Se connecter / S'enregistrer
Votre question

besoin d'aide virus infostealer-bzup. scan hijackthis

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Décembre 2008 12:55:47

bonjour, voila je suis infecté par le virus spyware.infotealer-bzup (un truc du style) et mon antivirus fsecure a jour n'arrive pas a l'enlever.
j'ai donc fai un scan hijackthis mais c apres que je sais pas quoi faire. merci de votre aide.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:31, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Program Files\\Pack Sécurité\\Common\\FSM32.EXE
C:\\WINDOWS\\ZSSnp211.exe
C:\\WINDOWS\\Domino.exe
C:\\WINDOWS\\system32\\ctfmon.exe
C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe
C:\\Program Files\\TomTom HOME 2\\HOMERunner.exe
C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
C:\\WINDOWS\\system32\\msiconf.exe
C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe
C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\lic98rmt.exe
C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLCapSvc.exe
C:\\Program Files\\CyberLink\\Shared Files\\CLML_NTService\\CLMLServer.exe
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsgk32st.exe
C:\\Program Files\\CyberLink\\Shared Files\\CLML_NTService\\CLMLService.exe
C:\\Program Files\\Pack Sécurité\\Common\\FSMA32.EXE
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\FSGK32.EXE
C:\\WINDOWS\\system32\\hasplms.exe
C:\\Program Files\\Pack Sécurité\\Common\\FSMB32.EXE
C:\\WINDOWS\\System32\\svchost.exe
C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\LogWatNT.exe
C:\\WINDOWS\\system32\\nvsvc32.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLSched.exe
C:\\Program Files\\Pack Sécurité\\Common\\FCH32.EXE
C:\\Program Files\\Pack Sécurité\\Common\\FAMEH32.EXE
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsqh.exe
C:\\Program Files\\Pack Sécurité\\FSGUI\\fsguidll.exe
C:\\Program Files\\Pack Sécurité\\FSAUA\\program\\fsaua.exe
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fssm32.exe
C:\\Program Files\\Pack Sécurité\\FWES\\Program\\fsdfwd.exe
C:\\Program Files\\Pack Sécurité\\FSAUA\\program\\fsus.exe
C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsav32.exe
C:\\Program Files\\Pack Sécurité\\FSGUI\\fsavgui.exe
C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe
C:\\Program Files\\Windows Live\\Messenger\\usnsvc.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.orange.fr
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://www.carrefour.fr/
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.ustart.org
R1 - HKCU\\Software\\Microsoft\\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = Liens
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\\Program Files\\EoRezo\\EoAdv\\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_03\\bin\\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\\Program Files\\Google\\GoogleToolbarNotifier\\3.1.807.1746\\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\\PROGRA~1\\FlashFXP\\IEFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar1.dll
O4 - HKLM\\..\\Run: [F-Secure Manager] "C:\\Program Files\\Pack Sécurité\\Common\\FSM32.EXE" /splash
O4 - HKLM\\..\\Run: [F-Secure TNB] "C:\\Program Files\\Pack Sécurité\\FSGUI\\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [QuickTime Task] "C:\\Program Files\\QuickTime\\qttask.exe" -atboottime
O4 - HKLM\\..\\Run: [ZSSnp211] C:\\WINDOWS\\ZSSnp211.exe
O4 - HKLM\\..\\Run: [Domino] C:\\WINDOWS\\Domino.exe
O4 - HKCU\\..\\Run: [NBJ] "C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe"
O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe
O4 - HKCU\\..\\Run: [WOOKIT] C:\\PROGRA~1\\Wanadoo\\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\\..\\Run: [SpybotSD TeaTimer] C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe
O4 - HKCU\\..\\Run: [TomTomHOME.exe] "C:\\Program Files\\TomTom HOME 2\\HOMERunner.exe"
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - HKCU\\..\\Run: [msiexec.exe] msiconf.exe
O4 - HKCU\\..\\RunOnce: [gi819766163] "C:\\DOCUME~1\\Anthony\\LOCALS~1\\Temp\\gi44PIO5.exe" /resume:"C:\\DOCUME~1\\Anthony\\LOCALS~1\\Temp\\2H44PI6F" /exename:"C:\\Documents and Settings\\Anthony\\Application Data\\Mozilla\\Firefox\\Profiles\\s9ma7shr.default\\extensions\\{bb628310-0ab7-11db-9cd8-0800200c9a66}\\setup.exe"
O4 - HKUS\\S-1-5-18\\..\\Run: [Nokia.PCSync] C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\\.DEFAULT\\..\\Run: [Nokia.PCSync] C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\\Program Files\\AOL Toolbar\\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Backward &Links - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\\Program Files\\Google\\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\WI1F86~1\\MESSEN~1\\MSGRAP~1.DLL
O20 - Winlogon Notify: UpdateNf - C:\\WINDOWS\\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\\Program Files\\Fichiers communs\\Autodesk Shared\\Service\\AdskScSrv.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Unknown owner - C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\lic98rmtd.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\\Program Files\\CyberLink\\PowerCinema\\Kernel\\TV\\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\\Program Files\\CyberLink\\Shared Files\\CLML_NTService\\CLMLServer.exe
O23 - Service: F-Secure BlackLight Sensor - Unknown owner - C:\\WINDOWS\\TEMP\\F-Secure\\Anti-Virus\\fsblsrv.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\Anti-Virus\\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\FSAUA\\program\\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\FWES\\Program\\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\\Program Files\\Pack Sécurité\\Common\\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\\WINDOWS\\system32\\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Fichiers communs\\InstallShield\\Driver\\1050\\Intel 32\\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\\Program Files\\CA\\SharedComponents\\CA_LIC\\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007\\Win32\\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007\\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\\Program Files\\PC Connectivity Solution\\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\\PROGRA~1\\COMMON~1\\X10\\Common\\x10nets.exe

--
End of file - 10660 bytes

Autres pages sur : besoin aide virus infostealer bzup scan hijackthis

7 Décembre 2008 13:00:46

:hello:  Bonjour,

Je vais t'aider à résoudre ton problème. Merci de suivre à la lettre mes instructions et de ne pas prendre d'initiatives personnelles. Si tu as la moindre question, je suis à ton écoute.

Merci de prendre en compte que je suis bénévole et que j'ai une vie privée : je passe au moins une fois par jour.

Si tu penses avoir été oublié, envoie-moi un MP pour me le signaler.

1) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

    2) Télécharge Gmer.

  • Dézippe-le dans un dossier dédié ou sur ton Bureau.
  • Déconnecte toi d'Internet puis ferme tous les programmes.
  • Double-clique sur Gmer.exe.
    Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet Rootkit.
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et upload-le sur mediafire.

    Uploader un fichier sur mediafire :

  • Rends-toi sur ce lien : http://www.mediafire.com/
  • Clique en haut sur "Upload files To Media fire". Choisis ensuite "I want to upload without an account"
  • Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur "ouvrir".
  • Clique ensuite sur "Upload".
  • A droite de l'écran, choisis : "upload to a new folder". Laisse le nom par défaut ( = la date )
  • Valide et laisse l'upload se faire.
  • Clique sur "Vieuw uploaded file" et copie-moi l'url ( = le lien ) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

    3) Télécharge DDS de sUBs et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil. Ne double clique qu'une seule fois dessus, sois patient !
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt, garde l'autre sous la main si jamais je te le demande. Copie/colle le rapport sur le forum. N'uploade des fichiers sur mediafire que si j'en fais la demande explicite.

    ;) 
    7 Décembre 2008 13:10:30

    -----------\\ ToolBar S&D 1.2.6 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Anthony ( Administrator )
    BOOT : Normal boot
    Antivirus : F-Secure Anti-Virus 2007 7.02 7.02 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:115 Go (Free:50 Go)
    D:\ (Local Disk) - NTFS - Total:113 Go (Free:27 Go)
    E:\ (Local Disk) - FAT32 - Total:3 Go (Free:1 Go)
    F:\ (CD or DVD)
    G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    H:\ (CD or DVD)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)
    L:\ (USB)

    "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
    Option : [1] ( 07/12/2008|13:09 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\Anthony\Cookies\anthony@mysearch[1].txt
    C:\Program Files\PlayMP3z
    C:\Program Files\PlayMP3z\uninstall.exe

    -----------\\ Extensions

    (Anthony) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
    "Search Page"="http://www.google.com"
    "Search Bar"="http://www.google.com/ie"
    "Start Page"="http://www.orange.fr"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.carrefour.fr/"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.ustart.org"
    "Default_Search_URL"="http://www.google.com/ie"


    --------------------\\ Recherche d'autres infections

    1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|13:11 - Option : [1]

    -----------\\ Fin du rapport a 13:11:22,89
    Contenus similaires
    7 Décembre 2008 13:47:57

    par contre la je suis en train d'uploader sur mediafire (c'est long mais je pense que c'est normal) mais j'ai souvent des ecrant bleu qui apparaisse et apres tout reprend comme si rien ne c'etais passer.
    7 Décembre 2008 13:57:15

    http://www.mediafire.com/?sharekey=639cae851ed4a08991b2...


    DDS (Version 1.0) - NTFSx86
    Run by Anthony at 13:56:21,73 on 07/12/2008
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.416 [GMT 1:00]

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Pack Sécurité\Common\FSM32.EXE
    C:\WINDOWS\ZSSnp211.exe
    C:\WINDOWS\Domino.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\msiconf.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
    C:\WINDOWS\system32\hasplms.exe
    C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\Pack Sécurité\Common\FCH32.EXE
    C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
    C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
    C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Anthony\Bureau\gmer\gmer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Documents and Settings\Anthony\Bureau\dds.scr

    ============== Pseudo HJT Report ===============

    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uStart Page = hxxp://www.orange.fr
    mDefault_Page_URL = hxxp://www.carrefour.fr/
    mStart Page = hxxp://www.ustart.org
    mDefault_Search_URL = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = hxxp://www.cegetel.net/
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: {64F56FC1-1272-44CD-BA6E-39723696E350} - c:\program files\eorezo\eoadv\EoRezoBHO.dll
    BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
    BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
    BHO: {E5A1691B-D188-4419-AD02-90002030B8EE} - c:\progra~1\flashfxp\IEFlash.dll
    TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    uRun: [WOOKIT] c:\progra~1\wanadoo\GestMaj.exe GestionnaireInternet.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [msiexec.exe] msiconf.exe
    uRunOnce: [gi819766163] "c:\docume~1\anthony\locals~1\temp\gi44pio5.exe" /resume:"c:\docume~1\anthony\locals~1\temp\2h44pi6f" /exename:"c:\documents and settings\anthony\application data\mozilla\firefox\profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
    mRun: [F-Secure Manager] "c:\program files\pack sécurité\common\FSM32.EXE" /splash
    mRun: [F-Secure TNB] "c:\program files\pack sécurité\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [ZSSnp211] c:\windows\ZSSnp211.exe
    mRun: [Domino] c:\windows\Domino.exe
    dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: &Recherche AOL Toolbar - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
    IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    LSP: c:\program files\pack se9,curite9,\fsps\program\FSLSP.DLL
    TCP: {90EFEA42-6472-4424-8CEF-722F7CFCFB95} = 80.10.246.130 81.253.149.10
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\fichiers communs\microsoft shared\web folders\PKMCDO.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ============= SERVICES / DRIVERS ===============

    R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-2-25 58128]
    R1 F-Secure HIPS;F-Secure HIPS;\??\c:\program files\pack sécurité\hips\fshs.sys [2008-2-25 41184]
    R2 aksfridge;aksfridge;\??\c:\windows\system32\drivers\aksfridge.sys [2008-9-20 351744]
    R2 CA_LIC_CLNT;CA License Client;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe" [2003-10-12 143360]
    R2 F-Secure Gatekeeper Handler Starter;FSGKHS;"c:\program files\pack sécurité\anti-virus\fsgk32st.exe" [2008-2-25 48072]
    R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run []
    R2 LogWatch;Event Log Watch;"c:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe" [2002-9-20 53248]
    R2 U3SHLPDR;U3SHLPDR;\??\c:\windows\system32\drivers\U3SHLPDR.SYS [2006-1-5 3445]
    R3 CardReaderFilter;Card Reader Filter;\??\c:\windows\system32\drivers\USBCRFT.SYS [2004-10-14 13440]
    R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2004-10-5 1272000]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\c:\program files\pack sécurité\anti-virus\minifilter\fsgk.sys [2008-2-25 59760]
    R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2004-10-5 24704]
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\NSDriver.sys []
    S3 CA_LIC_SRVR;CA License Server;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe" []
    S3 DCamUSBPremier;Premier USB Video Camera;c:\windows\system32\drivers\mpixvid.sys [2006-10-9 81633]
    S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-11-29 138112]
    S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-11-29 8320]
    S3 SDVC04;USB DVC Service;c:\windows\system32\drivers\SDVC04.sys [2007-3-20 42413]
    S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);c:\windows\system32\drivers\v800bus.sys [2004-8-30 52416]
    S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;c:\windows\system32\drivers\v800mdfl.sys [2004-8-30 6160]
    S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;c:\windows\system32\drivers\v800mdm.sys [2004-8-30 84544]
    S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\v800mgmt.sys [2004-8-30 77760]
    S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;c:\windows\system32\drivers\v800obex.sys [2004-8-30 75584]
    S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1;c:\windows\system32\drivers\xctrl.sys [2006-5-31 16834]
    S3 xbreader;ActionReplay XBox Driver (xbreader.sys);c:\windows\system32\drivers\xbreader.sys [2006-5-31 19677]
    S4 F-Secure Filter;F-Secure File System Filter;\??\c:\program files\pack sécurité\anti-virus\win2k\FSfilter.sys [2008-2-25 40048]
    S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\c:\program files\pack sécurité\anti-virus\win2k\FSrec.sys [2008-2-25 25456]

    =============== Created Last 30 ================

    2008-12-07 13:16 250 a------- c:\windows\gmer.ini
    2008-12-07 13:09 <DIR> --d----- C:\ToolBar SD
    2008-12-07 12:34 <DIR> --d----- c:\program files\Trend Micro
    2008-12-07 11:30 80,896 a------- c:\windows\system32\msiconf.exe
    2008-12-07 11:30 0 a------- c:\windows\system32\updatenf.dll
    2008-12-07 11:30 0 a------- c:\windows\system32\api32.dll
    2008-12-06 23:10 54,156 a---h--- c:\windows\QTFont.qfn
    2008-12-06 23:10 1,409 a------- c:\windows\QTFont.for
    2008-12-06 09:55 <DIR> --d----- c:\windows\l2schemas
    2008-12-06 09:55 <DIR> --d----- c:\windows\system32\fr
    2008-12-06 09:55 <DIR> --d----- c:\windows\system32\bits
    2008-12-06 09:44 <DIR> --d----- c:\windows\ServicePackFiles
    2008-12-06 09:33 <DIR> --d----- c:\windows\EHome
    2008-11-29 21:00 26,112 a------- c:\windows\system32\drivers\usbser.sys
    2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
    2008-11-29 20:59 14,640 -------- c:\windows\system32\spmsgXP_2k3.dll
    2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerfltj.sys
    2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerflt.sys
    2008-11-29 20:55 22,016 a------- c:\windows\system32\drivers\ccdcmbo.sys
    2008-11-29 20:55 1,112,288 a------- c:\windows\system32\wdfcoinstaller01007.dll
    2008-11-29 20:55 659,968 a------- c:\windows\system32\nmwcdcocls.dll
    2008-11-29 20:55 17,664 a------- c:\windows\system32\drivers\ccdcmb.sys
    2008-11-29 20:54 8,320 a------- c:\windows\system32\drivers\nmwcdnsuc.sys
    2008-11-29 20:54 138,112 a------- c:\windows\system32\drivers\nmwcdnsu.sys
    2008-11-29 20:51 <DIR> --d----- c:\program files\MSXML 6.0
    2008-11-23 14:47 63,442 a------- C:\RECUP2.DOC
    2008-11-23 14:47 900 a------- C:\RECUP1.DOC
    2008-11-23 11:33 44,520 a------- c:\windows\system\FA123ALG.TTF
    2008-11-23 11:33 41,796 a------- c:\windows\system\FA123GRF.TTF
    2008-11-12 12:48 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys

    ==================== Find3M ====================

    2008-12-06 16:02 470,578 a------- c:\windows\system32\perfh00C.dat
    2008-12-06 16:02 76,388 a------- c:\windows\system32\perfc00C.dat
    2008-12-06 11:36 96,384 a------- c:\windows\system32\drivers\sptd1357.sys
    2008-12-06 09:58 76,507 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
    2008-11-18 08:45 1,804 a------- c:\docume~1\anthony\applic~1\wklnhst.dat
    2008-10-24 12:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
    2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
    2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
    2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
    2008-09-15 16:26 1,846,528 a------- c:\windows\system32\win32k.sys
    2008-09-15 08:56 91,136 a------- c:\windows\system32\nmwcdcls.dll
    2008-09-10 02:15 1,307,648 a------- c:\windows\system32\msxml6.dll
    2008-04-16 20:18 93,704 a------- c:\docume~1\anthony\applic~1\GDIPFONTCACHEV1.DAT
    2007-12-27 10:27 152 a------- c:\documents and settings\anthony\brdgInst.bat
    2005-09-03 22:52 1,313 a------- c:\documents and settings\anthony\file1.exe
    2008-04-14 03:33 65,024 a--sh--- c:\windows\system32\asycfilt.dll
    2008-04-14 03:33 617,472 a--sh--- c:\windows\system32\comctl32.dll
    2008-04-14 03:33 1,028,096 a--sh--- c:\windows\system32\mfc42.dll
    2004-08-05 13:00 57,344 a--sh--- c:\windows\system32\mfc42loc.dll
    2008-04-14 03:33 413,696 a--sh--- c:\windows\system32\msvcp60.dll
    2008-04-14 03:33 343,040 a--sh--- c:\windows\system32\msvcrt.dll
    2004-08-05 13:00 253,952 a--sh--- c:\windows\system32\msvcrt20.dll
    2008-04-14 03:33 551,936 a--sh--- c:\windows\system32\oleaut32.dll
    2008-04-14 03:33 84,992 a--sh--- c:\windows\system32\olepro32.dll
    2008-04-14 03:33 30,749 a--sh--- c:\windows\system32\vbajet32.dll
    2000-04-26 13:34 368,912 a--sh--- c:\windows\system32\VBAR332.DLL

    ============= FINISH: 13:56:51,96 ===============
    7 Décembre 2008 14:57:08

    Re,

    1) Cette procédure doit être imprimée pour que tu puisses l’avoir sous les yeux quand tu seras en mode sans échec.

    Télécharge SDFix (d’Andy Manchesta)

  • Enregistre le sur ton le bureau.
  • Lance le.
  • Fais install afin qu’il puisse s’extraire.
    Fais redémarrer ton ordinateur en mode sans échec
    - Au démarrage, après le chargement du bios, appuie successivement sur la touche F8 (ou F5) de ton clavier jusqu'à l'apparition d'un menu sur fond noir. Une fois arrivé à ce stade, sélectionne à l'aide du clavier Mode sans Echec.
    -- Dans ce mode, tu n'as pas accès à Internet, et tu te retrouves avec une configuration visuelle différente (pas de fond d'écran, icônes très grosses). Ne sois donc pas étonné.
    --- C'est pour ces différentes raisons que je t'invite à imprimer, noter, ou enregistrer dans un document texte les informations suivantes afin de ne pas être perdu.
    ---- ! Ne fais pas démarrer ton ordinateur en mode sans échec via MSConfig ! Pourquoi ? Certaines infections cassent les clefs du mode sans échec, ce qui ferait crasher ton ordinateur.
  • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\
  • Double clique sur RunThis.bat (L’extension bat peut ne pas apparaître)
  • Appuie sur Y pour le lancer.
  • Il te sera demandé d'appuyer sur une touche pour redemarrer , fais le
  • Il est probable que le redémarrage soit un peu plus long que d’habitude.
  • Une fois l’apparition de ton Bureau, il affichera Finished
  • Appuie sur une touche.
  • Un rapport est généré , poste le dans ta réponse.

    Il se trouve également. dans le dossier SDFix >Report.txt<

    Note : Si SDFix ne se lance pas (ça arrive!)

    * Démarrer->Exécuter
    * Copie/colle ceci:
    Citation :
    %systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe

    * Clique sur ok, et valide.
    * Redémarre et essaye de nouveau de lancer SDFix.

    Aide : Comment faire démarrer son ordinateur en mode sans échec.

    2) Poste-moi un nouveau rapport DDS.txt.

    ;) 
    7 Décembre 2008 15:41:30


    SDFix: Version 1.240
    Run by Anthony on 07/12/2008 at 15:23

    Microsoft Windows XP [version 5.1.2600]
    Running From: C:\SDFix

    Checking Services :


    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting


    Checking Files :

    Trojan Files Found:

    C:\Program Files\PlayMP3z\uninstall.exe - Deleted
    C:\DOCUME~1\Anthony\LOCALS~1\Temp\TMP69.tmp - Deleted
    C:\Documents and Settings\All Users\Bureau\Best BDSM P0rn.url - Deleted
    C:\Documents and Settings\All Users\Bureau\Gay Fetish Sex.url - Deleted
    C:\WINDOWS\system32\msiconf.exe - Deleted



    Folder C:\Program Files\PlayMP3z - Removed


    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-07 15:34:02
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s0"=dword:a9688daa
    "s1"=dword:30b0a071
    "s2"=dword:9f5ad16c
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:75,4d,a5,f9,33,83,51,8c,e8,d4,8b,d5,c0,24,b3,16,ff,c8,94,a9,d9,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:75,4d,a5,f9,33,83,51,8c,e8,d4,8b,d5,c0,24,b3,16,ff,c8,94,a9,d9,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:75,4d,a5,f9,33,83,51,8c,e8,d4,8b,d5,c0,24,b3,16,ff,c8,94,a9,d9,..

    scanning hidden registry entries ...

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{070CEF85-8652-0D70-35C9-21C788FF0505}]
    "paodnibpkmffhoahbieooikhbdlmkgcc"=hex:6a,61,6b,61,69,6e,70,64,61,6a,65,69,61,6c,6c,64,64,69,68,6c,00,..
    "oaiephocbigdhpebcpfmnaacfnjfpc"=hex:6a,61,6b,61,69,6e,70,64,61,6a,65,69,61,6c,6c,64,64,69,68,6c,00,..
    "kaaelphfichmnbbepepkjd"=hex:62,61,6d,61,00,e4

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
    "D:\\mes documents\\Anthony\\logiciel\\jeux\\Dawn of War\\W40k.exe"="D:\\mes documents\\Anthony\\logiciel\\jeux\\Dawn of War\\W40k.exe:*:Enabled:W40K"
    "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
    "C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe"="C:\\Program Files\\Visicom Media\\FTP Expert 3\\ftpxpert3.exe:*:Enabled:AceFTP v3"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
    "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
    "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
    "C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    Remaining Files :


    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Tue 15 Nov 2005 78,104 A.SHR --- "C:\Program Files\Autodesk DWF Viewer\Setup.exe"
    Thu 24 Nov 2005 17,920 A.SHR --- "C:\Program Files\Autodesk DWF Viewer\_Setup.dll"
    Thu 24 Nov 2005 12,880 A.SHR --- "C:\Program Files\Autodesk DWF Viewer\_Setupx.dll"
    Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
    Mon 14 Apr 2008 65,024 A.SH. --- "C:\WINDOWS\system32\asycfilt.dll"
    Mon 14 Apr 2008 617,472 A.SH. --- "C:\WINDOWS\system32\comctl32.dll"
    Mon 14 Apr 2008 1,028,096 A.SH. --- "C:\WINDOWS\system32\mfc42.dll"
    Thu 5 Aug 2004 57,344 A.SH. --- "C:\WINDOWS\system32\mfc42loc.dll"
    Mon 14 Apr 2008 413,696 A.SH. --- "C:\WINDOWS\system32\msvcp60.dll"
    Mon 14 Apr 2008 343,040 A.SH. --- "C:\WINDOWS\system32\msvcrt.dll"
    Thu 5 Aug 2004 253,952 A.SH. --- "C:\WINDOWS\system32\msvcrt20.dll"
    Mon 14 Apr 2008 551,936 A.SH. --- "C:\WINDOWS\system32\oleaut32.dll"
    Mon 14 Apr 2008 84,992 A.SH. --- "C:\WINDOWS\system32\olepro32.dll"
    Mon 14 Apr 2008 30,749 A.SH. --- "C:\WINDOWS\system32\vbajet32.dll"
    Wed 26 Apr 2000 368,912 A.SH. --- "C:\WINDOWS\system32\VBAR332.DLL"
    Thu 28 Jul 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Sun 19 Oct 2008 42,264,576 ...H. --- "C:\Documents and Settings\Anthony\Bureau\~WRL3003.tmp"
    Tue 15 Nov 2005 78,104 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\Setup.exe"
    Thu 24 Nov 2005 17,920 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setup.dll"
    Thu 24 Nov 2005 12,880 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setupx.dll"
    Wed 22 Dec 2004 76,568 ..SHR --- "C:\Program Files\Autodesk1\Autodesk DWF Viewer\Setup.exe"
    Wed 22 Dec 2004 16,384 A.SHR --- "C:\Program Files\Autodesk1\Autodesk DWF Viewer\_Setup.dll"
    Thu 20 Jan 2005 11,344 A.SHR --- "C:\Program Files\Autodesk1\Autodesk DWF Viewer\_Setupx.dll"
    Fri 13 Feb 2004 36,864 A..HR --- "C:\Program Files\JoWooD\SpellForce\ar2.exe"
    Sun 7 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1191\A0279681.sys"
    Sat 13 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1192\A0279708.sys"
    Sun 14 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1200\A0280245.sys"
    Mon 22 Sep 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1223\A0282177.sys"
    Sun 19 Oct 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1229\A0282646.sys"
    Tue 28 Oct 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1251\A0284895.sys"
    Sat 22 Nov 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1257\A0285387.sys"
    Sat 29 Nov 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1258\A0286291.sys"
    Sat 29 Nov 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1264\A0291196.sys"
    Sat 6 Dec 2008 108 A..H. --- "C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP1266\A0291505.sys"
    Sat 8 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Sun 7 Dec 2008 108 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys"
    Tue 3 Apr 2007 20,480 ...H. --- "C:\Documents and Settings\Anthony\Application Data\Microsoft\Word\~WRL0368.tmp"

    Finished!


    rapport dds

    DDS (Version 1.0) - NTFSx86
    Run by Anthony at 15:43:28,46 on 07/12/2008
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.530 [GMT 1:00]

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
    C:\WINDOWS\system32\hasplms.exe
    C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\Pack Sécurité\Common\FCH32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
    C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
    C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
    C:\Program Files\Pack Sécurité\Common\FSM32.EXE
    C:\WINDOWS\ZSSnp211.exe
    C:\WINDOWS\Domino.exe
    C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Anthony\Bureau\dds.scr

    ============== Pseudo HJT Report ===============

    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uStart Page = hxxp://www.orange.fr
    mDefault_Page_URL = hxxp://www.carrefour.fr/
    mStart Page = hxxp://www.ustart.org
    mDefault_Search_URL = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = hxxp://www.cegetel.net/
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: {64F56FC1-1272-44CD-BA6E-39723696E350} - c:\program files\eorezo\eoadv\EoRezoBHO.dll
    BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
    BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
    BHO: {E5A1691B-D188-4419-AD02-90002030B8EE} - c:\progra~1\flashfxp\IEFlash.dll
    TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    uRun: [WOOKIT] c:\progra~1\wanadoo\GestMaj.exe GestionnaireInternet.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [msiexec.exe] msiconf.exe
    uRunOnce: [gi819766163] "c:\docume~1\anthony\locals~1\temp\gi44pio5.exe" /resume:"c:\docume~1\anthony\locals~1\temp\2h44pi6f" /exename:"c:\documents and settings\anthony\application data\mozilla\firefox\profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
    mRun: [F-Secure Manager] "c:\program files\pack sécurité\common\FSM32.EXE" /splash
    mRun: [F-Secure TNB] "c:\program files\pack sécurité\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [ZSSnp211] c:\windows\ZSSnp211.exe
    mRun: [Domino] c:\windows\Domino.exe
    dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: &Recherche AOL Toolbar - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
    IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    LSP: c:\program files\pack se9,curite9,\fsps\program\FSLSP.DLL
    TCP: {90EFEA42-6472-4424-8CEF-722F7CFCFB95} = 80.10.246.1 81.253.149.2
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\fichiers communs\microsoft shared\web folders\PKMCDO.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ============= SERVICES / DRIVERS ===============

    R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-2-25 58128]
    R1 F-Secure HIPS;F-Secure HIPS;\??\c:\program files\pack sécurité\hips\fshs.sys [2008-2-25 41184]
    R2 aksfridge;aksfridge;\??\c:\windows\system32\drivers\aksfridge.sys [2008-9-20 351744]
    R2 CA_LIC_CLNT;CA License Client;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe" [2003-10-12 143360]
    R2 F-Secure Gatekeeper Handler Starter;FSGKHS;"c:\program files\pack sécurité\anti-virus\fsgk32st.exe" [2008-2-25 48072]
    R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run []
    R2 LogWatch;Event Log Watch;"c:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe" [2002-9-20 53248]
    R2 U3SHLPDR;U3SHLPDR;\??\c:\windows\system32\drivers\U3SHLPDR.SYS [2006-1-5 3445]
    R3 CardReaderFilter;Card Reader Filter;\??\c:\windows\system32\drivers\USBCRFT.SYS [2004-10-14 13440]
    R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2004-10-5 1272000]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\c:\program files\pack sécurité\anti-virus\minifilter\fsgk.sys [2008-2-25 59760]
    R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [2004-10-5 24704]
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\NSDriver.sys []
    S3 CA_LIC_SRVR;CA License Server;"c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe" []
    S3 DCamUSBPremier;Premier USB Video Camera;c:\windows\system32\drivers\mpixvid.sys [2006-10-9 81633]
    S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-11-29 138112]
    S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-11-29 8320]
    S3 SDVC04;USB DVC Service;c:\windows\system32\drivers\SDVC04.sys [2007-3-20 42413]
    S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);c:\windows\system32\drivers\v800bus.sys [2004-8-30 52416]
    S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;c:\windows\system32\drivers\v800mdfl.sys [2004-8-30 6160]
    S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;c:\windows\system32\drivers\v800mdm.sys [2004-8-30 84544]
    S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\v800mgmt.sys [2004-8-30 77760]
    S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;c:\windows\system32\drivers\v800obex.sys [2004-8-30 75584]
    S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1;c:\windows\system32\drivers\xctrl.sys [2006-5-31 16834]
    S3 xbreader;ActionReplay XBox Driver (xbreader.sys);c:\windows\system32\drivers\xbreader.sys [2006-5-31 19677]
    S4 F-Secure Filter;F-Secure File System Filter;\??\c:\program files\pack sécurité\anti-virus\win2k\FSfilter.sys [2008-2-25 40048]
    S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\c:\program files\pack sécurité\anti-virus\win2k\FSrec.sys [2008-2-25 25456]

    =============== Created Last 30 ================

    2008-12-07 15:21 579,584 ac------ c:\windows\system32\dllcache\user32.dll
    2008-12-07 15:16 <DIR> --d----- c:\windows\ERUNT
    2008-12-07 15:12 <DIR> --d----- C:\SDFix
    2008-12-07 15:00 <DIR> --d----- c:\program files\Exterminate It!
    2008-12-07 13:16 250 a------- c:\windows\gmer.ini
    2008-12-07 13:09 <DIR> --d----- C:\ToolBar SD
    2008-12-07 12:34 <DIR> --d----- c:\program files\Trend Micro
    2008-12-07 11:30 0 a------- c:\windows\system32\updatenf.dll
    2008-12-07 11:30 0 a------- c:\windows\system32\api32.dll
    2008-12-06 23:10 54,156 a---h--- c:\windows\QTFont.qfn
    2008-12-06 23:10 1,409 a------- c:\windows\QTFont.for
    2008-12-06 09:55 <DIR> --d----- c:\windows\l2schemas
    2008-12-06 09:55 <DIR> --d----- c:\windows\system32\fr
    2008-12-06 09:55 <DIR> --d----- c:\windows\system32\bits
    2008-12-06 09:44 <DIR> --d----- c:\windows\ServicePackFiles
    2008-12-06 09:33 <DIR> --d----- c:\windows\EHome
    2008-11-29 21:00 26,112 a------- c:\windows\system32\drivers\usbser.sys
    2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    2008-11-29 21:00 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
    2008-11-29 20:59 14,640 -------- c:\windows\system32\spmsgXP_2k3.dll
    2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerfltj.sys
    2008-11-29 20:55 8,064 a------- c:\windows\system32\drivers\usbser_lowerflt.sys
    2008-11-29 20:55 22,016 a------- c:\windows\system32\drivers\ccdcmbo.sys
    2008-11-29 20:55 1,112,288 a------- c:\windows\system32\wdfcoinstaller01007.dll
    2008-11-29 20:55 659,968 a------- c:\windows\system32\nmwcdcocls.dll
    2008-11-29 20:55 17,664 a------- c:\windows\system32\drivers\ccdcmb.sys
    2008-11-29 20:54 8,320 a------- c:\windows\system32\drivers\nmwcdnsuc.sys
    2008-11-29 20:54 138,112 a------- c:\windows\system32\drivers\nmwcdnsu.sys
    2008-11-29 20:51 <DIR> --d----- c:\program files\MSXML 6.0
    2008-11-23 14:47 63,442 a------- C:\RECUP2.DOC
    2008-11-23 14:47 900 a------- C:\RECUP1.DOC
    2008-11-23 11:33 44,520 a------- c:\windows\system\FA123ALG.TTF
    2008-11-23 11:33 41,796 a------- c:\windows\system\FA123GRF.TTF
    2008-11-12 12:48 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys

    ==================== Find3M ====================

    2008-12-06 16:02 470,578 a------- c:\windows\system32\perfh00C.dat
    2008-12-06 16:02 76,388 a------- c:\windows\system32\perfc00C.dat
    2008-12-06 11:36 96,384 a------- c:\windows\system32\drivers\sptd1357.sys
    2008-12-06 09:58 76,507 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
    2008-11-18 08:45 1,804 a------- c:\docume~1\anthony\applic~1\wklnhst.dat
    2008-10-24 12:21 455,296 a------- c:\windows\system32\drivers\mrxsmb.sys
    2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
    2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
    2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
    2008-09-15 16:26 1,846,528 a------- c:\windows\system32\win32k.sys
    2008-09-15 08:56 91,136 a------- c:\windows\system32\nmwcdcls.dll
    2008-09-10 02:15 1,307,648 a------- c:\windows\system32\msxml6.dll
    2008-04-16 20:18 93,704 a------- c:\docume~1\anthony\applic~1\GDIPFONTCACHEV1.DAT
    2007-12-27 10:27 152 a------- c:\documents and settings\anthony\brdgInst.bat
    2005-09-03 22:52 1,313 a------- c:\documents and settings\anthony\file1.exe
    2008-04-14 03:33 65,024 a--sh--- c:\windows\system32\asycfilt.dll
    2008-04-14 03:33 617,472 a--sh--- c:\windows\system32\comctl32.dll
    2008-04-14 03:33 1,028,096 a--sh--- c:\windows\system32\mfc42.dll
    2004-08-05 13:00 57,344 a--sh--- c:\windows\system32\mfc42loc.dll
    2008-04-14 03:33 413,696 a--sh--- c:\windows\system32\msvcp60.dll
    2008-04-14 03:33 343,040 a--sh--- c:\windows\system32\msvcrt.dll
    2004-08-05 13:00 253,952 a--sh--- c:\windows\system32\msvcrt20.dll
    2008-04-14 03:33 551,936 a--sh--- c:\windows\system32\oleaut32.dll
    2008-04-14 03:33 84,992 a--sh--- c:\windows\system32\olepro32.dll
    2008-04-14 03:33 30,749 a--sh--- c:\windows\system32\vbajet32.dll
    2000-04-26 13:34 368,912 a--sh--- c:\windows\system32\VBAR332.DLL

    ============= FINISH: 15:43:56,21 ===============


    voila les deux rapports.
    7 Décembre 2008 17:07:44

    Re,

    On continue :) 

    Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    7 Décembre 2008 17:22:00

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Anthony at 2008-12-07 17:21:44
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 52 GB (44%) free of 119 GB
    Total RAM: 1023 MB (40% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:21:55, on 07/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
    C:\WINDOWS\system32\hasplms.exe
    C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\Pack Sécurité\Common\FCH32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
    C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
    C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
    C:\Program Files\Pack Sécurité\Common\FSM32.EXE
    C:\WINDOWS\ZSSnp211.exe
    C:\WINDOWS\Domino.exe
    C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\Anthony\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Anthony.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msiexec.exe] msiconf.exe
    O4 - HKCU\..\RunOnce: [gi819766163] "C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe" /resume:"C:\DOCUME~1\Anthony\LOCALS~1\Temp\2H44PI6F" /exename:"C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 81.253.149.9 80.10.246.132
    O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: UpdateNf - C:\WINDOWS\
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Unknown owner - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe (file missing)
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 10501 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Scheduled scanning task.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
    EoBho Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-16 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
    FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "F-Secure Manager"=C:\Program Files\Pack Sécurité\Common\FSM32.EXE [2007-05-28 183208]
    "F-Secure TNB"=C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe [2007-05-28 740208]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-09-29 4603904]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-31 385024]
    "ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]
    "Domino"=C:\WINDOWS\Domino.exe [2006-08-18 49152]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-07-26 1867776]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-17 68856]
    "WOOKIT"=C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe []
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
    "msiexec.exe"=msiconf.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "gi819766163"=C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe /resume:C:\DOCUME~1\Anthony\LOCALS~1\Temp\2H44PI6F /exename:C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "AllowLegacyWebView"=
    "AllowUnhashedWebView"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
    "D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe"="D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe:*:Enabled:W40K"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
    "C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

    ======List of files/folders created in the last 1 months======

    2008-12-07 17:21:44 ----D---- C:\rsit
    2008-12-07 15:33:19 ----D---- C:\Documents and Settings\Anthony\Application Data\WinRAR
    2008-12-07 15:16:21 ----D---- C:\WINDOWS\ERUNT
    2008-12-07 15:12:17 ----D---- C:\SDFix
    2008-12-07 15:00:59 ----D---- C:\Program Files\Exterminate It!
    2008-12-07 13:16:19 ----A---- C:\WINDOWS\gmer.ini
    2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.exe
    2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.dll
    2008-12-07 13:09:36 ----A---- C:\TB.txt
    2008-12-07 13:09:00 ----D---- C:\ToolBar SD
    2008-12-07 12:34:06 ----D---- C:\Program Files\Trend Micro
    2008-12-07 11:30:54 ----HD---- C:\WINDOWS\$NtUninstallKB950762-v3$
    2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\updatenf.dll
    2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\api32.dll
    2008-12-07 09:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-12-07 09:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-12-06 11:37:37 ----D---- C:\WINDOWS\Prefetch
    2008-12-06 10:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-12-06 10:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-12-06 10:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-12-06 10:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-12-06 10:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-12-06 10:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-12-06 10:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-12-06 10:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-12-06 10:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
    2008-12-06 10:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-12-06 10:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-12-06 10:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-12-06 10:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-12-06 10:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-12-06 10:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
    2008-12-06 10:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-12-06 10:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-12-06 10:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-12-06 10:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
    2008-12-06 09:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-12-06 09:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-12-06 09:55:35 ----D---- C:\WINDOWS\l2schemas
    2008-12-06 09:55:33 ----D---- C:\WINDOWS\system32\fr
    2008-12-06 09:55:28 ----D---- C:\WINDOWS\system32\bits
    2008-12-06 09:44:31 ----D---- C:\WINDOWS\ServicePackFiles
    2008-12-06 09:33:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-12-06 09:33:24 ----D---- C:\WINDOWS\EHome
    2008-11-29 20:59:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2008-11-29 20:59:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2008-11-29 20:51:08 ----D---- C:\Program Files\MSXML 6.0
    2008-11-12 20:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
    2008-11-12 20:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

    ======List of files/folders modified in the last 1 months======

    2008-12-07 17:21:48 ----D---- C:\WINDOWS\TEMP
    2008-12-07 15:42:01 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-07 15:33:57 ----RD---- C:\Program Files
    2008-12-07 15:33:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-12-07 15:29:36 ----A---- C:\WINDOWS\ModemLog_Modem standard GSM.txt
    2008-12-07 15:29:31 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt
    2008-12-07 15:27:41 ----D---- C:\WINDOWS\system32
    2008-12-07 15:21:54 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-12-07 15:21:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-12-07 15:16:21 ----D---- C:\WINDOWS
    2008-12-07 15:13:16 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-12-07 13:16:17 ----D---- C:\WINDOWS\system32\drivers
    2008-12-07 11:56:01 ----D---- C:\Program Files\LimeWire
    2008-12-07 10:45:59 ----HD---- C:\WINDOWS\inf
    2008-12-07 10:15:32 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-12-07 10:00:27 ----D---- C:\Program Files\Wanadoo
    2008-12-07 09:51:38 ----A---- C:\WINDOWS\imsins.BAK
    2008-12-07 08:42:38 ----HD---- C:\WINDOWS\$hf_mig$
    2008-12-07 08:39:15 ----SHD---- C:\Config.Msi
    2008-12-06 16:02:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-12-06 11:41:19 ----SHD---- C:\WINDOWS\Installer
    2008-12-06 11:40:04 ----D---- C:\WINDOWS\system32\CatRoot
    2008-12-06 11:38:24 ----A---- C:\WINDOWS\OEWABLog.txt
    2008-12-06 11:37:40 ----A---- C:\WINDOWS\setuplog.txt
    2008-12-06 11:37:11 ----D---- C:\WINDOWS\system32\Setup
    2008-12-06 11:37:11 ----D---- C:\WINDOWS\AppPatch
    2008-12-06 11:37:10 ----D---- C:\WINDOWS\system32\wbem
    2008-12-06 11:37:09 ----RSD---- C:\WINDOWS\Fonts
    2008-12-06 11:36:16 ----D---- C:\WINDOWS\security
    2008-12-06 09:59:58 ----D---- C:\Program Files\Messenger
    2008-12-06 09:56:25 ----D---- C:\WINDOWS\WinSxS
    2008-12-06 09:56:11 ----D---- C:\WINDOWS\network diagnostic
    2008-12-06 09:56:11 ----D---- C:\WINDOWS\ime
    2008-12-06 09:56:10 ----D---- C:\WINDOWS\Help
    2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\usmt
    2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\fr-fr
    2008-12-06 09:55:35 ----D---- C:\Program Files\Internet Explorer
    2008-12-06 09:55:28 ----D---- C:\WINDOWS\PeerNet
    2008-12-06 09:55:26 ----D---- C:\Program Files\Movie Maker
    2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\Restore
    2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\npp
    2008-12-06 09:44:21 ----D---- C:\WINDOWS\msagent
    2008-12-06 09:44:19 ----D---- C:\WINDOWS\srchasst
    2008-12-06 09:44:16 ----D---- C:\Program Files\NetMeeting
    2008-12-06 09:44:14 ----D---- C:\WINDOWS\system32\Com
    2008-12-06 09:44:11 ----D---- C:\Program Files\Windows NT
    2008-12-06 09:44:11 ----D---- C:\Program Files\Windows Media Player
    2008-12-06 09:44:10 ----D---- C:\Program Files\Outlook Express
    2008-12-06 09:44:07 ----D---- C:\Program Files\Fichiers communs\System
    2008-12-06 09:43:49 ----D---- C:\WINDOWS\system32\oobe
    2008-12-06 09:43:46 ----D---- C:\WINDOWS\system
    2008-12-06 09:39:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-11-30 13:27:54 ----D---- C:\Program Files\eMule
    2008-11-29 21:16:06 ----D---- C:\WINDOWS\Minidump
    2008-11-29 20:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
    2008-11-29 20:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2008-11-29 20:55:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-11-29 20:55:05 ----D---- C:\Program Files\Nokia
    2008-11-29 20:49:41 ----D---- C:\Program Files\Fichiers communs\Nokia
    2008-11-23 18:55:26 ----A---- C:\WINDOWS\FA123.INI
    2008-11-23 11:58:15 ----D---- C:\FA-123
    2008-11-18 18:33:59 ----D---- C:\WINDOWS\system32\FxsTmp
    2008-11-16 15:19:39 ----D---- C:\Documents and Settings\Anthony\Application Data\AdobeUM

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-25 2432]
    R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-25 2560]
    R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Pack Sécurité\HIPS\fshs.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
    R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-12-30 21275]
    R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
    R2 U3SHLPDR;U3SHLPDR; \??\C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS []
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
    R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2003-09-29 22912]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    R3 Cap7134;MEDION (7134) WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 350752]
    R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
    R3 catchme;catchme; \??\C:\DOCUME~1\Anthony\LOCALS~1\Temp\catchme.sys []
    R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-01 1272000]
    R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2003-03-28 3840]
    R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys []
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-10-14 28352]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-09-29 2744640]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
    R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 24704]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
    S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
    S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DCamUSBPremier;Premier USB Video Camera; C:\WINDOWS\System32\Drivers\mpixvid.sys [2004-06-29 81633]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-23 223128]
    S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-07 85969]
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-23 10345]
    S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
    S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 SDVC04;USB DVC Service; C:\WINDOWS\System32\Drivers\SDVC04.sys [2003-05-22 42413]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 TIEHDUSB;TIEHDUSB; C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 49536]
    S3 U2SP;USB to Serial Converter Driver(Philips); C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 23948]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM); C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 52416]
    S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 6160]
    S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 84544]
    S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 77760]
    S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 75584]
    S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1; C:\WINDOWS\System32\Drivers\xctrl.sys [2002-12-05 16834]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761]
    S3 XBCD;XBCD Kernel Module; C:\WINDOWS\System32\Drivers\xbcd.sys [2004-02-11 17700]
    S3 xbreader;ActionReplay XBox Driver (xbreader.sys); C:\WINDOWS\System32\Drivers\xbreader.sys [2001-01-02 19677]
    S3 ZSMC211;ZSMC USB PC Camera (ZS0211); C:\WINDOWS\System32\Drivers\ZS211.sys [2007-08-03 1470592]
    S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys []
    S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
    R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-12 143360]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-05-23 221281]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-05-23 110687]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-23 61440]
    R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe [2007-05-28 48072]
    R2 FSMA;FSMA; C:\Program Files\Pack Sécurité\Common\FSMA32.EXE [2007-05-28 113576]
    R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2007-03-15 535807]
    R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-09-29 127043]
    R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe [2007-05-28 457584]
    R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe [2007-05-28 453488]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-10-15 77944]
    S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe []
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 SandraDataSrv;Sandra Data Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe [2006-05-05 117288]
    S3 SandraTheSrv;Sandra Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe [2006-05-05 1120808]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

    -----------------EOF-----------------



    info.txt logfile of random's system information tool 1.04 2008-12-07 17:21:59

    ======Uninstall list======

    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
    -->"C:\Program Files\Pack Sécurité\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
    -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNNMP.exe /UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    3D Home Architect Home Design Deluxe 6-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}
    ABC (remove only)-->C:\Program Files\ABC\Uninstall.exe
    ActionReplay Xbox-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Datel\ActionReplay Xbox\Uninst.isu"
    Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Photoshop 7.0.1-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
    Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
    Adobe® Flash® Media Encoder-->MsiExec.exe /I{C6FCE47C-70E0-4480-BC2B-28DF47D4494C}
    Advanced Archive Password Recovery (remove only)-->C:\Program Files\ElcomSoft\ARCHPR\uninstall.exe
    Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
    Agere Systems PCI Soft Modem-->agrsmdel
    AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
    Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Audacity 1.2.4-->"C:\Program Files\Audacity\unins000.exe"
    AutoCAD 2006 - Français-->MsiExec.exe /I{5783F2D7-4001-040C-0002-0060B0CE6BBA}
    Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
    Azureus-->C:\Program Files\Azureus\Uninstall.exe
    Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly
    Broderbund Home Design 5.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A4D17B9E-1DE6-47FE-9AA2-A4D26AECD8AF}
    CASIO Add-in Installer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\CASIO\Add-in Installer\DeIsL2.isu" -cC:\PROGRA~1\CASIO\ADD-IN~1\_ISREG32.DLL
    CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
    CloneDVD-->"C:\Program Files\Elaborate Bytes\CloneDVD\CloneDVD-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD"
    C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    ContextTool-->C:\Program Files\ContextTool\uninstall.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Creatix V.92 Data Fax Modem-->agrsmdel
    DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
    Deer Hunter 2004 - Legendary Hunting-->"C:\Program Files\Atari\Deer Hunter 2004\unins000.exe"
    Digital Camera Driver-->C:\PROGRA~1\DIGITA~1\UNWISE.EXE C:\PROGRA~1\DIGITA~1\INSTALL.LOG
    Ecran de veille AOL Photos-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
    Elaborate Bytes Locale Editor-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Elaborate Bytes\Locale Editor\Uninst.isu"
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x40c UNINST
    EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
    EPSON Image Clip Palette-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x40c -u
    EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
    Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
    Exterminate It!-->C:\Program Files\Exterminate It!\ExterminateIt_Uninst.exe
    EZface ActiveX 207-->C:\PROGRA~1\EZFace\ActiveX\uninst.bat 207 C:\PROGRA~1\EZFace\ActiveX
    FileZilla Client 3.0.8.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
    Flash to Video Encoder-->"C:\Program Files\GeoVid\Flash to Video Encoder\unins000.exe"
    Flash100 1.31-->C:\Program Files\Flash100\uninst.exe
    FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
    F-Secure Anti-Virus 2007-->"C:\Program Files\Pack Sécurité\FSGUI\PostInstall.exe" /tUnInstall
    FTP Expert 3-->"C:\Program Files\Visicom Media\FTP Expert 3\uninst-ftp.exe"
    Fx-Interface 1.9.6-->"C:\Program Files\CASIO\Fx-Interface\unins000.exe"
    Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Google Video Player-->"C:\Program Files\Google\Google Video Player\Uninstall.exe"
    GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
    Hamachi 0.9.9.9-->C:\Program Files\Hamachi\uninstall.exe
    High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
    HijackThis 2.0.2-->"C:\Documents and Settings\Anthony\Bureau\HijackThis.exe" /uninstall
    Home Cinema-->"C:\Program Files\Uninstall_PCM.exe"
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    i-minitel ADSL-->C:\PROGRA~1\MINITE~1\UNWISE.EXE C:\PROGRA~1\MINITE~1\INSTALL.LOG
    Information sur votre PC-->MsiExec.exe /I{36D6F663-DF15-45BD-B0C6-4B909308E3B6}
    iPhoto Plus 4-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\iPhoto Plus 4\DeIsL1.isu"
    J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
    Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LimeWire PRO 4.12.3-->"C:\Program Files\LimeWire\uninstall.exe"
    Ma-Config.com plugin-->MsiExec.exe /I{6F06A42D-525C-49ED-8622-E16790956CD8}
    Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
    Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
    Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
    Macromedia HomeSite+-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}\Setup.exe"
    Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Medion Flash XL 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9 -wUninst
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Micro Application - Architecte 3D 2001-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Architecte 3D 2001\446894.isu"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Age of Empires II-->"C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office XP Professional-->MsiExec.exe /I{9211040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Picture It! Express 2001-->MsiExec.exe /I{FB10FE1A-9906-44A1-B8AB-B70B19FEAB58}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
    Multimedia Keyboard Driver Ver1.0 (KB-0108)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe"
    Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
    MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
    Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\setup.exe /uninstall
    NFS Underground-->C:\Program Files\EA GAMES\NFS Underground\EAUninstall.exe
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{CBDE9C7D-CF52-4558-B23E-B66359CB586A}
    Nokia Flashing Cable Driver-->MsiExec.exe /X{2A0A6470-FD0F-4F45-9B11-85F3167DB943}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_fre_web.exe
    Nokia PC Suite-->MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
    Nokia Software Updater-->MsiExec.exe /X{0332234E-09D1-4B74-A5F3-73E34BA29F5B}
    Nokia Video Manager-->"C:\Documents and Settings\All Users\Application Data\Installations\{B4F13167-DC71-4bda-B149-0396C63DF63B}\NokiaVideoManager_1_5_20(2).exe" /MAINTENANCE /SILENT="SGWLRPFCE" /LANG="1036" /O=";EXTUNINSTALL=1"
    Nokia Video Manager-->MsiExec.exe /I{B4F13167-DC71-4BDA-B149-0396C63DF63B}
    Non-admin TD driver Uninstallation-->C:\WINDOWS\ImationFlashManagerDriver-Setup.exe /U
    Nosferatu-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5619E54-805A-4627-8E81-5F8712E7F7E9}\Setup.exe" -l0x40c
    NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    Package de pilotes Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4\pccswpddriver.inf
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
    PANZERS - Phase1-->C:\PROGRA~1\PANZER~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\PANZER~1\UNINST~1\INSTALL.LOG
    Patch FR Messenger 8.0.0328-->C:\Program Files\MSN Messenger\Uninstal.exe
    PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
    PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    PDF Editeur 2-->C:\WINDOWS\cadkasdeinst01f.exe "C:\Program Files\PDF Editeur 2"
    PDF Editor 2-->C:\WINDOWS\cadkasdeinst01e.exe "C:\Program Files\PDF Editor 2"
    PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
    PDF-to-Word 2.5 Demo-->C:\PROGRA~1\BLUESQ~1\demos\UNWISE.EXE /U C:\PROGRA~1\BLUESQ~1\demos\pdf2word.log
    Permis de construire Expert CAD-->"C:\Program Files\Anuman Interactive\Permis de construire Expert CAD\unins000.exe"
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
    PowerCinema 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
    PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
    QuickTime-->MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
    Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe" -l0x9 -removeonly
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    RETScreen Version 4-->MsiExec.exe /I{E9021599-1E2A-4027-A1CC-40E42A08603C}
    RETScreen-->MsiExec.exe /X{FEA36347-ADBE-423F-A1B2-74A3C3BCE15E}
    Roxio PhotoSuite 5-->MsiExec.exe /I{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}
    Samsung Camcorder USB-D04 Capture Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A94AAFAF-9FBA-43F9-A79C-70AC38761811}\Setup.exe" -l0x9 customuninstall
    SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung DVC Media 6.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01DEE483-F613-4CB0-BC48-93AA2C1AD12F}\setup.exe" -l0x40c
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    SCM de BigCoincoin 1.3-->"C:\Program Files\SCM de BigCoincoin\uninstall.exe"
    Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\INSTALL.LOG
    SiSoftware Sandra Lite 2007 (Win64/32/CE)-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\unins000.exe"
    Sony Ericsson File Manager-->MsiExec.exe /X{60E5B847-2353-4AE3-829E-685937EDDC40}
    Sony Ericsson Image Editor-->MsiExec.exe /X{4FB0FB47-8F1D-4339-8BE9-39819362AE05}
    Sony Ericsson MMS Backup Manager-->MsiExec.exe /X{01587449-5BFC-4A22-B0BC-7041CA504990}
    Sony Ericsson MMS Home Studio-->MsiExec.exe /X{83E9FDFD-B4E9-4FB7-A767-8339664CDE96}
    Sony Ericsson Mobile Networking Wizard-->MsiExec.exe /X{4588138D-4194-41F9-BAD7-8CB886C9AD4F}
    Sony Ericsson Sound Editor-->MsiExec.exe /X{8DD641C2-FFEC-4AED-A339-88BACFC60C39}
    Sony Ericsson Sync Station-->MsiExec.exe /X{F2CE6BD0-54CD-4A53-BBB5-409D74B28EDD}
    Sony Ericsson Themes Creator 1.71-->C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
    Sony Ericsson Update Service-->"C:\Program Files\Sony Ericsson\Update Service\Uninstall Service de Mise à Jour Sony Ericsson.exe"
    SpellForce-->C:\PROGRA~1\JoWooD\SPELLF~1\unwise.exe C:\PROGRA~1\JoWooD\SPELLF~1\install.log
    SWF Video Converter 3.0 (build 3.0.18.56)-->"C:\Program Files\Eltima Software\SWF Video Converter\unins000.exe"
    TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
    TextBridge Classic-->"C:\PROGRA~1\TEXTBR~1\bin\setup.exe" -funinstal.ins
    TI Connect 1.5-->MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
    TI NoteFolio Creator 1.0-->C:\PROGRA~1\TIEDUC~1\TINOTE~1\UNWISE.EXE C:\PROGRA~1\TIEDUC~1\TINOTE~1\INSTALL.LOG
    TI StudyCards Creator 2.0-->C:\PROGRA~1\TIEDUC~1\TISTUD~1\UNWISE.EXE C:\PROGRA~1\TIEDUC~1\TISTUD~1\INSTALL.LOG
    TImeSpan Creator 1.0-->C:\PROGRA~1\TIEDUC~1\TIMESP~1\UNWISE.EXE C:\PROGRA~1\TIEDUC~1\TIMESP~1\INSTALL.LOG
    TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    TopStyle Lite (Version 3.0)-->C:\WINDOWS\unlite3.exe "C:\Program Files\Bradbury\TopStyle3"
    TYPSoft FTP Server-->"C:\TYPSoft FTP Server\unins000.exe"
    Ultimate ZIP Cracker Trial version-->C:\Program Files\UZC Trial\UZC.EXE /uninstall
    Update Service-->"C:\Documents and Settings\Anthony\Bureau\Uninstall Update Service\Uninstall Update Service.exe"
    Utilitaire de sauvegarde Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
    VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
    VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
    WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
    Windows Driver Package - SafeNet, Inc. (SNTNLUSB) USB (03/09/2006 7.3.0.0)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\sntnlusb_9A62A041D7FB7541888119E83EC5EB90C7FD7B01\sntnlusb.inf
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live Safety Scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Wolfenstein - Enemy Territory-->C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
    X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
    ZSMC USB PC Camera (ZS0211)-->C:\Program Files\InstallShield Installation Information\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}\setup.exe -runfromtemp -l0x040c -removeonly

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: F-Secure Anti-Virus 2007 7.02

    ======Envir
    7 Décembre 2008 19:23:39

    Re,

    1) Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), clique sur "do a system scan only", coche ces lignes ( si présentes ) :

    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKCU\..\Run: [msiexec.exe] msiconf.exe
    O4 - HKCU\..\RunOnce: [gi819766163] "C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe" /resume:"C:\DOCUME~1\Anthony\LOCALS~1\Temp\2H44PI6F" /exename:"C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked ! N.B : Il est très important de fermer toutes les applications en cours et de se déconnecter d'internet pour fixer avec hijackthis au risque d'interférer avec les résultats de la manip'.

    2) Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe
    C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    Et poste-moi [#f0000e]un nouveau rapport RSIT
    dans ta prochaine réponse.

    ;) 
    7 Décembre 2008 20:05:06

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    Unable to kill process: C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe
    Unable to kill process: C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe
    ========== COMMANDS ==========
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\AVPF61.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\AVPF62.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\nvcbin.def.93FA4FCC.TMP scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12072008_195755

    Files moved on Reboot...
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    C:\WINDOWS\temp\AVPF61.tmp moved successfully.
    C:\WINDOWS\temp\AVPF62.tmp moved successfully.
    File move failed. C:\WINDOWS\temp\nvcbin.def.93FA4FCC.TMP scheduled to be moved on reboot.



    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Anthony at 2008-12-07 20:06:35
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 55 GB (46%) free of 119 GB
    Total RAM: 1023 MB (40% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:06:46, on 07/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
    C:\WINDOWS\system32\hasplms.exe
    C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\Pack Sécurité\Common\FCH32.EXE
    C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
    C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
    C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
    C:\Program Files\Pack Sécurité\FSAUA\program\fsus.exe
    C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
    C:\Program Files\Pack Sécurité\Common\FSM32.EXE
    C:\WINDOWS\ZSSnp211.exe
    C:\WINDOWS\Domino.exe
    C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Anthony\Bureau\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Anthony.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
    O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 80.10.246.130 81.253.149.10
    O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: UpdateNf - C:\WINDOWS\
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Unknown owner - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe (file missing)
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 9990 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Scheduled scanning task.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-16 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
    FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-10-11 753664]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "F-Secure Manager"=C:\Program Files\Pack Sécurité\Common\FSM32.EXE [2007-05-28 183208]
    "F-Secure TNB"=C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe [2007-05-28 740208]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-09-29 4603904]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-31 385024]
    "ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]
    "Domino"=C:\WINDOWS\Domino.exe [2006-08-18 49152]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-07-26 1867776]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-17 68856]
    "WOOKIT"=C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe []
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\UpdateNf]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "AllowLegacyWebView"=
    "AllowUnhashedWebView"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
    "D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe"="D:\mes documents\Anthony\logiciel\jeux\Dawn of War\W40k.exe:*:Enabled:W40K"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
    "C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

    ======List of files/folders created in the last 1 months======

    2008-12-07 19:57:55 ----D---- C:\_OTMoveIt
    2008-12-07 17:21:44 ----D---- C:\rsit
    2008-12-07 15:33:19 ----D---- C:\Documents and Settings\Anthony\Application Data\WinRAR
    2008-12-07 15:16:21 ----D---- C:\WINDOWS\ERUNT
    2008-12-07 15:12:17 ----D---- C:\SDFix
    2008-12-07 15:00:59 ----D---- C:\Program Files\Exterminate It!
    2008-12-07 13:16:19 ----A---- C:\WINDOWS\gmer.ini
    2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.exe
    2008-12-07 13:16:17 ----A---- C:\WINDOWS\gmer.dll
    2008-12-07 13:09:36 ----A---- C:\TB.txt
    2008-12-07 13:09:00 ----D---- C:\ToolBar SD
    2008-12-07 12:34:06 ----D---- C:\Program Files\Trend Micro
    2008-12-07 11:30:54 ----HD---- C:\WINDOWS\$NtUninstallKB950762-v3$
    2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\updatenf.dll
    2008-12-07 11:30:53 ----A---- C:\WINDOWS\system32\api32.dll
    2008-12-07 09:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-12-07 09:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-12-06 11:37:37 ----D---- C:\WINDOWS\Prefetch
    2008-12-06 10:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-12-06 10:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-12-06 10:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-12-06 10:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-12-06 10:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-12-06 10:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-12-06 10:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-12-06 10:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-12-06 10:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
    2008-12-06 10:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-12-06 10:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-12-06 10:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-12-06 10:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-12-06 10:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-12-06 10:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
    2008-12-06 10:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-12-06 10:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-12-06 10:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-12-06 10:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
    2008-12-06 09:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-12-06 09:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-12-06 09:55:35 ----D---- C:\WINDOWS\l2schemas
    2008-12-06 09:55:33 ----D---- C:\WINDOWS\system32\fr
    2008-12-06 09:55:28 ----D---- C:\WINDOWS\system32\bits
    2008-12-06 09:44:31 ----D---- C:\WINDOWS\ServicePackFiles
    2008-12-06 09:33:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-12-06 09:33:24 ----D---- C:\WINDOWS\EHome
    2008-11-29 20:59:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2008-11-29 20:59:32 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2008-11-29 20:55:39 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2008-11-29 20:51:08 ----D---- C:\Program Files\MSXML 6.0
    2008-11-12 20:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
    2008-11-12 20:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

    ======List of files/folders modified in the last 1 months======

    2008-12-07 20:06:45 ----D---- C:\WINDOWS\TEMP
    2008-12-07 20:04:38 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-07 20:02:18 ----A---- C:\WINDOWS\ModemLog_Modem standard GSM.txt
    2008-12-07 20:02:13 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt
    2008-12-07 20:00:47 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-12-07 18:02:02 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-12-07 15:33:57 ----RD---- C:\Program Files
    2008-12-07 15:33:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-12-07 15:27:41 ----D---- C:\WINDOWS\system32
    2008-12-07 15:21:54 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-12-07 15:21:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-12-07 15:16:21 ----D---- C:\WINDOWS
    2008-12-07 13:16:17 ----D---- C:\WINDOWS\system32\drivers
    2008-12-07 11:56:01 ----D---- C:\Program Files\LimeWire
    2008-12-07 10:45:59 ----HD---- C:\WINDOWS\inf
    2008-12-07 10:00:27 ----D---- C:\Program Files\Wanadoo
    2008-12-07 09:51:38 ----A---- C:\WINDOWS\imsins.BAK
    2008-12-07 08:42:38 ----HD---- C:\WINDOWS\$hf_mig$
    2008-12-07 08:39:15 ----SHD---- C:\Config.Msi
    2008-12-06 16:02:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-12-06 11:41:19 ----SHD---- C:\WINDOWS\Installer
    2008-12-06 11:40:04 ----D---- C:\WINDOWS\system32\CatRoot
    2008-12-06 11:38:24 ----A---- C:\WINDOWS\OEWABLog.txt
    2008-12-06 11:37:40 ----A---- C:\WINDOWS\setuplog.txt
    2008-12-06 11:37:11 ----D---- C:\WINDOWS\system32\Setup
    2008-12-06 11:37:11 ----D---- C:\WINDOWS\AppPatch
    2008-12-06 11:37:10 ----D---- C:\WINDOWS\system32\wbem
    2008-12-06 11:37:09 ----RSD---- C:\WINDOWS\Fonts
    2008-12-06 11:36:16 ----D---- C:\WINDOWS\security
    2008-12-06 09:59:58 ----D---- C:\Program Files\Messenger
    2008-12-06 09:56:25 ----D---- C:\WINDOWS\WinSxS
    2008-12-06 09:56:11 ----D---- C:\WINDOWS\network diagnostic
    2008-12-06 09:56:11 ----D---- C:\WINDOWS\ime
    2008-12-06 09:56:10 ----D---- C:\WINDOWS\Help
    2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\usmt
    2008-12-06 09:55:37 ----D---- C:\WINDOWS\system32\fr-fr
    2008-12-06 09:55:35 ----D---- C:\Program Files\Internet Explorer
    2008-12-06 09:55:28 ----D---- C:\WINDOWS\PeerNet
    2008-12-06 09:55:26 ----D---- C:\Program Files\Movie Maker
    2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\Restore
    2008-12-06 09:44:23 ----D---- C:\WINDOWS\system32\npp
    2008-12-06 09:44:21 ----D---- C:\WINDOWS\msagent
    2008-12-06 09:44:19 ----D---- C:\WINDOWS\srchasst
    2008-12-06 09:44:16 ----D---- C:\Program Files\NetMeeting
    2008-12-06 09:44:14 ----D---- C:\WINDOWS\system32\Com
    2008-12-06 09:44:11 ----D---- C:\Program Files\Windows NT
    2008-12-06 09:44:11 ----D---- C:\Program Files\Windows Media Player
    2008-12-06 09:44:10 ----D---- C:\Program Files\Outlook Express
    2008-12-06 09:44:07 ----D---- C:\Program Files\Fichiers communs\System
    2008-12-06 09:43:49 ----D---- C:\WINDOWS\system32\oobe
    2008-12-06 09:43:46 ----D---- C:\WINDOWS\system
    2008-12-06 09:39:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-11-30 13:27:54 ----D---- C:\Program Files\eMule
    2008-11-29 21:16:06 ----D---- C:\WINDOWS\Minidump
    2008-11-29 20:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
    2008-11-29 20:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2008-11-29 20:55:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-11-29 20:55:05 ----D---- C:\Program Files\Nokia
    2008-11-29 20:49:41 ----D---- C:\Program Files\Fichiers communs\Nokia
    2008-11-23 18:55:26 ----A---- C:\WINDOWS\FA123.INI
    2008-11-23 11:58:15 ----D---- C:\FA-123
    2008-11-18 18:33:59 ----D---- C:\WINDOWS\system32\FxsTmp
    2008-11-16 15:19:39 ----D---- C:\Documents and Settings\Anthony\Application Data\AdobeUM

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-08-25 2432]
    R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-08-25 2560]
    R1 F-Secure HIPS;F-Secure HIPS; \??\C:\Program Files\Pack Sécurité\HIPS\fshs.sys []
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
    R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-12-30 21275]
    R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
    R2 U3SHLPDR;U3SHLPDR; \??\C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS []
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
    R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2003-09-29 22912]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    R3 Cap7134;MEDION (7134) WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 350752]
    R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
    R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-01 1272000]
    R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2003-03-28 3840]
    R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Pack Sécurité\Anti-Virus\minifilter\fsgk.sys []
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-10-14 28352]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-09-29 2744640]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
    R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 24704]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    R3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
    S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
    S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 catchme;catchme; \??\C:\DOCUME~1\Anthony\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 DCamUSBPremier;Premier USB Video Camera; C:\WINDOWS\System32\Drivers\mpixvid.sys [2004-06-29 81633]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-23 223128]
    S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-07 85969]
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-23 10345]
    S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
    S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
    S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
    S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
    S3 SDVC04;USB DVC Service; C:\WINDOWS\System32\Drivers\SDVC04.sys [2003-05-22 42413]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 TIEHDUSB;TIEHDUSB; C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 49536]
    S3 U2SP;USB to Serial Converter Driver(Philips); C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 23948]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM); C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 52416]
    S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 6160]
    S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 84544]
    S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 77760]
    S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 75584]
    S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1; C:\WINDOWS\System32\Drivers\xctrl.sys [2002-12-05 16834]
    S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761]
    S3 XBCD;XBCD Kernel Module; C:\WINDOWS\System32\Drivers\xbcd.sys [2004-02-11 17700]
    S3 xbreader;ActionReplay XBox Driver (xbreader.sys); C:\WINDOWS\System32\Drivers\xbreader.sys [2001-01-02 19677]
    S3 ZSMC211;ZSMC USB PC Camera (ZS0211); C:\WINDOWS\System32\Drivers\ZS211.sys [2007-08-03 1470592]
    S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSfilter.sys []
    S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Pack Sécurité\Anti-Virus\Win2K\FSrec.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
    R2 CA_LIC_CLNT;CA License Client; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2003-10-12 143360]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-05-23 221281]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-05-23 110687]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-23 61440]
    R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe [2007-05-28 48072]
    R2 FSMA;FSMA; C:\Program Files\Pack Sécurité\Common\FSMA32.EXE [2007-05-28 113576]
    R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2007-03-15 535807]
    R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-09-29 127043]
    R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\Pack Sécurité\FSAUA\program\fsaua.exe [2007-05-28 457584]
    R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe [2007-05-28 453488]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2006-10-15 77944]
    S3 CA_LIC_SRVR;CA License Server; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe []
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 SandraDataSrv;Sandra Data Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe [2006-05-05 117288]
    S3 SandraTheSrv;Sandra Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe [2006-05-05 1120808]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

    -----------------EOF-----------------


    voila! alors tu cherche quoi dans tou ça tu peu m'expliquer ou pas?
    7 Décembre 2008 21:10:42

    Re,

    Ton PC va mieux ou pas ?

    ;) 
    7 Décembre 2008 21:22:24

    oui sa me parrait tout bien. merci mais que regarde tu car je m'y connais un peu en informatique et j'aimerais bien comprendre pour pouvoir peut etre agir seul.
    7 Décembre 2008 21:57:25

    Re,

    On finit et je t'explique après. ;) 

    1) Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    2) ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    3) Télécharge Toolbar-S&D ([#006dff]Team IDN
  • ) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    11 Décembre 2008 13:32:46

    -----------\\ ToolBar S&D 1.2.6 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : Anthony ( Administrator )
    BOOT : Normal boot
    Antivirus : F-Secure Anti-Virus 2007 7.02 7.02 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:115 Go (Free:53 Go)
    D:\ (Local Disk) - NTFS - Total:113 Go (Free:27 Go)
    E:\ (Local Disk) - FAT32 - Total:3 Go (Free:1 Go)
    F:\ (CD or DVD)
    G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    H:\ (CD or DVD)
    I:\ (USB)
    J:\ (USB)
    K:\ (USB)
    L:\ (USB)

    "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
    Option : [1] ( 11/12/2008|13:31 )

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Anthony) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
    "Search Page"="http://www.google.com"
    "Search Bar"="http://www.google.com/ie"
    "Start Page"="http://www.orange.fr"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.carrefour.fr/"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.ustart.org"
    "Default_Search_URL"="http://www.google.com/ie"


    --------------------\\ Recherche d'autres infections



    1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|13:11 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 11/12/2008|13:32 - Option : [1]

    -----------\\ Fin du rapport a 13:32:22,96


    voila apres una analyse par malware..... il ma trouver 9 infections, j'ai suivis tes conseils pour les suprimer sa a été tout bien, plus au, il y a le rapport de toolbar-s&d. le probleme est que mon pc est toujour super lent pour ouvrir des pages internet, et que de temps en temps mon anti-virus me trouve un fichier infecter alors qu'il n'y a pas ou peu de trafic sur mon pc (juste surfer et msn). j'ai fais une analyse complete avec mon antivirus (f-secure) et il ne trouve rien d'autre.
    je pense qu'il y a encore un truc qui traine.
    merci de ton aide
    11 Décembre 2008 19:11:22

    Re,

    Où est le rapport de Kaspersky online ?

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS