Se connecter / S'enregistrer
Votre question

Problème URGENT =S

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Décembre 2008 14:13:17

Bonjour tout le monde.
Je vous explique mon problème.
Des page internet s'ouvrent sans que je ne le demande, genre:"Devenez propriétaire pour 300€/mois!!"...
D'autres onglets s'ouvrent et ce sont des sites pas très² cool...
Mon internet est considéablement ralenti :s
Qu'est ce qu'il a mon ordi Docteur? x)
Merci de vos réponses, si vous avez une solution, j'veux bien l'entendre =)
Merci

Autres pages sur : probleme urgent

19 Décembre 2008 15:27:26

salut clock3011 !Nous allons commencer le néttoyage de ton pc :) 

I)Détection des bestioles avec Malwarebyte's Anti-Malware


Télécharger sur ton bureau Malwarebyte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

1)Double-clic « mbam-setup »,l'installation se lance (installer sans rien changer).
2)Lance le programme,va dans l'onlet « mise à jour » puis clique «  recherche de mise à jour ».
3)Va dans l'onglet « recherche » puis cocher « Exécuter un exament complet » >>clique « rechercher » puis lancer l'examen.
4)A la fin du scan ,si il y a des infections clique « afficher résultat ».
5)fermer toutes les autres applications en cours.
6)Vérifier si tout est coché et clic « Supprimer la sélection ».

7)Un rapport dans le bloc notes s'ouvre copier-coller dans la réponse

II)Analyse de ton ordinateur avec le logiciel Hijackthis:


http://images.malwareremoval.com/random/RSIT.exe

Télécharger le et enregistre le sut ton bureau

1)Double-clique sur RSIT.exe pour lancer le programme
2)clique sur continue à l'écran disclaimer
3)Le logiciel te demandera l'acces a ton pare feu puis tu devra accepter la license...
4)
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
(Les rapports sont sauvegardés dans le dossier C:\rsit)
19 Décembre 2008 22:41:15

I)Détection des bestioles avec Malwarebyte's Anti-Malware

VOilà le rapport :

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1522
Windows 6.0.6000

19/12/2008 22:30:43
mbam-log-2008-12-19 (22-30-43).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 189157
Temps écoulé: 1 hour(s), 11 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Belinda\Local Settings\Application Data\omycy_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Belinda\Local Settings\Application Data\omycy_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Belinda\Local Settings\Application Data\omycy.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Belinda\Local Settings\Application Data\omycy.exe (Adware.Navipromo.H) -> Delete on reboot.

II) Analyse de l'ordinateur avec Hijackthis :

Rapport log.txt :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Belinda at 2008-12-19 22:38:35
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 253 GB (75%) free of 336 GB
Total RAM: 3070 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:38:36, on 19/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Windows\RtHDVCpl.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Belinda\AppData\Local\omycy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Belinda\Desktop\RSIT.exe
C:\Program Files\trend micro\Belinda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [dvdtool] "C:\ProgramData\MESS START START.qaz03br"
O4 - HKCU\..\Run: [dog about manager team] "C:\ProgramData\AUDIO FLAG CAKE.uun170d"
O4 - HKCU\..\Run: [omycy] "c:\users\belinda\appdata\local\omycy.exe" omycy
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 16280 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-01-11 96936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-04-07 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-12-12 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-01-11 607888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-12-12 2436160]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-01 1006264]
"SystrayORAHSS"=C:\Program Files\Orange HSS\Systray\SystrayApp.exe [2007-07-24 94208]
"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
"CCUTRAYICON"=FactoryMode []
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-09 115816]
"ORAHSSSessionManager"=C:\Program Files\Orange HSS\SessionManager\SessionManager.exe [2007-07-24 102400]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe [2007-09-26 492912]
"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-10-17 590848]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"EoEngine"= []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2008-12-03 1265296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-09 1232896]
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"dvdtool"=C:\ProgramData\MESS START START.qaz03br [2008-12-17 40976]
"dog about manager team"=C:\ProgramData\AUDIO FLAG CAKE.uun170d [2008-12-17 376848]
"omycy"=c:\users\belinda\appdata\local\omycy.exe [2008-12-18 237568]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de notification Live Search.lnk - C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgwlntf]
C:\Windows\system32\avgwlntf.dll [2007-12-13 9216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-12-19 22:32:31 ----D---- C:\rsit
2008-12-19 22:32:31 ----D---- C:\Program Files\trend micro
2008-12-19 22:30:55 ----A---- C:\Program Files\djgedlg.txt
2008-12-19 21:15:27 ----D---- C:\Users\Belinda\AppData\Roaming\Malwarebytes
2008-12-19 21:15:22 ----D---- C:\ProgramData\Malwarebytes
2008-12-19 21:15:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-19 17:06:04 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-12-19 17:06:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-19 14:41:23 ----A---- C:\Windows\system32\aswBoot.exe
2008-12-19 14:41:14 ----D---- C:\Program Files\Alwil Software
2008-12-19 14:36:28 ----D---- C:\ProgramData\Yahoo! Companion
2008-12-19 14:28:52 ----D---- C:\Program Files\Yahoo!
2008-12-19 14:28:46 ----D---- C:\Program Files\CCleaner
2008-12-19 14:17:09 ----D---- C:\Program Files\Bonjour
2008-12-18 22:08:48 ----A---- C:\Windows\system32\mshtml.dll
2008-12-18 18:51:14 ----D---- C:\ProgramData\Fighters
2008-12-18 18:51:14 ----D---- C:\Program Files\Fighters
2008-12-18 18:50:02 ----A---- C:\Users\Belinda\AppData\Roaming\install.txt
2008-12-17 14:49:27 ----D---- C:\ProgramData\Drv Audio Dog About
2008-12-17 14:49:09 ----D---- C:\ProgramData\memo4deaf
2008-12-17 14:28:20 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:27:11 ----D---- C:\Program Files\Microsoft Sync Framework
2008-12-17 14:25:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 14:23:30 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-12-17 14:20:59 ----D---- C:\Program Files\Microsoft
2008-12-17 14:20:36 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:10:47 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-12 11:18:16 ----A---- C:\Windows\system32\dns-sd.exe
2008-12-12 11:11:46 ----A---- C:\Windows\system32\dnssd.dll
2008-12-11 20:51:13 ----D---- C:\Users\Belinda\AppData\Roaming\Roxio
2008-12-11 18:09:26 ----D---- C:\Program Files\Cheat Engine
2008-12-11 16:56:32 ----A---- C:\Windows\system32\tzres.dll
2008-12-11 11:48:16 ----A---- C:\Windows\system32\gdi32.dll
2008-12-11 11:48:11 ----A---- C:\Windows\system32\gameux.dll
2008-12-11 11:48:10 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-11 11:48:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-11 11:48:00 ----A---- C:\Windows\system32\urlmon.dll
2008-12-11 11:47:59 ----A---- C:\Windows\system32\ieframe.dll
2008-12-11 11:47:58 ----A---- C:\Windows\system32\wininet.dll
2008-12-11 11:47:58 ----A---- C:\Windows\system32\mshtmled.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\mstime.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\ieui.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\iesetup.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\iernonce.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\ieapfltr.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\ie4uinit.exe
2008-12-11 11:47:57 ----A---- C:\Windows\system32\dxtrans.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\advpack.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\pngfilt.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\ieUnatt.exe
2008-12-11 11:47:56 ----A---- C:\Windows\system32\iertutil.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\icardie.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\dxtmsft.dll
2008-12-11 11:47:50 ----A---- C:\Windows\explorer.exe
2008-12-11 11:47:44 ----A---- C:\Windows\system32\shell32.dll
2008-12-11 11:47:27 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-11 11:47:27 ----A---- C:\Windows\system32\mf.dll
2008-12-11 11:47:26 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-11 11:47:26 ----A---- C:\Windows\system32\rrinstaller.exe
2008-12-11 11:47:26 ----A---- C:\Windows\system32\logagent.exe
2008-12-11 11:47:25 ----A---- C:\Windows\system32\mfps.dll
2008-12-11 11:47:25 ----A---- C:\Windows\system32\mfpmp.exe
2008-12-11 11:47:25 ----A---- C:\Windows\system32\mferror.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wups2.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wucltux.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-04 18:09:31 ----A---- C:\Windows\system32\wups.dll
2008-12-04 18:09:31 ----A---- C:\Windows\system32\wudriver.dll
2008-12-04 18:09:31 ----A---- C:\Windows\system32\wuapi.dll
2008-12-04 18:09:22 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-04 18:09:22 ----A---- C:\Windows\system32\wuapp.exe
2008-12-02 22:37:20 ----A---- C:\Windows\system32\sirenacm.dll
2008-11-26 13:10:29 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-11-26 13:10:29 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-11-26 13:10:29 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 13:10:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 13:10:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 13:10:28 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 13:10:26 ----A---- C:\Windows\system32\connect.dll
2008-11-24 19:12:57 ----D---- C:\Program Files\Babylon
2008-11-24 19:11:40 ----D---- C:\Users\Belinda\AppData\Roaming\EoRezo
2008-11-22 11:26:50 ----D---- C:\Program Files\QuickTime
2008-11-20 15:25:33 ----A---- C:\Windows\system32\xinput1_1.dll
2008-11-20 15:25:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-11-20 15:25:32 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-11-20 15:25:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-11-20 15:25:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-11-20 15:25:08 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-11-20 15:25:06 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-11-20 15:25:06 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-11-20 15:25:05 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-11-20 15:25:03 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-11-20 15:25:01 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-11-20 15:24:59 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-11-20 15:22:48 ----D---- C:\Program Files\TmNationsForever

======List of files/folders modified in the last 1 months======

2008-12-19 22:38:29 ----D---- C:\Windows\Temp
2008-12-19 22:32:31 ----RD---- C:\Program Files
2008-12-19 22:30:55 ----D---- C:\Windows\system32\drivers
2008-12-19 21:15:22 ----HD---- C:\ProgramData
2008-12-19 20:57:23 ----SD---- C:\Windows\Downloaded Program Files
2008-12-19 20:08:24 ----D---- C:\Windows
2008-12-19 20:08:23 ----HD---- C:\Config.Msi
2008-12-19 18:11:20 ----D---- C:\ProgramData\TrackMania
2008-12-19 15:42:59 ----D---- C:\Program Files\Circle Developement
2008-12-19 14:56:34 ----SHD---- C:\System Volume Information
2008-12-19 14:41:40 ----D---- C:\Windows\System32
2008-12-19 14:41:38 ----SHD---- C:\Windows\Installer
2008-12-19 14:39:12 ----D---- C:\Program Files\LimeWire
2008-12-19 14:38:56 ----SD---- C:\Users\Belinda\AppData\Roaming\Microsoft
2008-12-19 14:38:22 ----D---- C:\ProgramData\eMule
2008-12-19 14:34:13 ----D---- C:\Windows\Minidump
2008-12-19 14:34:13 ----D---- C:\Windows\Debug
2008-12-19 14:29:01 ----D---- C:\Windows\Prefetch
2008-12-19 08:10:41 ----D---- C:\Program Files\Steam
2008-12-19 08:09:24 ----D---- C:\Program Files\CamStudio
2008-12-19 08:01:18 ----D---- C:\Users\Belinda\AppData\Roaming\AVG7
2008-12-18 22:09:29 ----D---- C:\Windows\winsxs
2008-12-18 22:08:59 ----D---- C:\Windows\system32\catroot
2008-12-18 19:21:42 ----D---- C:\Windows\SMINST
2008-12-18 19:16:58 ----AD---- C:\ProgramData\TEMP
2008-12-18 18:57:44 ----D---- C:\Windows\system32\Tasks
2008-12-18 18:43:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-18 18:43:27 ----D---- C:\Windows\inf
2008-12-18 17:54:10 ----D---- C:\Windows\system32\catroot2
2008-12-17 15:20:00 ----RSD---- C:\Windows\assembly
2008-12-17 15:20:00 ----D---- C:\Windows\Microsoft.NET
2008-12-17 15:12:06 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-17 14:27:59 ----DC---- C:\Windows\system32\DRVSTORE
2008-12-17 14:27:59 ----D---- C:\Program Files\Windows Live
2008-12-17 14:27:36 ----D---- C:\Windows\Tasks
2008-12-17 14:27:03 ----SD---- C:\ProgramData\Microsoft
2008-12-17 14:22:10 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 14:20:47 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 14:10:47 ----D---- C:\Program Files\Common Files
2008-12-12 18:00:00 ----D---- C:\Program Files\Norton Security Scan
2008-12-12 10:48:33 ----D---- C:\Users\Belinda\AppData\Roaming\Skype
2008-12-11 20:51:18 ----D---- C:\ProgramData\Sonic
2008-12-11 17:04:17 ----ASH---- C:\Program Files\desktop.ini
2008-12-11 17:02:54 ----D---- C:\Windows\AppPatch
2008-12-11 17:02:54 ----D---- C:\Program Files\Windows Mail
2008-12-11 17:02:53 ----D---- C:\Windows\system32\fr-FR
2008-12-11 17:02:52 ----D---- C:\Windows\system32\migration
2008-12-11 17:02:52 ----D---- C:\Program Files\Internet Explorer
2008-12-11 17:00:16 ----D---- C:\ProgramData\Microsoft Help
2008-12-10 18:44:05 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe
2008-11-29 11:12:24 ----D---- C:\Program Files\Safari
2008-11-26 19:28:41 ----RHD---- C:\$VAULT$.AVG
2008-11-22 11:29:13 ----D---- C:\Program Files\iTunes
2008-11-22 11:28:43 ----D---- C:\Program Files\Common Files\Apple
2008-11-20 14:59:50 ----D---- C:\Program Files\Common Files\Steam

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 AvgClean;AVG7 Clean Driver; C:\Windows\System32\Drivers\avgclean.sys [2007-12-21 10760]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver; C:\Windows\System32\Drivers\avgmfx86.sys [2007-12-21 26952]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-09-14 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20071212.002\IDSvix86.sys [2007-12-04 180272]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2007-01-09 191544]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-10 2769408]
R3 AvgWFP;AVG7 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfp.sys [2008-03-13 53768]
R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
R3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-14 99376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2007-01-09 12984]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-09-01 115000]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2007-01-09 145976]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2007-01-09 40120]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2007-01-09 38200]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2007-01-09 27576]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\NEXON\EuropeMapleStory\npkcrypt.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 ZSMC211;ZSMC USB PC Camera (ZS0211); C:\Windows\System32\Drivers\ZS211.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-07-10 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2007-12-13 418816]
R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-12-13 49664]
R2 AvgCoreSvc;AVG7 Resident Shield Service; C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe [2007-12-13 192512]
R2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2007-12-21 406528]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-07-31 65536]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-04 47712]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-12-06 1252232]
S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
S3 AlertService;Intel(R) Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]
S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-12 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ISPwdSvc;Symantec IS Password Validation; c:\Program Files\Norton Internet Security\isPwdSvc.exe [2007-01-13 80504]
S3 ISSM;Intel(R) Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 M1 Server;Intel(R) Viiv(TM) Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-08-31 26624]
S3 MCLServiceATL;Intel(R) Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 Remote UI Service;Intel(R) Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-19 104944]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2006-11-02 22016]

-----------------EOF-----------------



Rapport info.txt :

info.txt logfile of random's system information tool 1.05 2008-12-19 22:32:48

======Uninstall list======

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
AC Tool-->C:\PROGRA~1\ACTOOL~1\UNWISE.EXE C:\PROGRA~1\ACTOOL~1\INSTALL.LOG
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
ccc-Branding-->MsiExec.exe /I{4F027497-15AE-4DE5-B3BC-8E721C6127DE}
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Dofus 1.25.0-->C:\Program Files\Dofus\uninstall.exe
EA.com Matchup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe" -l0x0 Uninstall
EA.com Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe" -l0x0 Uninstall
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\setup\hpzscr01.exe -datfile hposcr21.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logiciel Intel® Viiv™-->MsiExec.exe /X{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B} /qb!
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{14AF024E-2E3B-49D0-A175-D1C1A06B155A}\setup.exe -runfromtemp -l0x040c -removeonly
Navigateur Orange-->C:\Program Files\Orange HSS\Uninstall\Browser\Shell.exe MainUninstall.shl
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_2_0_30\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Protection Center-->MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\NSSSetup\{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}
OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
Orange -->C:\Program Files\Orange\GLOBAL\Mnu\uninst.exe /G:{80CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11}
Orange - Logiciels Internet-->C:\Program Files\Orange HSS\installation\core\Installgui.exe -u
Orange Les offres Internet-->C:\Program Files\Orange\GLOBAL\Sung\uninst.exe /G:{90CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u
Spider-Man (tm) Movie-->C:\PROGRA~1\ACTIVI~1\SPIDER~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\ACTIVI~1\SPIDER~1\UNINST~1\INSTALL.LOG
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Version de démonstration de Microsoft Office Home and Student 2007-->c:\hp\bin\MSOffice\uninst2.cmd
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Contrôle parental-->MsiExec.exe /X{EB8BAA0D-11EF-4EDC-A960-2AB7CA8F53F0}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Toolbar-->MsiExec.exe /X{915809D6-1F93-45F2-9699-5F1DA64DC24B}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Hosts File======

127.0.0.1 localhost
::1 localhost
91.121.124.125 eu.logon.worldofwarcraft.com

======Security center information======

AV: AVG 7.5.552
AV: avast! antivirus 4.8.1296 [VPS 081218-0]
AV: Norton Internet Security (disabled) (outdated)
FW: Norton Internet Security
AS: Spyware Doctor (disabled)
AS: Windows Defender
AS: Norton Internet Security (outdated)
AS: avast! antivirus 4.8.1296 [VPS 081218-0]

System event log

Computer Name: Family
Event Code: 7036
Message: Le service Symantec Core LC est entré dans l'état : en cours d'exécution.
Record Number: 145777
Source Name: Service Control Manager
Time Written: 20081219192444.000000-000
Event Type: Information
User:

Computer Name: Family
Event Code: 7036
Message: Le service Programme d’installation de modules Windows est entré dans l'état : arrêté.
Record Number: 145778
Source Name: Service Control Manager
Time Written: 20081219193343.000000-000
Event Type: Information
User:

Computer Name: Family
Event Code: 7036
Message: Le service Informations d'application est entré dans l'état : en cours d'exécution.
Record Number: 145779
Source Name: Service Control Manager
Time Written: 20081219194440.000000-000
Event Type: Information
User:

Computer Name: Family
Event Code: 4227
Message: TCP/IP n’a pas pu établir une connexion sortante car le point de terminaison local sélectionné a été récemment utilisé pour se connecter au même point de terminaison distant. Cette erreur se produit généralement lorsque les connexions sortantes sont ouvertes et fermées à un débit élevé, provoquant l’utilisation de tous les ports locaux disponibles et obligeant TCP/IP à réutiliser un port local pour une connexion sortante. Pour réduire le risque d’altération des données, la norme TCP/IP exige qu’un laps de temps minimal s’écoule entre des connexions
Contenus similaires
19 Décembre 2008 22:54:38

re

Télécharge sur ton bureau

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe


1)double-clic dessus pour l'installer et le lancer
Quand il sera installé
Avec vista clic droit "éxécuter en tant qu'administrateur".
2)Taper « F »
3) Appuyer sur une touche jusqu'à arriver aux options
4) Choisit « option 1 » ( = tape 1 )
ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes
5)un rapport : fixnavi.txt dans C:\
6) le copier/coller dans la réponse

J'analyse ton rapport hijackthis à demain!
19 Décembre 2008 23:27:57

poste pour suivre
20 Décembre 2008 12:13:55

Rapport fixnavi.txt :

Search Navipromo version 3.7.0 commencé le 20/12/2008 à 11:11:42,75

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Belinda ( Not Administrator ! )
BOOT : Normal boot

Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Activated)

C:\ (Local Disk) - NTFS - Total:327 Go (Free:246 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\users\belinda\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\Belinda\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\Giorgio\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\Richard\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\Belinda\AppData\Roaming" ***


*** Recherche dossiers dans "C:\Users\Edouard\appdata\roaming" ***


*** Recherche dossiers dans "C:\Users\Giorgio\appdata\roaming" ***


*** Recherche dossiers dans "C:\Users\IUSR_N~1\appdata\roaming" ***


*** Recherche dossiers dans "C:\Users\Richard\appdata\roaming" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\Belinda\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\Belinda\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\Belinda\AppData\Local" *

* Recherche dans "C:\Users\Edouard\AppData\Local" *

* Recherche dans "C:\Users\Giorgio\AppData\Local" *

* Recherche dans "C:\Users\IUSR_N~1\AppData\Local" *

* Recherche dans "C:\Users\Richard\AppData\Local" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"omycy"="\"c:\\users\\belinda\\appdata\\local\\omycy.exe\" omycy"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\Belinda\AppData\Local\Microsoft" :


* Dans "C:\Users\Belinda\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\Belinda\AppData\Local" :


* Dans "C:\Users\Edouard\AppData\Local" :


* Dans "C:\Users\Giorgio\AppData\Local" :


* Dans "C:\Users\IUSR_N~1\AppData\Local" :


* Dans "C:\Users\Richard\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :


C:\ProgramData\MESS START START.h2wns trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\MESS START START.tujjgd trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\AUDIO FLAG CAKE.uun170d trouvé ! Infection Lop possible non traitée par cet outil !

C:\ProgramData\MESS START START.qaz03br trouvé ! Infection Lop possible non traitée par cet outil !


*** Analyse terminée le 20/12/2008 à 11:47:00,48 ***
20 Décembre 2008 12:31:56


II)lance navilog

1)Cette fois choisis l'option 2 (tape 2)
2)Copie colle le rapport stp
20 Décembre 2008 13:44:28

Voici le rapport cleannavi :

Clean Navipromo version 3.7.0 commencé le 20/12/2008 à 13:34:17,81

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Belinda ( Not Administrator ! )
BOOT : Normal boot

Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Activated)

C:\ (Local Disk) - NTFS - Total:327 Go (Free:247 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\Windows\System32" *


* Suppression dans "C:\Users\Belinda\AppData\Local\Microsoft" *


* Suppression dans "C:\Users\Belinda\AppData\Local\virtualstore\windows\system32" *


* Suppression dans "C:\Users\Belinda\AppData\Local" *


* Suppression dans "C:\Users\Edouard\AppData\Local" *


* Suppression dans "C:\Users\Giorgio\AppData\Local" *


* Suppression dans "C:\Users\IUSR_N~1\AppData\Local" *


* Suppression dans "C:\Users\Richard\AppData\Local" *



*** Suppression dossiers dans "C:\Windows" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Suppression dossiers dans "C:\ProgramData" ***


*** Suppression dossiers dans c:\users\belinda\appdata\roaming\micros~1\windows\startm~1\programs ***


*** Suppression dossiers dans "C:\Users\Edouard\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans "C:\Users\Giorgio\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans "C:\Users\IUSR_N~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans "C:\Users\Richard\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Suppression dossiers dans "C:\Users\Belinda\AppData\Local\virtualstore\Program Files" ***


*** Suppression dossiers dans "C:\Users\Giorgio\AppData\Local\virtualstore\Program Files" ***


*** Suppression dossiers dans "C:\Users\Richard\AppData\Local\virtualstore\Program Files" ***


*** Suppression dossiers dans "C:\Users\Belinda\AppData\Roaming" ***


*** Suppression dossiers dans "C:\Users\Edouard\appdata\roaming" ***


*** Suppression dossiers dans "C:\Users\Giorgio\appdata\roaming" ***


*** Suppression dossiers dans "C:\Users\IUSR_N~1\appdata\roaming" ***


*** Suppression dossiers dans "C:\Users\Richard\appdata\roaming" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\Belinda\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\Windows\system32" *



* Dans "C:\Users\Belinda\AppData\Local\Microsoft" *



* Dans "C:\Users\Belinda\AppData\Local\virtualstore\windows\system32" *



* Dans "C:\Users\Belinda\AppData\Local" *



* Dans "C:\Users\Edouard\AppData\Local" *



* Dans "C:\Users\Giorgio\AppData\Local" *



* Dans "C:\Users\IUSR_N~1\AppData\Local" *



* Dans "C:\Users\Richard\AppData\Local" *



*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !


*** Recherche autres dossiers et fichiers connus ***

C:\ProgramData\MESS START START.h2wns trouvé ! Infection Lop possible non traitée par cet outil !
C:\ProgramData\MESS START START.tujjgd trouvé ! Infection Lop possible non traitée par cet outil !
C:\ProgramData\AUDIO FLAG CAKE.uun170d trouvé ! Infection Lop possible non traitée par cet outil !
C:\ProgramData\MESS START START.qaz03br trouvé ! Infection Lop possible non traitée par cet outil !


*** Nettoyage terminé le 20/12/2008 à 13:40:15,64 ***

20 Décembre 2008 17:39:14

ree , il te reste encore une infection lop !

I)Nettoyage avec Lop S&D :

1)Télécharge et enregistre sur ton bureau Lop

http://eric.71.mespages.googlepages.com/LopSD.exe

Suit ce tutoriel mais ne lance pas l'option 2 fait uniquement l'option 1 et poste moi le rapport stp
20 Décembre 2008 18:04:06

Voici le rapport lopR :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Belinda ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:327 Go (Free:246 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 20/12/2008|18:02 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[14/12/2007|21:38] C:\Users\Belinda\AppData\Local\Adobe
[22/12/2007|20:46] C:\Users\Belinda\AppData\Local\Apple
[30/03/2008|15:37] C:\Users\Belinda\AppData\Local\Apple Computer
[02/12/2007|13:23] C:\Users\Belinda\AppData\Local\Application Data
[02/12/2007|13:28] C:\Users\Belinda\AppData\Local\ATI
[12/12/2008|22:13] C:\Users\Belinda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[12/12/2007|21:17] C:\Users\Belinda\AppData\Local\GDIPFONTCACHEV1.DAT
[02/12/2007|13:31] C:\Users\Belinda\AppData\Local\Google
[02/12/2007|13:28] C:\Users\Belinda\AppData\Local\Hewlett-Packard
[02/12/2007|13:23] C:\Users\Belinda\AppData\Local\Historique
[20/12/2008|15:30] C:\Users\Belinda\AppData\Local\IconCache.db
[20/12/2008|13:40] C:\Users\Belinda\AppData\Local\Microsoft
[12/12/2007|21:17] C:\Users\Belinda\AppData\Local\Microsoft Games
[02/12/2007|15:35] C:\Users\Belinda\AppData\Local\Microsoft Help
[10/01/2008|19:14] C:\Users\Belinda\AppData\Local\Shareaza
[12/01/2008|16:12] C:\Users\Belinda\AppData\Local\Steam
[20/12/2008|18:02] C:\Users\Belinda\AppData\Local\Temp
[02/12/2007|13:23] C:\Users\Belinda\AppData\Local\Temporary Internet Files
[12/01/2008|16:02] C:\Users\Belinda\AppData\Local\VirtualStore
[19/12/2008|20:22] C:\Users\Belinda\AppData\Local\xpika.bat

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[20/12/2008 17:58][--ah-----] C:\Windows\tasks\SA.DAT
[20/12/2008 17:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[17/10/2008|20:01] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[23/02/2008|11:54] C:\ProgramData\Adobe
[22/12/2007|20:45] C:\ProgramData\Apple
[13/09/2008|11:24] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[01/09/2007|06:27] C:\ProgramData\ATI
[17/12/2008|15:13] C:\ProgramData\AUDIO FLAG CAKE.uun170d
[14/12/2007|08:32] C:\ProgramData\avg7
[02/12/2007|13:19] C:\ProgramData\Bureau
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[17/12/2008|15:13] C:\ProgramData\Drv Audio Dog About
[19/12/2008|14:38] C:\ProgramData\eMule
[02/12/2007|13:19] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/12/2008|18:51] C:\ProgramData\Fighters
[01/09/2007|06:43] C:\ProgramData\Google
[13/12/2007|20:18] C:\ProgramData\Grisoft
[13/12/2007|19:54] C:\ProgramData\Hewlett-Packard
[13/12/2007|20:06] C:\ProgramData\HP
[13/12/2007|19:53] C:\ProgramData\HP Product Assistant
[25/08/2008|10:02] C:\ProgramData\hpzinstall.log
[01/09/2007|06:24] C:\ProgramData\Intel
[19/12/2008|21:15] C:\ProgramData\Malwarebytes
[17/12/2008|15:13] C:\ProgramData\memo4deaf
[02/12/2007|13:19] C:\ProgramData\Menu D‚marrer
[17/12/2008|14:49] C:\ProgramData\MESS START START.h2wns
[17/12/2008|15:12] C:\ProgramData\MESS START START.qaz03br
[17/12/2008|15:12] C:\ProgramData\MESS START START.tujjgd
[09/11/2008|16:31] C:\ProgramData\Messenger Plus!
[17/12/2008|14:27] C:\ProgramData\Microsoft
[11/12/2008|17:00] C:\ProgramData\Microsoft Help
[02/12/2007|13:19] C:\ProgramData\ModŠles
[01/09/2007|06:35] C:\ProgramData\muvee Technologies
[01/09/2007|06:40] C:\ProgramData\PC-Doctor
[01/09/2007|06:33] C:\ProgramData\Roxio
[11/02/2008|18:04] C:\ProgramData\Skype
[11/12/2008|20:51] C:\ProgramData\Sonic
[03/09/2008|15:53] C:\ProgramData\SonicStage
[03/09/2008|15:53] C:\ProgramData\Sony Corporation
[19/12/2008|20:22] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[04/01/2008|10:23] C:\ProgramData\Symantec
[18/12/2008|19:16] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[19/12/2008|18:11] C:\ProgramData\TrackMania
[13/12/2007|20:04] C:\ProgramData\WEBREG
[23/05/2008|21:24] C:\ProgramData\WLInstaller
[19/12/2008|14:36] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[04/07/2008|20:44] C:\Program Files\AC Tool
[15/10/2008|11:38] C:\Program Files\Activision
[15/10/2008|12:01] C:\Program Files\Adobe
[19/12/2008|14:41] C:\Program Files\Alwil Software
[24/10/2008|19:52] C:\Program Files\Apple Software Update
[01/09/2007|06:21] C:\Program Files\ATI
[01/09/2007|06:22] C:\Program Files\ATI Technologies
[24/11/2008|19:21] C:\Program Files\Babylon
[19/12/2008|14:17] C:\Program Files\Bonjour
[02/12/2007|15:33] C:\Program Files\BoontyGames
[19/12/2008|08:09] C:\Program Files\CamStudio
[19/12/2008|14:29] C:\Program Files\CCleaner
[18/12/2008|18:59] C:\Program Files\Cheat Engine
[19/12/2008|15:42] C:\Program Files\Circle Developement
[17/12/2008|14:10] C:\Program Files\Common Files
[15/10/2008|12:01] C:\Program Files\directx
[20/12/2008|11:45] C:\Program Files\Dofus
[05/01/2008|16:31] C:\Program Files\Dofus-Arena beta 2
[02/12/2007|15:53] C:\Program Files\EACOM
[01/09/2007|15:37] C:\Program Files\EasyBits
[02/12/2007|13:19] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[19/12/2008|14:41] C:\Program Files\Fighters
[13/12/2007|08:31] C:\Program Files\Google
[13/12/2007|20:18] C:\Program Files\Grisoft
[01/09/2007|06:41] C:\Program Files\Hewlett-Packard
[08/04/2008|19:18] C:\Program Files\HP
[03/09/2008|15:18] C:\Program Files\InstallShield Installation Information
[20/09/2008|12:14] C:\Program Files\Intel
[11/12/2008|17:02] C:\Program Files\Internet Explorer
[05/12/2007|19:28] C:\Program Files\Inventel
[13/09/2008|12:26] C:\Program Files\iPod
[22/11/2008|11:29] C:\Program Files\iTunes
[01/09/2007|06:36] C:\Program Files\Java
[19/12/2008|14:39] C:\Program Files\LimeWire
[19/12/2008|22:30] C:\Program Files\Malwarebytes' Anti-Malware
[17/12/2008|15:12] C:\Program Files\Messenger Plus! Live
[17/12/2008|14:28] C:\Program Files\Microsoft
[05/12/2007|21:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[02/12/2007|15:37] C:\Program Files\Microsoft Office
[17/12/2008|14:28] C:\Program Files\Microsoft Silverlight
[17/12/2008|14:23] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:27] C:\Program Files\Microsoft Sync Framework
[10/09/2008|16:47] C:\Program Files\Microsoft Works
[02/12/2007|15:37] C:\Program Files\Microsoft.NET
[01/09/2007|15:49] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[05/12/2007|21:27] C:\Program Files\MSXML 4.0
[01/09/2007|06:35] C:\Program Files\muvee Technologies
[20/12/2008|13:40] C:\Program Files\Navilog1
[29/12/2007|14:54] C:\Program Files\NEXON
[10/12/2007|18:26] C:\Program Files\Norton Internet Security
[12/12/2008|18:00] C:\Program Files\Norton Security Scan
[02/12/2007|13:27] C:\Program Files\Orange
[12/12/2007|21:23] C:\Program Files\Orange HSS
[12/12/2007|19:06] C:\Program Files\OrangeHSS
[01/09/2007|06:55] C:\Program Files\PC-Doctor 5 for Windows
[22/11/2008|11:27] C:\Program Files\QuickTime
[08/04/2008|19:17] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[01/09/2007|06:34] C:\Program Files\Roxio
[29/11/2008|11:12] C:\Program Files\Safari
[12/12/2007|21:18] C:\Program Files\SAGEM
[17/07/2008|19:20] C:\Program Files\Samsung
[12/12/2007|21:17] C:\Program Files\Securitoo
[01/09/2007|06:43] C:\Program Files\Services en ligne
[11/02/2008|18:04] C:\Program Files\Skype
[03/09/2008|15:18] C:\Program Files\Sony
[19/12/2008|20:08] C:\Program Files\Spybot - Search & Destroy
[19/12/2008|08:10] C:\Program Files\Steam
[01/09/2007|06:46] C:\Program Files\Symantec
[20/11/2008|15:24] C:\Program Files\TmNationsForever
[19/12/2008|22:38] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[12/11/2008|17:02] C:\Program Files\Wakfu
[05/12/2007|13:21] C:\Program Files\Wanadoo
[07/12/2007|12:30] C:\Program Files\Windows Calendar
[01/09/2007|15:49] C:\Program Files\Windows Collaboration
[01/09/2007|15:56] C:\Program Files\Windows Defender
[01/09/2007|15:49] C:\Program Files\Windows Journal
[17/12/2008|14:27] C:\Program Files\Windows Live
[18/12/2007|17:44] C:\Program Files\Windows Live Safety Center
[17/12/2008|14:20] C:\Program Files\Windows Live SkyDrive
[11/12/2008|17:02] C:\Program Files\Windows Mail
[07/12/2007|12:29] C:\Program Files\Windows Media Player
[02/12/2007|13:19] C:\Program Files\Windows NT
[01/09/2007|15:49] C:\Program Files\Windows Photo Gallery
[09/01/2008|15:52] C:\Program Files\Windows Sidebar
[23/02/2008|17:43] C:\Program Files\World Of Warcraft
[19/12/2008|14:28] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[15/10/2008|12:01] C:\Program Files\Common Files\Adobe
[22/11/2008|11:28] C:\Program Files\Common Files\Apple
[24/02/2008|11:42] C:\Program Files\Common Files\Blizzard Entertainment
[02/12/2007|15:37] C:\Program Files\Common Files\DESIGNER
[05/12/2007|19:38] C:\Program Files\Common Files\France Telecom
[13/12/2007|19:52] C:\Program Files\Common Files\Hewlett-Packard
[01/09/2007|06:27] C:\Program Files\Common Files\HP
[06/04/2008|17:42] C:\Program Files\Common Files\INCA Shared
[02/12/2007|15:52] C:\Program Files\Common Files\InstallShield
[01/09/2007|06:24] C:\Program Files\Common Files\Intel
[01/09/2007|06:36] C:\Program Files\Common Files\Java
[01/09/2007|06:34] C:\Program Files\Common Files\LightScribe
[01/09/2007|06:34] C:\Program Files\Common Files\LS Getting Started
[17/12/2008|14:20] C:\Program Files\Common Files\microsoft shared
[01/09/2007|06:35] C:\Program Files\Common Files\muvee Technologies
[01/09/2007|06:34] C:\Program Files\Common Files\PX Storage Engine
[01/09/2007|06:33] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[11/02/2008|18:04] C:\Program Files\Common Files\Skype
[01/09/2007|06:33] C:\Program Files\Common Files\Sonic Shared
[03/09/2008|15:17] C:\Program Files\Common Files\Sony Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[20/11/2008|14:59] C:\Program Files\Common Files\Steam
[01/09/2007|06:28] C:\Program Files\Common Files\SureThing Shared
[23/01/2008|18:31] C:\Program Files\Common Files\SWF Studio
[10/12/2008|18:44] C:\Program Files\Common Files\Symantec Shared
[01/09/2007|16:01] C:\Program Files\Common Files\System
[17/12/2008|14:10] C:\Program Files\Common Files\Windows Live
[05/12/2007|20:14] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 96 Processes )

iexplore.exe ~ [PID:3152]
iexplore.exe ~ [PID:3160]
iexplore.exe ~ [PID:4912]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\MESS START START.h2wns
C:\ProgramData\MESS START START.tujjgd
C:\ProgramData\AUDIO FLAG CAKE.uun170d
C:\ProgramData\MESS START START.qaz03br

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Drv Audio Dog About
C:\ProgramData\Drv Audio Dog About\proc tons.exe
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dvdtool"="\"C:\\ProgramData\\MESS START START.qaz03br\""
"dog about manager team"="\"C:\\ProgramData\\AUDIO FLAG CAKE.uun170d\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-20 18:02:36
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 14

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:36][D:7]-> C:\Users\Belinda\AppData\Local\Temp
[F:122][D:1]-> C:\Users\Belinda\AppData\Roaming\MICROS~1\Windows\Cookies
[F:163][D:5]-> C:\Users\Belinda\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:36][D:10]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 20/12/2008|18:03 - Option : [1]

--------------------\\ Fin du rapport a 18:03:37
[ UAC => 1 ]

20 Décembre 2008 19:11:48

lance l'option 2 maintenant :
20 Décembre 2008 20:30:07

Rapport option 2 :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Belinda ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:327 Go (Free:246 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 20/12/2008|20:25 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\Drv Audio Dog About\proc tons.exe
Supprime! - C:\ProgramData\MESS START START.h2wns
Supprime! - C:\ProgramData\MESS START START.tujjgd
Supprime! - C:\ProgramData\AUDIO FLAG CAKE.uun170d
Supprime! - C:\ProgramData\MESS START START.qaz03br
Supprime! - C:\ProgramData\Drv Audio Dog About
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[14/12/2007|21:38] C:\Users\Belinda\AppData\Local\Adobe
[22/12/2007|20:46] C:\Users\Belinda\AppData\Local\Apple
[30/03/2008|15:37] C:\Users\Belinda\AppData\Local\Apple Computer
[02/12/2007|13:23] C:\Users\Belinda\AppData\Local\Application Data
[02/12/2007|13:28] C:\Users\Belinda\AppData\Local\ATI
[12/12/2008|22:13] C:\Users\Belinda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[12/12/2007|21:17] C:\Users\Belinda\AppData\Local\GDIPFONTCACHEV1.DAT
[02/12/2007|13:31] C:\Users\Belinda\AppData\Local\Google
[02/12/2007|13:28] C:\Users\Belinda\AppData\Local\Hewlett-Packard
[02/12/2007|13:23] C:\Users\Belinda\AppData\Local\Historique
[20/12/2008|18:11] C:\Users\Belinda\AppData\Local\IconCache.db
[20/12/2008|13:40] C:\Users\Belinda\AppData\Local\Microsoft
[12/12/2007|21:17] C:\Users\Belinda\AppData\Local\Microsoft Games
[02/12/2007|15:35] C:\Users\Belinda\AppData\Local\Microsoft Help
[10/01/2008|19:14] C:\Users\Belinda\AppData\Local\Shareaza
[12/01/2008|16:12] C:\Users\Belinda\AppData\Local\Steam
[20/12/2008|20:25] C:\Users\Belinda\AppData\Local\Temp
[02/12/2007|13:23] C:\Users\Belinda\AppData\Local\Temporary Internet Files
[12/01/2008|16:02] C:\Users\Belinda\AppData\Local\VirtualStore
[19/12/2008|20:22] C:\Users\Belinda\AppData\Local\xpika.bat

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[20/12/2008 19:59][--ah-----] C:\Windows\tasks\SA.DAT
[20/12/2008 18:11][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[17/10/2008|20:01] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[23/02/2008|11:54] C:\ProgramData\Adobe
[22/12/2007|20:45] C:\ProgramData\Apple
[13/09/2008|11:24] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[01/09/2007|06:27] C:\ProgramData\ATI
[14/12/2007|08:32] C:\ProgramData\avg7
[02/12/2007|13:19] C:\ProgramData\Bureau
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[19/12/2008|14:38] C:\ProgramData\eMule
[02/12/2007|13:19] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/12/2008|18:51] C:\ProgramData\Fighters
[01/09/2007|06:43] C:\ProgramData\Google
[13/12/2007|20:18] C:\ProgramData\Grisoft
[13/12/2007|19:54] C:\ProgramData\Hewlett-Packard
[13/12/2007|20:06] C:\ProgramData\HP
[13/12/2007|19:53] C:\ProgramData\HP Product Assistant
[25/08/2008|10:02] C:\ProgramData\hpzinstall.log
[01/09/2007|06:24] C:\ProgramData\Intel
[19/12/2008|21:15] C:\ProgramData\Malwarebytes
[17/12/2008|15:13] C:\ProgramData\memo4deaf
[02/12/2007|13:19] C:\ProgramData\Menu D‚marrer
[09/11/2008|16:31] C:\ProgramData\Messenger Plus!
[17/12/2008|14:27] C:\ProgramData\Microsoft
[11/12/2008|17:00] C:\ProgramData\Microsoft Help
[02/12/2007|13:19] C:\ProgramData\ModŠles
[01/09/2007|06:35] C:\ProgramData\muvee Technologies
[01/09/2007|06:40] C:\ProgramData\PC-Doctor
[01/09/2007|06:33] C:\ProgramData\Roxio
[11/02/2008|18:04] C:\ProgramData\Skype
[11/12/2008|20:51] C:\ProgramData\Sonic
[03/09/2008|15:53] C:\ProgramData\SonicStage
[03/09/2008|15:53] C:\ProgramData\Sony Corporation
[19/12/2008|20:22] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[04/01/2008|10:23] C:\ProgramData\Symantec
[18/12/2008|19:16] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[19/12/2008|18:11] C:\ProgramData\TrackMania
[13/12/2007|20:04] C:\ProgramData\WEBREG
[23/05/2008|21:24] C:\ProgramData\WLInstaller
[19/12/2008|14:36] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[04/07/2008|20:44] C:\Program Files\AC Tool
[15/10/2008|11:38] C:\Program Files\Activision
[15/10/2008|12:01] C:\Program Files\Adobe
[19/12/2008|14:41] C:\Program Files\Alwil Software
[24/10/2008|19:52] C:\Program Files\Apple Software Update
[01/09/2007|06:21] C:\Program Files\ATI
[01/09/2007|06:22] C:\Program Files\ATI Technologies
[24/11/2008|19:21] C:\Program Files\Babylon
[19/12/2008|14:17] C:\Program Files\Bonjour
[02/12/2007|15:33] C:\Program Files\BoontyGames
[19/12/2008|08:09] C:\Program Files\CamStudio
[19/12/2008|14:29] C:\Program Files\CCleaner
[18/12/2008|18:59] C:\Program Files\Cheat Engine
[17/12/2008|14:10] C:\Program Files\Common Files
[15/10/2008|12:01] C:\Program Files\directx
[20/12/2008|11:45] C:\Program Files\Dofus
[05/01/2008|16:31] C:\Program Files\Dofus-Arena beta 2
[02/12/2007|15:53] C:\Program Files\EACOM
[01/09/2007|15:37] C:\Program Files\EasyBits
[02/12/2007|13:19] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[19/12/2008|14:41] C:\Program Files\Fighters
[13/12/2007|08:31] C:\Program Files\Google
[13/12/2007|20:18] C:\Program Files\Grisoft
[01/09/2007|06:41] C:\Program Files\Hewlett-Packard
[08/04/2008|19:18] C:\Program Files\HP
[03/09/2008|15:18] C:\Program Files\InstallShield Installation Information
[20/09/2008|12:14] C:\Program Files\Intel
[11/12/2008|17:02] C:\Program Files\Internet Explorer
[05/12/2007|19:28] C:\Program Files\Inventel
[13/09/2008|12:26] C:\Program Files\iPod
[22/11/2008|11:29] C:\Program Files\iTunes
[01/09/2007|06:36] C:\Program Files\Java
[19/12/2008|14:39] C:\Program Files\LimeWire
[19/12/2008|22:30] C:\Program Files\Malwarebytes' Anti-Malware
[17/12/2008|15:12] C:\Program Files\Messenger Plus! Live
[17/12/2008|14:28] C:\Program Files\Microsoft
[05/12/2007|21:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[02/12/2007|15:37] C:\Program Files\Microsoft Office
[17/12/2008|14:28] C:\Program Files\Microsoft Silverlight
[17/12/2008|14:23] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:27] C:\Program Files\Microsoft Sync Framework
[10/09/2008|16:47] C:\Program Files\Microsoft Works
[02/12/2007|15:37] C:\Program Files\Microsoft.NET
[01/09/2007|15:49] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[05/12/2007|21:27] C:\Program Files\MSXML 4.0
[01/09/2007|06:35] C:\Program Files\muvee Technologies
[20/12/2008|13:40] C:\Program Files\Navilog1
[29/12/2007|14:54] C:\Program Files\NEXON
[10/12/2007|18:26] C:\Program Files\Norton Internet Security
[12/12/2008|18:00] C:\Program Files\Norton Security Scan
[02/12/2007|13:27] C:\Program Files\Orange
[12/12/2007|21:23] C:\Program Files\Orange HSS
[12/12/2007|19:06] C:\Program Files\OrangeHSS
[01/09/2007|06:55] C:\Program Files\PC-Doctor 5 for Windows
[22/11/2008|11:27] C:\Program Files\QuickTime
[08/04/2008|19:17] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[01/09/2007|06:34] C:\Program Files\Roxio
[29/11/2008|11:12] C:\Program Files\Safari
[12/12/2007|21:18] C:\Program Files\SAGEM
[17/07/2008|19:20] C:\Program Files\Samsung
[12/12/2007|21:17] C:\Program Files\Securitoo
[01/09/2007|06:43] C:\Program Files\Services en ligne
[11/02/2008|18:04] C:\Program Files\Skype
[03/09/2008|15:18] C:\Program Files\Sony
[19/12/2008|20:08] C:\Program Files\Spybot - Search & Destroy
[19/12/2008|08:10] C:\Program Files\Steam
[01/09/2007|06:46] C:\Program Files\Symantec
[20/11/2008|15:24] C:\Program Files\TmNationsForever
[19/12/2008|22:38] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[12/11/2008|17:02] C:\Program Files\Wakfu
[05/12/2007|13:21] C:\Program Files\Wanadoo
[07/12/2007|12:30] C:\Program Files\Windows Calendar
[01/09/2007|15:49] C:\Program Files\Windows Collaboration
[01/09/2007|15:56] C:\Program Files\Windows Defender
[01/09/2007|15:49] C:\Program Files\Windows Journal
[17/12/2008|14:27] C:\Program Files\Windows Live
[18/12/2007|17:44] C:\Program Files\Windows Live Safety Center
[17/12/2008|14:20] C:\Program Files\Windows Live SkyDrive
[11/12/2008|17:02] C:\Program Files\Windows Mail
[07/12/2007|12:29] C:\Program Files\Windows Media Player
[02/12/2007|13:19] C:\Program Files\Windows NT
[01/09/2007|15:49] C:\Program Files\Windows Photo Gallery
[09/01/2008|15:52] C:\Program Files\Windows Sidebar
[23/02/2008|17:43] C:\Program Files\World Of Warcraft
[19/12/2008|14:28] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[15/10/2008|12:01] C:\Program Files\Common Files\Adobe
[22/11/2008|11:28] C:\Program Files\Common Files\Apple
[24/02/2008|11:42] C:\Program Files\Common Files\Blizzard Entertainment
[02/12/2007|15:37] C:\Program Files\Common Files\DESIGNER
[05/12/2007|19:38] C:\Program Files\Common Files\France Telecom
[13/12/2007|19:52] C:\Program Files\Common Files\Hewlett-Packard
[01/09/2007|06:27] C:\Program Files\Common Files\HP
[06/04/2008|17:42] C:\Program Files\Common Files\INCA Shared
[02/12/2007|15:52] C:\Program Files\Common Files\InstallShield
[01/09/2007|06:24] C:\Program Files\Common Files\Intel
[01/09/2007|06:36] C:\Program Files\Common Files\Java
[01/09/2007|06:34] C:\Program Files\Common Files\LightScribe
[01/09/2007|06:34] C:\Program Files\Common Files\LS Getting Started
[17/12/2008|14:20] C:\Program Files\Common Files\microsoft shared
[01/09/2007|06:35] C:\Program Files\Common Files\muvee Technologies
[01/09/2007|06:34] C:\Program Files\Common Files\PX Storage Engine
[01/09/2007|06:33] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[11/02/2008|18:04] C:\Program Files\Common Files\Skype
[01/09/2007|06:33] C:\Program Files\Common Files\Sonic Shared
[03/09/2008|15:17] C:\Program Files\Common Files\Sony Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[20/11/2008|14:59] C:\Program Files\Common Files\Steam
[01/09/2007|06:28] C:\Program Files\Common Files\SureThing Shared
[23/01/2008|18:31] C:\Program Files\Common Files\SWF Studio
[10/12/2008|18:44] C:\Program Files\Common Files\Symantec Shared
[01/09/2007|16:01] C:\Program Files\Common Files\System
[17/12/2008|14:10] C:\Program Files\Common Files\Windows Live
[05/12/2007|20:14] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 91 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-20 20:25:28
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 14

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:45][D:8]-> C:\Users\Belinda\AppData\Local\Temp
[F:129][D:1]-> C:\Users\Belinda\AppData\Roaming\MICROS~1\Windows\Cookies
[F:267][D:5]-> C:\Users\Belinda\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:36][D:10]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 20/12/2008|18:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 20/12/2008|20:26 - Option : [2]

--------------------\\ Fin du rapport a 20:26:26
[ UAC => 1 ]

22 Décembre 2008 12:07:48

Alors? Ca fait 2 jours que personne ne m'a répondu ='X
25 Décembre 2008 19:23:46

bonsoir :) 
ttoto38 aurait du terminer ton sujet...

pour tes problèmes de lenteur, je vois 3 antivirus dans le premier log hijackthis...

il n'en faut qu'un...
Lis: Conséquences de la multi-protection
Puis:
désinstaller -antivirus

et reposte un log hijackthis stp.
pour ta question en mp, je n'y peux rien, il fallait faire les sauvegardes au départ. :/ 

25 Décembre 2008 20:26:53

C'est vrai, J'avais Avast! (Que je vais garder), Avg 7.5 et Norton ( Offert avec l'ordinateur) ^^
J'ai donc désinstallé Norton et Avg 7.5. Je te mets tout de suite mon rapport Hijackthis, Merci beaucoup Sham_Rock
25 Décembre 2008 20:36:10

Voilà le rapport Hijackthis que tu m'as demandé. Je voulais te dire que je passe un Coup de CCleaner tous les jours pour supprimer les cookies qui squattent mon ordinateur :-P

log :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Belinda at 2008-12-25 20:34:21
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 255 GB (76%) free of 336 GB
Total RAM: 3070 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:25, on 25/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Windows\system32\schtasks.exe
C:\Windows\RtHDVCpl.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Belinda\Desktop\RSIT.exe
C:\Program Files\trend micro\Belinda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 13228 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-04-07 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-12-12 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-12-12 2436160]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-01 1006264]
"SystrayORAHSS"=C:\Program Files\Orange HSS\Systray\SystrayApp.exe [2007-07-24 94208]
"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
"CCUTRAYICON"=FactoryMode []
"ORAHSSSessionManager"=C:\Program Files\Orange HSS\SessionManager\SessionManager.exe [2007-07-24 102400]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"EoEngine"= []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-09 1232896]
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de notification Live Search.lnk - C:\Users\Belinda\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-12-20 18:02:26 ----A---- C:\lopR.txt
2008-12-20 18:02:14 ----D---- C:\Lop SD
2008-12-20 10:58:52 ----A---- C:\fixnavi.txt
2008-12-20 10:57:33 ----D---- C:\Program Files\Navilog1
2008-12-19 22:32:31 ----D---- C:\rsit
2008-12-19 22:32:31 ----D---- C:\Program Files\trend micro
2008-12-19 21:15:27 ----D---- C:\Users\Belinda\AppData\Roaming\Malwarebytes
2008-12-19 21:15:22 ----D---- C:\ProgramData\Malwarebytes
2008-12-19 21:15:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-19 17:06:04 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-12-19 17:06:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-19 14:41:23 ----A---- C:\Windows\system32\aswBoot.exe
2008-12-19 14:41:14 ----D---- C:\Program Files\Alwil Software
2008-12-19 14:36:28 ----D---- C:\ProgramData\Yahoo! Companion
2008-12-19 14:28:52 ----D---- C:\Program Files\Yahoo!
2008-12-19 14:28:46 ----D---- C:\Program Files\CCleaner
2008-12-19 14:17:09 ----D---- C:\Program Files\Bonjour
2008-12-18 22:08:48 ----A---- C:\Windows\system32\mshtml.dll
2008-12-18 18:51:14 ----D---- C:\ProgramData\Fighters
2008-12-18 18:51:14 ----D---- C:\Program Files\Fighters
2008-12-18 18:50:02 ----A---- C:\Users\Belinda\AppData\Roaming\install.txt
2008-12-17 14:49:09 ----D---- C:\ProgramData\memo4deaf
2008-12-17 14:28:20 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:27:11 ----D---- C:\Program Files\Microsoft Sync Framework
2008-12-17 14:25:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 14:23:30 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-12-17 14:20:59 ----D---- C:\Program Files\Microsoft
2008-12-17 14:20:36 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:10:47 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-12 11:18:16 ----A---- C:\Windows\system32\dns-sd.exe
2008-12-12 11:11:46 ----A---- C:\Windows\system32\dnssd.dll
2008-12-11 20:51:13 ----D---- C:\Users\Belinda\AppData\Roaming\Roxio
2008-12-11 18:09:26 ----D---- C:\Program Files\Cheat Engine
2008-12-11 16:56:32 ----A---- C:\Windows\system32\tzres.dll
2008-12-11 11:48:16 ----A---- C:\Windows\system32\gdi32.dll
2008-12-11 11:48:11 ----A---- C:\Windows\system32\gameux.dll
2008-12-11 11:48:10 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-11 11:48:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-11 11:48:00 ----A---- C:\Windows\system32\urlmon.dll
2008-12-11 11:47:59 ----A---- C:\Windows\system32\ieframe.dll
2008-12-11 11:47:58 ----A---- C:\Windows\system32\wininet.dll
2008-12-11 11:47:58 ----A---- C:\Windows\system32\mshtmled.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\mstime.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\ieui.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\iesetup.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\iernonce.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\ieapfltr.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\ie4uinit.exe
2008-12-11 11:47:57 ----A---- C:\Windows\system32\dxtrans.dll
2008-12-11 11:47:57 ----A---- C:\Windows\system32\advpack.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\pngfilt.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\ieUnatt.exe
2008-12-11 11:47:56 ----A---- C:\Windows\system32\iertutil.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\icardie.dll
2008-12-11 11:47:56 ----A---- C:\Windows\system32\dxtmsft.dll
2008-12-11 11:47:50 ----A---- C:\Windows\explorer.exe
2008-12-11 11:47:44 ----A---- C:\Windows\system32\shell32.dll
2008-12-11 11:47:27 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-11 11:47:27 ----A---- C:\Windows\system32\mf.dll
2008-12-11 11:47:26 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-11 11:47:26 ----A---- C:\Windows\system32\rrinstaller.exe
2008-12-11 11:47:26 ----A---- C:\Windows\system32\logagent.exe
2008-12-11 11:47:25 ----A---- C:\Windows\system32\mfps.dll
2008-12-11 11:47:25 ----A---- C:\Windows\system32\mfpmp.exe
2008-12-11 11:47:25 ----A---- C:\Windows\system32\mferror.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wups2.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wucltux.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-04 18:09:56 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-04 18:09:31 ----A---- C:\Windows\system32\wups.dll
2008-12-04 18:09:31 ----A---- C:\Windows\system32\wudriver.dll
2008-12-04 18:09:31 ----A---- C:\Windows\system32\wuapi.dll
2008-12-04 18:09:22 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-04 18:09:22 ----A---- C:\Windows\system32\wuapp.exe
2008-12-02 22:37:20 ----A---- C:\Windows\system32\sirenacm.dll
2008-11-26 13:10:29 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-11-26 13:10:29 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-11-26 13:10:29 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 13:10:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 13:10:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 13:10:28 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 13:10:26 ----A---- C:\Windows\system32\connect.dll

======List of files/folders modified in the last 1 months======

2008-12-25 20:34:25 ----D---- C:\Windows\Temp
2008-12-25 20:30:57 ----D---- C:\Windows\system32\drivers
2008-12-25 20:30:21 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-25 20:27:40 ----D---- C:\Windows
2008-12-25 20:27:27 ----SHD---- C:\Windows\Installer
2008-12-25 20:27:26 ----HD---- C:\Config.Msi
2008-12-25 20:27:25 ----RD---- C:\Program Files
2008-12-25 20:25:18 ----SHD---- C:\System Volume Information
2008-12-25 20:25:12 ----D---- C:\Windows\system32\catroot2
2008-12-25 20:25:05 ----SD---- C:\Users\Belinda\AppData\Roaming\Microsoft
2008-12-25 20:25:05 ----D---- C:\Windows\System32
2008-12-25 20:25:05 ----D---- C:\Windows\system
2008-12-25 20:25:04 ----D---- C:\ProgramData\avg7
2008-12-25 20:24:38 ----D---- C:\Users\Belinda\AppData\Roaming\AVG7
2008-12-25 20:24:36 ----HD---- C:\ProgramData
2008-12-25 20:17:52 ----D---- C:\ProgramData\Symantec
2008-12-25 19:56:56 ----D---- C:\Program Files\Dofus
2008-12-25 19:53:00 ----D---- C:\Windows\Prefetch
2008-12-19 20:57:23 ----SD---- C:\Windows\Downloaded Program Files
2008-12-19 18:11:20 ----D---- C:\ProgramData\TrackMania
2008-12-19 14:39:12 ----D---- C:\Program Files\LimeWire
2008-12-19 14:38:22 ----D---- C:\ProgramData\eMule
2008-12-19 14:34:13 ----D---- C:\Windows\Minidump
2008-12-19 14:34:13 ----D---- C:\Windows\Debug
2008-12-19 08:10:41 ----D---- C:\Program Files\Steam
2008-12-19 08:09:24 ----D---- C:\Program Files\CamStudio
2008-12-18 22:09:29 ----D---- C:\Windows\winsxs
2008-12-18 22:08:59 ----D---- C:\Windows\system32\catroot
2008-12-18 19:21:42 ----D---- C:\Windows\SMINST
2008-12-18 19:16:58 ----AD---- C:\ProgramData\TEMP
2008-12-18 19:14:40 ----D---- C:\Users\Belinda\AppData\Roaming\EoRezo
2008-12-18 18:57:44 ----D---- C:\Windows\system32\Tasks
2008-12-18 18:43:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-18 18:43:27 ----D---- C:\Windows\inf
2008-12-17 15:20:00 ----RSD---- C:\Windows\assembly
2008-12-17 15:20:00 ----D---- C:\Windows\Microsoft.NET
2008-12-17 15:12:06 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-17 14:27:59 ----DC---- C:\Windows\system32\DRVSTORE
2008-12-17 14:27:59 ----D---- C:\Program Files\Windows Live
2008-12-17 14:27:36 ----D---- C:\Windows\Tasks
2008-12-17 14:27:03 ----SD---- C:\ProgramData\Microsoft
2008-12-17 14:22:10 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 14:20:47 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 14:10:47 ----D---- C:\Program Files\Common Files
2008-12-12 10:48:33 ----D---- C:\Users\Belinda\AppData\Roaming\Skype
2008-12-11 20:51:18 ----D---- C:\ProgramData\Sonic
2008-12-11 17:04:17 ----ASH---- C:\Program Files\desktop.ini
2008-12-11 17:02:54 ----D---- C:\Windows\AppPatch
2008-12-11 17:02:54 ----D---- C:\Program Files\Windows Mail
2008-12-11 17:02:53 ----D---- C:\Windows\system32\fr-FR
2008-12-11 17:02:52 ----D---- C:\Windows\system32\migration
2008-12-11 17:02:52 ----D---- C:\Program Files\Internet Explorer
2008-12-11 17:00:16 ----D---- C:\ProgramData\Microsoft Help
2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe
2008-11-29 11:12:24 ----D---- C:\Program Files\Safari

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-26 50864]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-10 2769408]
R3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\NEXON\EuropeMapleStory\npkcrypt.sys []
S3 catchme;catchme; \??\C:\Users\Belinda\AppData\Local\Temp\catchme.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 ZSMC211;ZSMC USB PC Camera (ZS0211); C:\Windows\System32\Drivers\ZS211.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-07-10 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-07-31 65536]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
S3 AlertService;Intel(R) Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-12 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ISSM;Intel(R) Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]
S3 M1 Server;Intel(R) Viiv(TM) Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-08-31 26624]
S3 MCLServiceATL;Intel(R) Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 Remote UI Service;Intel(R) Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-19 104944]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2006-11-02 22016]

-----------------EOF-----------------
26 Décembre 2008 17:43:44

re
désinstalle aussi Spybot - Search & Destroy, cet outil est plus qu'obsolète.

puis:
Voilà ce que je te propose, tu vas remplacer Avast! par Antivir, qui est gratuit aussi mais beaucoup plus efficace, tu vas faire un scan avec et poster le rapport. :) 


Désinstalle correctement Avast!


Pour le remplacer par Antivir.

-->Tuto<--


Pourquoi changer ? : Avast! vs Antivir
mais aussi:
14 antivirus au banc d'essai
Citation :
Antivir : le plus efficace des gratuits



+++++++++++++
26 Décembre 2008 19:55:31

Euh.
J'sais pas si j'fais bien de désinstallé Avast! Car j'ai entré une clé de licence ^^ donc j'ai la version payante je crois ^^'
26 Décembre 2008 19:58:59

Et j'ai désinstallé Spybot S&D, mais il est toujours dans ma barre de tâches ._.
26 Décembre 2008 20:40:17

re
Clock3011 a dit :
Et j'ai désinstallé Spybot S&D, mais il est toujours dans ma barre de tâches ._.

clic droit dessus et supprimer.

Citation :
Euh.
J'sais pas si j'fais bien de désinstallé Avast! Car j'ai entré une clé de licence ^^ donc j'ai la version payante je crois ^^'

tu sais quand même si tu l'as payé ou pas...



27 Décembre 2008 14:10:13

Salut ^^Avast! ==> J'ai la version complète et mon père m'avait filé une clé de licence ^^ il a sûrement dû l'acheter lui, mais bon, moi j'étais pas au courant.Donc je désinstalle Avast! ( version complète qui peut faire un scan de tout l'ordinateur et même SUPPRIMER POUR TOUJOURS ce qui ne va pas (les infections) ) et j'installe ton Antivir?Ou bien je garde mon Avast! ?Merci ^^
27 Décembre 2008 21:24:12

re
Si tu penses qu'Avast est un antivirus, parfait, garde-le... :o 
Sinon, tu fais ce que je te demande.
après, si tu n'as plus de soucis, on peut très bien s'arrêter ici...


28 Décembre 2008 11:51:26

J'ai décidé de désinstallé Avast! et d'installer Antivir. Maintenant s'il ne me plait pas, je réinstallerai Avast! ^^Merci :) 
28 Décembre 2008 12:37:09

J'arrive pas à désinstaller Avast... J'comprends pas =S
28 Décembre 2008 18:17:01

'Fin, j'sais pas comment démarrer Windows en "Safe Mode" c'est ça ='(
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS