoveIt3.exe [2009-04-02 389632]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-14 1695232]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-06 68856]
    "AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
    C:\WINDOWS\AGRSMMSG.exe [2005-04-13 88209]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
    C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
    C:\Program Files\Apoint2K\Apoint.exe [2005-02-08 159744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Ahead\InCD\InCD.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
    c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
    C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    ~C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
    C:\WINDOWS\system32\NeroCheck.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
    C:\Program Files\Picasa2\PicasaMediaDetector.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-06 68856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    C:\PROGRA~1\Hp\DIGITA~1\bin\hpqtra08.exe [2004-11-04 258048]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
    C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2009-03-27 161776]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    C:\Documents and Settings\Amélie\Menu Démarrer\Programmes\Démarrage
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-06-21 46080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7ffe33e-acd7-11dc-b897-00150001b82b}]
    shell\AutoRun\command - F:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-04-02 15:49:28 ----DC---- C:\_OTMoveIt
    2009-04-01 17:45:02 ----D---- C:\Program Files\Euro Truck Simulator
    2009-03-31 08:22:59 ----D---- C:\Program Files\NOS
    2009-03-31 08:22:59 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-03-31 08:22:50 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-03-31 08:22:50 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-03-31 08:22:50 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-03-31 08:22:49 ----A---- C:\WINDOWS\system32\java.exe
    2009-03-30 20:31:57 ----A---- C:\WINDOWS\system32\lfgif13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltimg13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltfil13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltefx13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\ltdis13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
    2009-03-30 20:31:56 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
    2009-03-30 19:36:02 ----D---- C:\Program Files\Ad-remover
    2009-03-30 09:24:08 ----AC---- C:\cleannavi.txt
    2009-03-29 20:13:47 ----AC---- C:\fixnavi.txt
    2009-03-29 20:09:54 ----D---- C:\Program Files\Navilog1
    2009-03-29 13:08:08 ----D---- C:\Documents and Settings\Amélie\Application Data\Malwarebytes
    2009-03-29 13:07:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-03-29 13:07:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-03-27 14:07:16 ----D---- C:\Documents and Settings\Amélie\Application Data\DivX
    2009-03-26 20:14:48 ----D---- C:\Program Files\trend micro
    2009-03-26 20:14:47 ----DC---- C:\rsit
    2009-03-25 19:15:33 ----D---- C:\Program Files\Fichiers communs\DivX Shared
    2009-03-25 18:55:20 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2009-03-25 18:55:20 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2009-03-25 18:55:19 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2009-03-25 18:55:18 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2009-03-25 18:55:17 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2009-03-25 18:55:17 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2009-03-25 18:55:16 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2009-03-25 18:55:15 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2009-03-25 18:55:14 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2009-03-25 18:55:11 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2009-03-25 18:55:10 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2009-03-25 18:55:10 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2009-03-25 18:55:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2009-03-25 18:52:09 ----D---- C:\WINDOWS\Logs
    2009-03-25 14:31:23 ----D---- C:\Documents and Settings\All Users\Application Data\Gogii
    2009-03-24 20:57:16 ----D---- C:\Documents and Settings\All Users\Application Data\JollyBear
    2009-03-24 20:50:52 ----D---- C:\Program Files\Fichiers communs\Oberon Media
    2009-03-13 00:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-13 00:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-03-13 00:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-08 21:33:19 ----D---- C:\Program Files\MagicISO
    2009-03-08 18:40:50 ----D---- C:\Program Files\MagicDisc
    2009-03-06 00:43:12 ----D---- C:\Program Files\Games

    ======List of files/folders modified in the last 1 months======

    2009-04-02 16:02:51 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-04-02 16:02:31 ----D---- C:\WINDOWS\Temp
    2009-04-02 16:02:17 ----D---- C:\Program Files\Mozilla Firefox
    2009-04-02 15:16:31 ----D---- C:\WINDOWS\system32
    2009-04-02 15:06:06 ----SD---- C:\WINDOWS\Tasks
    2009-04-01 18:51:37 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-04-01 18:51:21 ----A---- C:\WINDOWS\bdagent.INI
    2009-04-01 18:46:53 ----D---- C:\Program Files\eMule
    2009-04-01 17:45:02 ----RD---- C:\Program Files
    2009-04-01 14:04:59 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-03-31 09:17:13 ----SHD---- C:\WINDOWS\Installer
    2009-03-31 08:49:22 ----HD---- C:\Config.Msi
    2009-03-31 08:22:13 ----D---- C:\Program Files\Java
    2009-03-31 08:18:44 ----SD---- C:\Documents and Settings\Amélie\Application Data\Microsoft
    2009-03-31 08:18:28 ----D---- C:\Program Files\Fichiers communs
    2009-03-31 08:11:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-30 22:48:19 ----D---- C:\WINDOWS\Prefetch
    2009-03-30 20:31:48 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-03-30 19:58:32 ----D---- C:\Documents and Settings\Amélie\Application Data\uTorrent
    2009-03-29 14:56:31 ----D---- C:\WINDOWS\system32\drivers
    2009-03-29 14:48:51 ----D---- C:\WINDOWS
    2009-03-29 12:26:15 ----D---- C:\WINDOWS\WinSxS
    2009-03-29 12:26:14 ----D---- C:\Program Files\Windows Live
    2009-03-29 11:55:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-03-28 13:34:46 ----D---- C:\WINDOWS\Help
    2009-03-28 13:34:39 ----D---- C:\WINDOWS\Cursors
    2009-03-28 13:34:34 ----D---- C:\Program Files\Windows NT
    2009-03-28 13:34:19 ----D---- C:\WINDOWS\system32\wbem
    2009-03-27 16:01:23 ----D---- C:\WINDOWS\system32\DirectX
    2009-03-27 16:01:20 ----HD---- C:\WINDOWS\inf
    2009-03-27 15:59:14 ----RSD---- C:\WINDOWS\assembly
    2009-03-27 14:05:05 ----D---- C:\Program Files\Ihsv
    2009-03-25 19:16:39 ----D---- C:\Program Files\DivX
    2009-03-25 12:37:40 ----D---- C:\Documents and Settings\Amélie\Application Data\Macromedia
    2009-03-13 00:44:25 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-13 00:44:21 ----RSHD---- C:\WINDOWS\system32\dllcache
    2009-03-11 22:46:11 ----D---- C:\WINDOWS\system32\CatRoot
    2009-03-11 22:44:34 ----HD---- C:\WINDOWS\$hf_mig$
    2009-03-09 18:08:34 ----D---- C:\Program Files\EA GAMES
    2009-03-07 21:33:29 ----D---- C:\Program Files\uTorrent
    2009-03-06 18:32:21 ----D---- C:\WINDOWS\network diagnostic

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
    R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-10-06 129280]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-04-13 1066278]
    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2005-01-31 109319]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-21 1201152]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 86792]
    R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2008-01-07 196368]
    R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2007-11-29 6144]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
    R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S3 awvfofrh;awvfofrh; C:\WINDOWS\system32\drivers\awvfofrh.sys []
    S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
    S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
    S3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
    S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
    S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-07-22 30189]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
    S3 catchme;catchme; \??\C:\DOCUME~1\AMLIE~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
    S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2007-12-01 23616]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
    S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-11-19 47360]
    S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
    S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS []
    S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
    S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCIRDA;Pilote de périphérique SMC IrCC Miniport; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-23 36937]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
    S3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-06-20 3281408]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-21 368640]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-31 152984]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-12-14 61440]
    R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-18 1179648]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
    R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-08-29 1261568]
    R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
    R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
    R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2005-03-04 98304]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
    R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-27 183280]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    2 Avril 2009 16:18:00

  • Télécharge SDFix (créé par AndyManchesta) sur ton Bureau.
  • Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
  • Redémarre ton ordinateur en Mode sans échec.

    Pour redémarrer en mode sans échec :
  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.

    Déroule la liste des instructions ci-dessous :
  • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS