Votre question

Virus cid

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
24 Mars 2009 19:56:56

salut a tous
voila, depuit deux semaines je n'arrete pas de recevoir des fenetres pop up
dés que j'ouvre internet explorer, ces fenetres s'intitulent cid, un virus apparament voici le rapport de lop s et d
merci pour votre aide
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ )
BIOS : BIOS Date: 10/30/07 13:41:53 Ver: 08.00.12
USER : Administrateur ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:30 Go)
E:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 24/03/2009|19:40 )

--------------------\\ Listing des dossiers dans APPLIC~1

[27/12/2008|00:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[29/06/2008|15:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[29/07/2008|21:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
[09/03/2009|19:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\AVGTOOLBAR
[16/06/2008|11:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\DAEMON Tools
[02/12/2008|11:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
[02/03/2009|11:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope
[08/07/2008|18:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\EoRezo
[15/06/2008|18:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Grisbi
[17/07/2008|11:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[16/06/2008|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[10/07/2008|19:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\ItsLabel
[15/06/2008|21:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[21/01/2009|14:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[27/12/2008|00:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nero
[12/03/2009|19:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
[21/11/2008|00:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Samsung
[10/03/2009|23:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony Corporation
[01/09/2008|13:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[07/07/2008|21:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[10/11/2008|19:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[12/03/2009|19:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
[18/06/2008|20:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR

[05/01/2009|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/07/2008|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[07/03/2009|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/07/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/03/2009|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet
[14/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
[22/12/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/02/2009|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[27/12/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PIXELA
[10/03/2009|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[06/02/2009|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vso
[10/11/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/06/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[15/06/2008|12:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/07/2008|14:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/07/2008|14:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[22/03/2009 12:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2002 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/01/2009|10:15] C:\Program Files\Adobe
[20/07/2008|14:18] C:\Program Files\AVG
[15/06/2008|12:37] C:\Program Files\ComPlus Applications
[16/06/2008|11:25] C:\Program Files\DAEMON Tools Lite
[15/06/2008|12:36] C:\Program Files\Desktop
[15/06/2008|12:58] C:\Program Files\DIFX
[24/03/2009|18:55] C:\Program Files\eMule
[08/07/2008|18:52] C:\Program Files\EoRezo
[17/07/2008|11:46] C:\Program Files\FaxTools
[12/03/2009|20:18] C:\Program Files\Fichiers communs
[10/03/2009|23:48] C:\Program Files\InstallShield Installation Information
[15/06/2008|21:24] C:\Program Files\Internet Explorer
[01/09/2008|13:22] C:\Program Files\Java
[14/12/2008|20:25] C:\Program Files\KONAMI
[29/06/2008|19:37] C:\Program Files\Labtec
[17/07/2008|11:47] C:\Program Files\Lexmark 3100 Series
[22/12/2008|21:20] C:\Program Files\Microsoft
[22/07/2008|19:52] C:\Program Files\Microsoft Office
[22/12/2008|21:21] C:\Program Files\Microsoft SQL Server Compact Edition
[22/12/2008|21:22] C:\Program Files\Microsoft Sync Framework
[22/07/2008|19:50] C:\Program Files\Microsoft.NET
[15/06/2008|12:37] C:\Program Files\Movie Maker
[12/07/2008|19:48] C:\Program Files\MSECache
[15/06/2008|12:36] C:\Program Files\MSN Gaming Zone
[15/06/2008|12:39] C:\Program Files\MSXML 4.0
[12/03/2009|20:18] C:\Program Files\Nero
[15/06/2008|12:37] C:\Program Files\NetMeeting
[15/06/2008|17:10] C:\Program Files\Neuf
[15/06/2008|12:37] C:\Program Files\Outlook Express
[27/12/2008|00:19] C:\Program Files\PIXELA
[18/06/2008|09:56] C:\Program Files\Realtek
[20/11/2008|23:52] C:\Program Files\Samsung
[15/06/2008|12:38] C:\Program Files\Services en ligne
[10/03/2009|23:48] C:\Program Files\Sony
[10/11/2008|19:32] C:\Program Files\VideoLAN
[22/12/2008|21:23] C:\Program Files\Windows Live
[22/12/2008|21:20] C:\Program Files\Windows Live SkyDrive
[22/12/2008|21:22] C:\Program Files\Windows Live Toolbar
[15/06/2008|12:36] C:\Program Files\Windows Media Connect 2
[10/11/2008|19:25] C:\Program Files\Windows Media Player
[15/06/2008|12:36] C:\Program Files\Windows NT
[15/06/2008|12:38] C:\Program Files\WindowsUpdate
[18/06/2008|20:27] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/01/2009|10:15] C:\Program Files\Fichiers communs\Adobe
[12/03/2009|20:20] C:\Program Files\Fichiers communs\Ahead
[22/07/2008|19:52] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|11:46] C:\Program Files\Fichiers communs\InstallShield
[01/09/2008|13:21] C:\Program Files\Fichiers communs\Java
[29/06/2008|19:37] C:\Program Files\Fichiers communs\Labtec
[29/06/2008|19:37] C:\Program Files\Fichiers communs\LogiShrd
[22/07/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/06/2008|12:37] C:\Program Files\Fichiers communs\MSSoap
[15/06/2008|14:30] C:\Program Files\Fichiers communs\ODBC
[15/06/2008|12:37] C:\Program Files\Fichiers communs\Services
[10/03/2009|23:47] C:\Program Files\Fichiers communs\Sony Shared
[15/06/2008|14:30] C:\Program Files\Fichiers communs\SpeechEngines
[22/07/2008|19:52] C:\Program Files\Fichiers communs\System
[22/12/2008|21:13] C:\Program Files\Fichiers communs\Windows Live
[15/06/2008|21:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 48 Processes )

iexplore.exe ~ [PID:248]
iexplore.exe ~ [PID:480]
iexplore.exe ~ [PID:800]
iexplore.exe ~ [PID:3044]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bis42.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope
C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope\errorpingglobal.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope\LinkBashTitle.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope\lkukdcmt.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet
C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet\bind meow.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet\bind meow.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\TorrentSpeeder.zip
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertstream[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@adultfriendfinder[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.cotedazurpalace[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cotedazurpalace[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@adopt.euroclick[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@pacificpoker[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@partypoker[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.32vegas[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@2xmoinscher[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cc.2xmoinscher[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@888[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shim bits rdr]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\enchope\\errorpingglobal.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"biasaxis"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\enchope\\errorpingglobal.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Long Internet Team Stupid"="C:\\Documents and Settings\\All Users\\Application Data\\comp two long internet\\bind meow.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-24 19:41:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:7703][D:109]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:1816][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:5612][D:62]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 24/03/2009|19:42 - Option : [1]

--------------------\\ Fin du rapport a 19:42:16

Autres pages sur : virus cid

a c 326 8 Sécurité
24 Mars 2009 20:56:14

Salut,

  • Relance Lop S&D, fais l'option 2 et poste le rapport.
    24 Mars 2009 21:43:31


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ )
    BIOS : BIOS Date: 10/30/07 13:41:53 Ver: 08.00.12
    USER : Administrateur ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:74 Go (Free:30 Go)
    E:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go)
    F:\ (CD or DVD)
    I:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 24/03/2009|21:39 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet\bind meow.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet\bind meow.exe
    Supprime! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\TorrentSpeeder.zip
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertstream[1].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@adultfriendfinder[2].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@pacificpoker[1].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.32vegas[2].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cc.2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@888[2].txt
    Supprime! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bis42.exe
    Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope\errorpingglobal.exe
    Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope\LinkBashTitle.exe
    Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope\lkukdcmt.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\comp two long internet
    Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\enchope

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [27/12/2008|00:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [29/06/2008|15:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
    [29/07/2008|21:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
    [09/03/2009|19:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\AVGTOOLBAR
    [16/06/2008|11:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\DAEMON Tools
    [02/12/2008|11:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
    [08/07/2008|18:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\EoRezo
    [15/06/2008|18:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Grisbi
    [17/07/2008|11:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
    [16/06/2008|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [10/07/2008|19:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\ItsLabel
    [15/06/2008|21:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
    [21/01/2009|14:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [27/12/2008|00:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nero
    [12/03/2009|19:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
    [21/11/2008|00:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Samsung
    [10/03/2009|23:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony Corporation
    [01/09/2008|13:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
    [07/07/2008|21:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
    [10/11/2008|19:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
    [12/03/2009|19:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
    [24/03/2009|20:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Live Writer
    [18/06/2008|20:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR

    [05/01/2009|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [29/07/2008|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [07/03/2009|11:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [17/07/2008|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [14/12/2008|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
    [22/12/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/02/2009|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [27/12/2008|00:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PIXELA
    [10/03/2009|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
    [06/02/2009|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Vso
    [10/11/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [15/06/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [15/06/2008|12:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [20/07/2008|14:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/07/2008|14:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [22/03/2009 12:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [07/09/2002 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [05/01/2009|10:15] C:\Program Files\Adobe
    [20/07/2008|14:18] C:\Program Files\AVG
    [15/06/2008|12:37] C:\Program Files\ComPlus Applications
    [16/06/2008|11:25] C:\Program Files\DAEMON Tools Lite
    [15/06/2008|12:36] C:\Program Files\Desktop
    [15/06/2008|12:58] C:\Program Files\DIFX
    [24/03/2009|18:55] C:\Program Files\eMule
    [08/07/2008|18:52] C:\Program Files\EoRezo
    [17/07/2008|11:46] C:\Program Files\FaxTools
    [12/03/2009|20:18] C:\Program Files\Fichiers communs
    [10/03/2009|23:48] C:\Program Files\InstallShield Installation Information
    [15/06/2008|21:24] C:\Program Files\Internet Explorer
    [01/09/2008|13:22] C:\Program Files\Java
    [14/12/2008|20:25] C:\Program Files\KONAMI
    [29/06/2008|19:37] C:\Program Files\Labtec
    [17/07/2008|11:47] C:\Program Files\Lexmark 3100 Series
    [22/12/2008|21:20] C:\Program Files\Microsoft
    [22/07/2008|19:52] C:\Program Files\Microsoft Office
    [22/12/2008|21:21] C:\Program Files\Microsoft SQL Server Compact Edition
    [22/12/2008|21:22] C:\Program Files\Microsoft Sync Framework
    [22/07/2008|19:50] C:\Program Files\Microsoft.NET
    [15/06/2008|12:37] C:\Program Files\Movie Maker
    [12/07/2008|19:48] C:\Program Files\MSECache
    [15/06/2008|12:36] C:\Program Files\MSN Gaming Zone
    [15/06/2008|12:39] C:\Program Files\MSXML 4.0
    [12/03/2009|20:18] C:\Program Files\Nero
    [15/06/2008|12:37] C:\Program Files\NetMeeting
    [15/06/2008|17:10] C:\Program Files\Neuf
    [15/06/2008|12:37] C:\Program Files\Outlook Express
    [27/12/2008|00:19] C:\Program Files\PIXELA
    [18/06/2008|09:56] C:\Program Files\Realtek
    [20/11/2008|23:52] C:\Program Files\Samsung
    [15/06/2008|12:38] C:\Program Files\Services en ligne
    [10/03/2009|23:48] C:\Program Files\Sony
    [10/11/2008|19:32] C:\Program Files\VideoLAN
    [22/12/2008|21:23] C:\Program Files\Windows Live
    [22/12/2008|21:20] C:\Program Files\Windows Live SkyDrive
    [22/12/2008|21:22] C:\Program Files\Windows Live Toolbar
    [15/06/2008|12:36] C:\Program Files\Windows Media Connect 2
    [10/11/2008|19:25] C:\Program Files\Windows Media Player
    [15/06/2008|12:36] C:\Program Files\Windows NT
    [15/06/2008|12:38] C:\Program Files\WindowsUpdate
    [18/06/2008|20:27] C:\Program Files\WinRAR

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [05/01/2009|10:15] C:\Program Files\Fichiers communs\Adobe
    [12/03/2009|20:20] C:\Program Files\Fichiers communs\Ahead
    [22/07/2008|19:52] C:\Program Files\Fichiers communs\DESIGNER
    [17/07/2008|11:46] C:\Program Files\Fichiers communs\InstallShield
    [01/09/2008|13:21] C:\Program Files\Fichiers communs\Java
    [29/06/2008|19:37] C:\Program Files\Fichiers communs\Labtec
    [29/06/2008|19:37] C:\Program Files\Fichiers communs\LogiShrd
    [22/07/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
    [15/06/2008|12:37] C:\Program Files\Fichiers communs\MSSoap
    [15/06/2008|14:30] C:\Program Files\Fichiers communs\ODBC
    [15/06/2008|12:37] C:\Program Files\Fichiers communs\Services
    [10/03/2009|23:47] C:\Program Files\Fichiers communs\Sony Shared
    [15/06/2008|14:30] C:\Program Files\Fichiers communs\SpeechEngines
    [22/07/2008|19:52] C:\Program Files\Fichiers communs\System
    [22/12/2008|21:13] C:\Program Files\Fichiers communs\Windows Live
    [15/06/2008|21:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 43 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[2].txt
    C:\DOCUME~1\ADMINI~1\Cookies\administrateur@adopt.euroclick[2].txt
    C:\DOCUME~1\ADMINI~1\Cookies\administrateur@partypoker[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-24 21:40:03
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 3

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:7723][D:109]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
    [F:1812][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
    [F:5216][D:62]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 24/03/2009|19:42 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 24/03/2009|21:40 - Option : [2]

    --------------------\\ Fin du rapport a 21:40:50
    Contenus similaires
    a c 326 8 Sécurité
    24 Mars 2009 21:49:41

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    24 Mars 2009 22:00:54

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-03-24 21:57:36
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 31 GB (40%) free of 76 GB
    Total RAM: 2047 MB (68% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:57:39, on 24/03/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20583)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\GCameraMoniter.exe
    C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\AVG\AVG8\aAvgApi.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
    C:\Program Files\trend micro\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Camera Monitor.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 9725 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-07 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
    Windows Live Family Safety Browser Helper Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    EoBho Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-03-07 1968920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-03-07 1968920]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-07 8523776]
    "NWEReboot"= []
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
    "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2008-12-08 453984]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-07 1932568]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 []
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
    "AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\GCameraMoniter.exe

    C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-03-07 10520]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2007-06-26 133632]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 240128]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "ForceClassicControlPanel"=1
    "StartMenuLogoff"=1
    "ForceStartMenuLogoff"=0
    "NoResolveTrack"=1
    "NoResolveSearch"=1
    "NoInstrumentation"=1
    "NoStartMenuMFUprogramsList"=1
    "NoDriveAutoRun"=00000000

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59a5ee07-3ad9-11dd-8fd7-806d6172696f}]
    shell\AutoRun\command - E:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-03-24 21:53:08 ----D---- C:\rsit
    2009-03-24 21:53:08 ----D---- C:\Program Files\trend micro
    2009-03-24 20:19:28 ----D---- C:\Documents and Settings\Administrateur\Application Data\Windows Live Writer
    2009-03-24 19:40:43 ----A---- C:\lopR.txt
    2009-03-24 19:40:02 ----D---- C:\Lop SD
    2009-03-24 19:39:27 ----A---- C:\Program Files\LopSD.exe
    2009-03-12 20:18:54 ----D---- C:\Program Files\Nero
    2009-03-12 20:18:54 ----D---- C:\Program Files\Fichiers communs\Ahead
    2009-03-12 20:04:41 ----A---- C:\Program Files\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe
    2009-03-12 18:54:22 ----RD---- C:\reste disque dur de merde
    2009-03-10 23:48:41 ----N---- C:\WINDOWS\snymsico.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CDDBUISony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbPlaylist2Sony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbMusicIDSony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbLinkSony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbLangFRSony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CDDBControlSony.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\px.dll
    2009-03-10 23:48:10 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    2009-03-10 23:47:46 ----D---- C:\Program Files\Sony
    2009-03-10 23:47:42 ----A---- C:\WINDOWS\system32\omginstlog.txt
    2009-03-10 23:47:26 ----D---- C:\Program Files\Fichiers communs\Sony Shared
    2009-03-10 23:47:26 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sony Corporation
    2009-03-07 09:48:31 ----A---- C:\Program Files\avg_free_stf_eu_85_278a1439.exe

    ======List of files/folders modified in the last 1 months======

    2009-03-24 21:53:08 ----RD---- C:\Program Files
    2009-03-24 21:39:31 ----D---- C:\WINDOWS\Prefetch
    2009-03-24 20:34:38 ----D---- C:\WINDOWS\Temp
    2009-03-24 19:35:47 ----SD---- C:\WINDOWS\Tasks
    2009-03-24 19:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-24 18:55:40 ----D---- C:\Program Files\eMule
    2009-03-24 12:01:57 ----HD---- C:\$AVG8.VAULT$
    2009-03-22 12:33:34 ----SHD---- C:\WINDOWS\CSC
    2009-03-21 20:27:03 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-03-17 12:25:44 ----A---- C:\WINDOWS\lexstat.ini
    2009-03-16 06:39:00 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-03-13 07:13:00 ----SHD---- C:\WINDOWS\Installer
    2009-03-12 20:20:31 ----D---- C:\WINDOWS\system32\drivers
    2009-03-12 20:20:30 ----D---- C:\WINDOWS\system32
    2009-03-12 20:20:27 ----D---- C:\WINDOWS
    2009-03-12 20:18:54 ----D---- C:\Program Files\Fichiers communs
    2009-03-12 19:32:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Vso
    2009-03-12 19:32:17 ----A---- C:\Documents and Settings\Administrateur\Application Data\inst.exe
    2009-03-12 19:07:28 ----RSD---- C:\WINDOWS\assembly
    2009-03-12 19:05:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org2
    2009-03-10 23:52:19 ----HD---- C:\WINDOWS\inf
    2009-03-10 23:48:42 ----D---- C:\WINDOWS\LastGood
    2009-03-10 23:48:40 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-03-09 19:33:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\AVGTOOLBAR
    2009-03-07 11:01:59 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-03-07 11:01:48 ----D---- C:\Documents and Settings\All Users\Application Data\avg8

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-07 325640]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-03-07 27656]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-03-07 107912]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-21 5632]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
    R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2006-02-26 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-02-03 4474368]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-07 7429088]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
    S3 a5xbvrcg;a5xbvrcg; C:\WINDOWS\system32\drivers\a5xbvrcg.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-03-06 41376]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-06 47360]
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2007-06-26 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-06-26 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-07 298264]
    R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
    R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-29 307200]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-07 155716]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
    S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
    S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
    S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------
    24 Mars 2009 22:06:27



    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->Dummy
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
    AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    FaxTools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x40c ControlPanel
    Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
    Garmin WebUpdater-->MsiExec.exe /X{366FFC89-C800-4366-B903-B9C4314109A5}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    ImageMixer 3 for TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3A093D6-AE67-4B9B-AB6D-4DF26E313A2A}\setup.exe" -l0x40c UNINSTALL -removeonly
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
    Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
    Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    Labtec WebCam-->MsiExec.exe /X{995BF1A7-30E5-49E5-A0E4-AD3213D9E330}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Lexmark 3100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBRUN5C.EXE -dLexmark 3100 Series
    Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
    Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{025B7033-5D4A-4B72-A1C2-84BE4BE2F72F}
    MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
    Nero 7 Premium-->MsiExec.exe /X{22FB6750-ADDF-4726-B67F-6901E1991036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
    OpenMG Secure Module 4.7.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C7A451815AD6A55564D6F47B5A12C61D8B4DCFD1\amdk8.inf
    Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
    Programme de gestion Camera de Labtec®-->"C:\Program Files\Fichiers communs\Labtec\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    SonicStage 4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
    Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
    VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
    Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
    Windows Live Contrôle parental-->MsiExec.exe /X{EB8BAA0D-11EF-4EDC-A960-2AB7CA8F53F0}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
    Windows Live Toolbar-->MsiExec.exe /X{915809D6-1F93-45F2-9699-5F1DA64DC24B}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

    Securitycenter WMI appears to be broken

    ======System event log======

    Computer Name: SWEET-353D8C307
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service NMIndexingService.

    Record Number: 9816
    Source Name: Service Control Manager
    Time Written: 20090202220824.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: SWEET-353D8C307
    Event Code: 7036
    Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

    Record Number: 9815
    Source Name: Service Control Manager
    Time Written: 20090202220820.000000+060
    Event Type: Informations
    User:

    Computer Name: SWEET-353D8C307
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

    Record Number: 9814
    Source Name: Service Control Manager
    Time Written: 20090202220820.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: SWEET-353D8C307
    Event Code: 7
    Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.

    Record Number: 9813
    Source Name: Cdrom
    Time Written: 20090202220819.000000+060
    Event Type: erreur
    User:

    Computer Name: SWEET-353D8C307
    Event Code: 7
    Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.

    Record Number: 9812
    Source Name: Cdrom
    Time Written: 20090202220818.000000+060
    Event Type: erreur
    User:

    =====Application event log=====

    Computer Name: SWEET-353D8C307
    Event Code: 101
    Message: MsnMsgr (1964) Le moteur de base de données est arrêté.

    Record Number: 3599
    Source Name: ESENT
    Time Written: 20081109051037.000000+060
    Event Type: Informations
    User:

    Computer Name: SWEET-353D8C307
    Event Code: 103
    Message: MsnMsgr (1964) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\eljaissi@hotmail.com\SharingMetadata\Working\database_4410_9A12_109A_B56\dfsr.db: Le moteur de base de données a arrêté une instance (0).

    Record Number: 3598
    Source Name: ESENT
    Time Written: 20081109051037.000000+060
    Event Type: Informations
    User:

    Computer Name: SWEET-353D8C307
    Event Code: 102
    Message: MsnMsgr (1964) \\.\C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\eljaissi@hotmail.com\SharingMetadata\Working\database_4410_9A12_109A_B56\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 3597
    Source Name: ESENT
    Time Written: 20081109050817.000000+060
    Event Type: Informations
    User:

    Computer Name: SWEET-353D8C307
    Event Code: 100
    Message: MsnMsgr (1964) Le moteur de base de données 5.01.2600.2780 est démarré.

    Record Number: 3596
    Source Name: ESENT
    Time Written: 20081109050817.000000+060
    Event Type: Informations
    User:

    Computer Name: SWEET-353D8C307
    Event Code: 101
    Message: MsnMsgr (1964) Le moteur de base de données est arrêté.

    Record Number: 3595
    Source Name: ESENT
    Time Written: 20081109022835.000000+060
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
    "PROCESSOR_REVISION"=4303
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------
    24 Mars 2009 22:07:11

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Administrateur at 2009-03-24 22:04:43
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 31 GB (40%) free of 76 GB
    Total RAM: 2047 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:04:45, on 24/03/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20583)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\GCameraMoniter.exe
    C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\AVG\AVG8\aAvgApi.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
    C:\Program Files\trend micro\Administrateur.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Camera Monitor.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

    --
    End of file - 9758 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-03-07 1078552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
    Windows Live Family Safety Browser Helper Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    EoBho Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-03-07 1968920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-03-07 1968920]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-07 8523776]
    "NWEReboot"= []
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
    "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2008-12-08 453984]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-03-07 1932568]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 []
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
    "AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer 3 for TOSHIBA\GCameraMoniter.exe

    C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Administrateur\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
    C:\WINDOWS\system32\avgrsstx.dll [2009-03-07 10520]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2007-06-26 133632]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 240128]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "ForceClassicControlPanel"=1
    "StartMenuLogoff"=1
    "ForceStartMenuLogoff"=0
    "NoResolveTrack"=1
    "NoResolveSearch"=1
    "NoInstrumentation"=1
    "NoStartMenuMFUprogramsList"=1
    "NoDriveAutoRun"=00000000

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59a5ee07-3ad9-11dd-8fd7-806d6172696f}]
    shell\AutoRun\command - E:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-03-24 21:53:08 ----D---- C:\rsit
    2009-03-24 21:53:08 ----D---- C:\Program Files\trend micro
    2009-03-24 20:19:28 ----D---- C:\Documents and Settings\Administrateur\Application Data\Windows Live Writer
    2009-03-24 19:40:43 ----A---- C:\lopR.txt
    2009-03-24 19:40:02 ----D---- C:\Lop SD
    2009-03-24 19:39:27 ----A---- C:\Program Files\LopSD.exe
    2009-03-12 20:18:54 ----D---- C:\Program Files\Nero
    2009-03-12 20:18:54 ----D---- C:\Program Files\Fichiers communs\Ahead
    2009-03-12 20:04:41 ----A---- C:\Program Files\nero-7_nero_7.11.6.0_mise_a_jour_francais_10297.exe
    2009-03-12 18:54:22 ----RD---- C:\reste disque dur de merde
    2009-03-10 23:48:41 ----N---- C:\WINDOWS\snymsico.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CDDBUISony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbPlaylist2Sony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbMusicIDSony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbLinkSony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CddbLangFRSony.dll
    2009-03-10 23:48:27 ----A---- C:\WINDOWS\system32\CDDBControlSony.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-03-10 23:48:26 ----N---- C:\WINDOWS\system32\px.dll
    2009-03-10 23:48:10 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    2009-03-10 23:47:46 ----D---- C:\Program Files\Sony
    2009-03-10 23:47:42 ----A---- C:\WINDOWS\system32\omginstlog.txt
    2009-03-10 23:47:26 ----D---- C:\Program Files\Fichiers communs\Sony Shared
    2009-03-10 23:47:26 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sony Corporation
    2009-03-07 09:48:31 ----A---- C:\Program Files\avg_free_stf_eu_85_278a1439.exe

    ======List of files/folders modified in the last 1 months======

    2009-03-24 21:53:08 ----RD---- C:\Program Files
    2009-03-24 21:39:31 ----D---- C:\WINDOWS\Prefetch
    2009-03-24 20:34:38 ----D---- C:\WINDOWS\Temp
    2009-03-24 19:35:47 ----SD---- C:\WINDOWS\Tasks
    2009-03-24 19:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-24 18:55:40 ----D---- C:\Program Files\eMule
    2009-03-24 12:01:57 ----HD---- C:\$AVG8.VAULT$
    2009-03-22 12:33:34 ----SHD---- C:\WINDOWS\CSC
    2009-03-21 20:27:03 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-03-17 12:25:44 ----A---- C:\WINDOWS\lexstat.ini
    2009-03-16 06:39:00 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-03-13 07:13:00 ----SHD---- C:\WINDOWS\Installer
    2009-03-12 20:20:31 ----D---- C:\WINDOWS\system32\drivers
    2009-03-12 20:20:30 ----D---- C:\WINDOWS\system32
    2009-03-12 20:20:27 ----D---- C:\WINDOWS
    2009-03-12 20:18:54 ----D---- C:\Program Files\Fichiers communs
    2009-03-12 19:32:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Vso
    2009-03-12 19:32:17 ----A---- C:\Documents and Settings\Administrateur\Application Data\inst.exe
    2009-03-12 19:07:28 ----RSD---- C:\WINDOWS\assembly
    2009-03-12 19:05:49 ----D---- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org2
    2009-03-10 23:52:19 ----HD---- C:\WINDOWS\inf
    2009-03-10 23:48:42 ----D---- C:\WINDOWS\LastGood
    2009-03-10 23:48:40 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-03-09 19:33:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\AVGTOOLBAR
    2009-03-07 11:01:59 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2009-03-07 11:01:48 ----D---- C:\Documents and Settings\All Users\Application Data\avg8

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-07 325640]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-03-07 27656]
    R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-03-07 107912]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-21 5632]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
    R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2006-02-26 138752]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-02-03 4474368]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-07 7429088]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
    S3 a5xbvrcg;a5xbvrcg; C:\WINDOWS\system32\drivers\a5xbvrcg.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
    S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
    S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-03-06 41376]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-06 47360]
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-03-06 491168]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2007-06-26 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-06-26 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-07 298264]
    R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
    R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-29 307200]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-07 155716]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
    S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
    S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
    S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
    S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------
    a c 326 8 Sécurité
    24 Mars 2009 22:07:30

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
  • Au menu principal, choisis l'option A.
  • Poste le rapport qui apparaît à la fin (C:\Ad-report(date).log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    24 Mars 2009 22:15:26

    ------- LOGFILE OF AD-REMOVER 1.1.2.1 | ONLY XP/VISTA -------

    Updated by C_XX on 23/03/2009 at 19:00
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

    Start at: 22:11:31, Mar 24/03/2009 | Boot mode: Normal Boot
    Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
    Computer Name: SWEET-353D8C307
    Current User: Administrateur - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - E:\ (File System: UDF)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 41

    +-----------------| Boonty/Boonty Games Elements Found:

    .
    .

    +-----------------| Eorezo Elements Found:

    HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\EoRezo
    HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    .
    C:\Program Files\EoRezo
    C:\Documents and Settings\Administrateur\Application Data\EoRezo

    +-----------------| Infected Poker Softwares Elements Found:

    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@partypoker[2].txt

    +-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:

    .
    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@myfuncards[2].txt

    +-----------------| It's TV Elements Found:

    HKCU\Software\ItsLabel
    HKLM\Software\ItsLabel
    HKU\S-1-5-21-746137067-1604221776-839522115-500\Software\ItsLabel
    .
    C:\Documents and Settings\Administrateur\Application Data\ItsLabel

    +-----------------| Sweetim Elements Found:

    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@sweetim[2].txt
    C:\Documents and Settings\Administrateur\Cookies\administrateur@www.sweetim[2].txt
    C:\Documents and Settings\Administrateur\Cookies\administrateur@www.sweetim[3].txt

    ============ Other Adwares Found ============

    .
    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@atdmt[1].txt

    +-----------------| Added Scan:

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Search bar: hxxp://recherche.neuf.fr/ie/default.html
    Search Page: hxxp://recherche.neuf.fr/
    Start page: hxxp://fr.msn.com/
    Start page: hxxp://fr.msn.com/
    Start Page Restore: hxxp://fr.msn.com/

    +-[HKEY_USERS\S-1-5-21-746137067-1604221776-839522115-500\..\Internet Explorer\Main]

    Search bar: hxxp://recherche.neuf.fr/ie/default.html
    Search Page: hxxp://recherche.neuf.fr/
    Start page: hxxp://fr.msn.com/
    Start page: hxxp://fr.msn.com/
    Start Page Restore: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://recherche.neuf.fr/
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start page: hxxp://lo.st

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://lo.st

    +---------------------------------------------------------------------------+

    3676 Byte(s) - C:\Ad-Report-Scan-24.03.2009.log

    0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
    0 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

    End at: 22:13:42 | 24/03/2009
    .
    +-----------------| E.O.F - 81 Lines
    .
    24 Mars 2009 22:22:25

    ca a l'air d'aller , merci beaucoup super sympa
    par contre les programmes telecharger pour le virus je peux les zappés ou pas
    a c 326 8 Sécurité
    24 Mars 2009 22:27:50

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le raccourci d'Ad-Remover pour le lancer.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)

  • Au menu principal, choisis l'option B.

  • Coche A à l'écran de sélection :



  • Puis choisis S, le programme va travailler.

  • Poste le rapport qui apparaît à la fin (C:\Ad-report.log).

    /!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide /!\
    24 Mars 2009 22:58:21

    ------- LOGFILE OF AD-REMOVER 1.1.2.1 | ONLY XP/VISTA -------

    Updated by C_XX on 23/03/2009 at 19:00
    Contact: AdRemover.contact@gmail.com
    Website: http://pagesperso-orange.fr/FindyKill.Ad.Remover/

    **** LIMITED TO ****

    Boonty/BoontyGames
    Eorezo
    Infected Poker Softwares
    FunWebProduct/MyWay/MyWebSearch
    It's TV
    Sweetim
    Other Adwares

    ********************

    Start at: 22:53:45, Mar 24/03/2009 | Boot mode: Normal Boot
    Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
    Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
    Computer Name: SWEET-353D8C307
    Current User: Administrateur - Administrator
    Drive(s):
    - C:\ (File System: NTFS)
    - E:\ (File System: UDF)
    System Drive: C:\
    Windows Directory: C:\WINDOWS\
    System Directory: C:\WINDOWS\System32\

    --- Running Processes: 40

    (!) ---- IE start pages/Tabs reset

    +-----------------| Boonty/Boonty Games Elements Deleted :

    .
    .

    +-----------------| Eorezo Elements Deleted :

    HKCR\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
    HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
    HKCU\Software\EoRezo
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
    .
    C:\Program Files\EoRezo
    C:\Documents and Settings\Administrateur\Application Data\EoRezo

    +-----------------| Infected Poker Softwares Elements Deleted :

    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@partypoker[2].txt

    +-----------------| FunWebProducts/MyWay/MyWebSearch Elements Deleted :

    .
    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@myfuncards[2].txt

    +-----------------| It's TV Elements Deleted :

    HKCU\Software\ItsLabel
    HKLM\Software\ItsLabel
    .
    C:\Documents and Settings\Administrateur\Application Data\ItsLabel

    +-----------------| Sweetim Elements Deleted :

    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@sweetim[2].txt
    C:\Documents and Settings\Administrateur\Cookies\administrateur@www.sweetim[2].txt
    C:\Documents and Settings\Administrateur\Cookies\administrateur@www.sweetim[3].txt

    ============ Other Adwares Deleted ============

    .
    .
    C:\Documents and Settings\Administrateur\Cookies\administrateur@atdmt[1].txt
    C:\Documents and Settings\Administrateur\Cookies\administrateur@bs.serving-sys[1].txt

    (!) ---- Temp files deleted.
    (!) ---- Recycle bin emptied in all drives.


    +-----------------| Added Scan :

    ---- Internet Explorer Version 7.0.5730.11 ----

    +-[HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://recherche.neuf.fr/
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

    +-[HKEY_USERS\S-1-5-21-746137067-1604221776-839522115-500\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Search Page: hxxp://recherche.neuf.fr/
    Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start page: hxxp://fr.msn.com/

    +-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://ieframe.dll/tabswelcome.htm

    +---------------------------------------------------------------------------+

    4144 Byte(s) - C:\Ad-Report-Clean-24.03.2009.log
    3916 Byte(s) - C:\Ad-Report-Scan-24.03.2009.log

    0 File(s) - C:\Program Files\Ad-remover\TOOLS\BACKUP
    7 File(s) - C:\Program Files\Ad-remover\TOOLS\QUARANTINE

    End at: 22:57:14 | 24/03/2009
    .
    +-----------------| E.O.F - 89 Lines
    .
    a c 326 8 Sécurité
    24 Mars 2009 23:17:42

    1/

  • Désinstalle HijackThis, Ad-Remover et Java 6 Update 4.
  • Mets à jour Java.
  • Mets à jour Adobe Reader.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

  • Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    25 Mars 2009 16:30:21

    [ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

    -->- Recherche:

    C:\lopR.txt: trouvé !
    C:\Lop SD: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Administrateur\Bureau\Rsit.exe: trouvé !
    C:\Program Files\LopSD.exe: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Program Files\LopSD.exe: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\lopR.txt: supprimé !
    C:\Documents and Settings\Administrateur\Bureau\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\Lop SD: supprimé !
    C:\Rsit: supprimé !

    Corbeille vidée!
    a c 326 8 Sécurité
    25 Mars 2009 16:34:51

    Tu peux supprimer ToolsCleaner.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS